AttackFeed by Joe Wagner | Panda3d v1.10.16 Uncontrolled Format String in Panda3D egg-mkfont Allows Stack Memory Disclosure  - Full Disclosure

Panda3d v1.10.16 Uncontrolled Format String in Panda3D egg-mkfont Allows Stack Memory Disclosure  – Full Disclosure

Posted on By Joe-W No Comments on Panda3d v1.10.16 Uncontrolled Format String in Panda3D egg-mkfont Allows Stack Memory Disclosure  – Full Disclosure
Alert Feeds

 

Posted by Ron E on Jan 05

Panda3D’s egg-mkfont utility contains an uncontrolled format string
vulnerability that allows disclosure of stack-resident memory. The -gp
(glyph pattern) command-line option allows users to specify a formatting
pattern intended for generating glyph texture filenames. This pattern is
passed directly as the format string to sprintf() without validation or
sanitization. If the supplied pattern contains additional format specifiers
beyond the…
 – Read More  – Full Disclosure 

You may also like

Alert Feeds
CyberDanube Security Research 20251215-0 | Multiple Vulnerabilities in Phoenix Contact FL Switch Series  – Full Disclosure
December 18, 2025
Alert Feeds
Stored HTML Injection – Layout Functionality – totaljsv5013  – Full Disclosure
October 28, 2025
Alert Feeds
Re: Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft  – Full Disclosure
October 7, 2025
Alert Feeds
Security Vulnerability in Koller Secret: Real Hidden App (com.koller.secret.hidemyphoto)  – Full Disclosure
January 6, 2026

Leave a Reply

AttackFeed by Joe Wagner
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.