Weaknesses of type CWE-134
134 resultsCVE-2022-3023MEDIUMUse of Externally-Controlled Format String in pingcap/tidbEPSS 0.6%CVE-2022-26392LOWFormat String vulnerabilityEPSS 0.6%CVE-2026-33210HIGHRuby JSON has a format string injection vulnerabilityEPSS 0.5%CVE-2024-50402LOWQTS, QuTS heroEPSS 0.5%CVE-2023-25492MEDIUMA valid, authenticated user may be able to trigger a denial of service of the XCC web user interface or other undefined behavior through a fEPSS 0.5%CVE-2017-7519LOWIn Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service usinEPSS 0.5%CVE-2024-39529HIGHJunos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario specific DNS traffic leads to a PFE crashEPSS 0.5%CVE-2026-6250HIGHAuthenticated Format String Injection on TP-Link Tapo C110EPSS 0.5%CVE-2024-50403LOWQTS, QuTS heroEPSS 0.5%CVE-2026-0400MEDIUMA post-authentication Format String vulnerability in SonicOS allows a remote attacker to crash a firewall.EPSS 0.4%CVE-2025-48730MEDIUMQTS, QuTS heroEPSS 0.4%CVE-2024-9129CRITICALFormat String Injection in Zend ServerEPSS 0.4%CVE-2025-52666LOWImproper neutralisation of format characters in the settings of Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an administratorEPSS 0.4%CVE-2022-1215—A format string vulnerability was found in libinputEPSS 0.4%CVE-2026-3509HIGHCODESYS Control Audit Log Format String DoSEPSS 0.4%CVE-2024-4641MEDIUMOnCell G3470A-LTE Series: Authenticated Format String ErrorsEPSS 0.3%CVE-2025-48388HIGHFreeScout Has Insufficient Protection Against CRLF-injectionEPSS 0.3%CVE-2025-53406MEDIUMQTS, QuTS heroEPSS 0.3%CVE-2021-34970LOWFoxit PDF Reader print Method Use of Externally-Controlled Format String Information Disclosure VulnerabilityEPSS 0.3%CVE-2025-52429MEDIUMQTS, QuTS heroEPSS 0.3%