CVEs classified under CWE-134, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2012-1851 — CVSS 10.0 (critical): Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2…
CVE-2012-0242 — CVSS 10.0 (critical): Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via format string…
CVE-2011-2475 — CVSS 10.0 (critical): Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in…
CVE-2011-1568 — CVSS 10.0 (critical): Format string vulnerability in the logText function in shmemmgr9.dll in IGSSdataServer.exe 9.00.00.11074, and 9.00.00.11063 and earlier, in…
CVE-2010-4235 — CVSS 10.0 (critical): Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix Mobile Server 12.x, 13.x, and 14.x…
CVE-2011-0270 — CVSS 10.0 (critical): Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to…
CVE-2010-2451 — CVSS 10.0 (critical): Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors.
CVE-2010-1039 — CVSS 10.0 (critical): Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier…
CVE-2010-1550 — CVSS 10.0 (critical): Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote…
CVE-2009-3732 — CVSS 10.0 (critical): Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute…
CVE-2009-3663 — CVSS 10.0 (critical): Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4 allows remote attackers to cause a denial of…
CVE-2008-7228 — CVSS 10.0 (critical): Multiple format string vulnerabilities in White_Dune before 0.29beta851 have unspecified impact and attack vectors, a different…
CVE-2009-2548 — CVSS 10.0 (critical): Format string vulnerability in Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows…
CVE-2009-1210 — CVSS 10.0 (critical): Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute…
CVE-2008-6520 — CVSS 10.0 (critical): Multiple format string vulnerabilities in the SSI filter in Xitami Web Server 2.5c2, and possibly other versions, allow remote attackers to…
CVE-2008-6519 — CVSS 10.0 (critical): Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions, allows remote attackers to cause a denial…
CVE-2008-5982 — CVSS 10.0 (critical): Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute arbitrary code via format string…
CVE-2008-3533 — CVSS 10.0 (critical): Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote…
CVE-2008-3116 — CVSS 10.0 (critical): Format string vulnerability in dx8render.dll in Snail Game (aka Suzhou Snail Electronic Company) 5th street (aka Hot Step or High Street 5)…
CVE-2008-0764 — CVSS 10.0 (critical): Format string vulnerability in the logging function in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier for Windows might…
CVE-2007-5561 — CVSS 10.0 (critical): Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1…
CVE-2007-1006 — CVSS 10.0 (critical): Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial…
CVE-2006-3628 — CVSS 10.0 (critical): Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and…
CVE-2006-3573 — CVSS 10.0 (critical): Format string vulnerability in the WriteText function in agl_text.cpp in Milan Mimica Sparklet 0.9.4 and earlier allows remote attackers to…
CVE-2006-1615 — CVSS 10.0 (critical): Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute…
CVE-2005-3656 — CVSS 10.0 (critical): Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication against a…
CVE-2023-53966 — CVSS 9.8 (critical): SOUND4 LinkAndShare Transmitter 1.1.2 contains a format string vulnerability that allows attackers to trigger memory stack overflows…
CVE-2025-40600 — CVSS 9.8 (critical): Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause…
CVE-2025-46121 — CVSS 9.8 (critical): An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, where the functions…
CVE-2023-5746 — CVSS 9.8 (critical): A vulnerability regarding use of externally-controlled format string is found in the cgi component. This allows remote attackers to execute…
CVE-2023-35087 — CVSS 9.8 (critical): It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by lacking validation for a…
CVE-2022-35877 — CVSS 9.8 (critical): Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit…
CVE-2022-35876 — CVSS 9.8 (critical): Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit…
CVE-2022-35875 — CVSS 9.8 (critical): Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit…
CVE-2022-35874 — CVSS 9.8 (critical): Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit…
CVE-2022-35244 — CVSS 9.8 (critical): A format string injection vulnerability exists in the XCMD getVarHA functionality of abode systems, inc. iota All-In-One Security Kit 6.9X…
CVE-2022-33938 — CVSS 9.8 (critical): A format string injection vulnerability exists in the ghome_process_control_packet functionality of Abode Systems, Inc. iota All-In-One…
CVE-2022-34747 — CVSS 9.8 (critical): A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could allow an attacker to achieve unauthorized…
CVE-2022-26674 — CVSS 9.8 (critical): ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker to write to arbitrary memory address and…
CVE-2022-27177 — CVSS 9.8 (critical): A Python format string issue leading to information disclosure and potentially remote code execution in ConsoleMe for all versions prior to…
CVE-2021-42911 — CVSS 9.8 (critical): A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5.1.3, and DrayTek Vigor 300B <= 1.5.1.3 in…
CVE-2021-41193 — CVSS 9.8 (critical): wire-avs is the audio visual signaling (AVS) component of Wire, an open-source messenger. A remote format string vulnerability in versions…
CVE-2021-36161 — CVSS 9.8 (critical): Some component in Dubbo will try to print the formated string of the input arguments, which will possibly cause RCE for a maliciously…
CVE-2021-20307 — CVSS 9.8 (critical): Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and earlier can lead to read and write arbitrary…
CVE-2020-35869 — CVSS 9.8 (critical): An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated because rusqlite::trace::log mishandles…
CVE-2020-27853 — CVSS 9.8 (critical): Wire before 2020-10-16 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a…
CVE-2020-13160 — CVSS 9.8 (critical): AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution.