Some Dahua Ip Camera, Video Intercom, Ptz Dome Camera, Thermal Camera Devices Security Vulnerabilities
8.5AI Score
0.0004EPSS
7.3AI Score
(Pwn2Own) QNAP TS-464 Cloud Utility Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of password reset requests. The issue results from the...
7.5CVSS
7.4AI Score
0.001EPSS
(Pwn2Own) Alpine Halo9 Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...
7.4AI Score
EPSS
(Pwn2Own) QNAP TS-464 Log Upload Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of log uploads. The issue results from the lack of proper...
8.7CVSS
7AI Score
0.001EPSS
(Pwn2Own) Synology BC500 update_ntp_config Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BC500 IP cameras. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the server parameter provided to the syno-api handler....
7.5AI Score
(Pwn2Own) QNAP TS-464 TURN Server create_session Server-Side Request Forgery Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the create_session action. The issue results from the lack of...
9.9CVSS
7.1AI Score
0.001EPSS
(Pwn2Own) QNAP TS-464 username Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP TS-464 NAS devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the...
10CVSS
9.7AI Score
0.001EPSS
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of software updates. The issue results from the lack of.....
7AI Score
EPSS
(Pwn2Own) Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prh_l2_sar_data_ind function. The issue results from the lack of...
7.5AI Score
EPSS
An issue in BAS-IP AV-01D, AV-01MD, AV-01MFD, AV-01ED, AV-01KD, AV-01BD, AV-01KBD, AV-02D, AV-02IDE, AV-02IDR, AV-02IPD, AV-02FDE, AV-02FDR, AV-03D, AV-03BD, AV-04AFD, AV-04ASD, AV-04FD, AV-04SD, AV-05FD, AV-05SD, AA-07BD, AA-07BDI, BA-04BD, BA-04MD, BA-08BD, BA-08MD, BA-12BD, BA-12MD, CR-02BD...
0.0004EPSS
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPDM_wemCmdCreatSHA256Hash function. The issue results from the lack....
7.5AI Score
EPSS
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of JSON-encoded arrays. The issue results...
7.4CVSS
7.2AI Score
0.001EPSS
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the Apple CarPlay protocol. The issue results...
7.2AI Score
EPSS
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the USB host driver. A crafted USB configuration descriptor can...
7.7AI Score
EPSS
SUSE SLES15 / openSUSE 15 Security Update : containerd (SUSE-SU-2024:2108-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2108-1 advisory. Update to containerd v1.7.17. - CVE-2023-45288: Fixed the limit of CONTINUATION frames read for an HTTP/2 request...
6.9AI Score
0.0004EPSS
(Pwn2Own) Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...
7.4AI Score
EPSS
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the OCPP protocol. The issue...
8.7CVSS
7AI Score
0.002EPSS
This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of CANopenDevice objects. The....
7.5CVSS
6.5AI Score
0.001EPSS
This vulnerability allows local attackers to escalate privileges on affected installations of Phoenix Contact CHARX SEC-3100 devices. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...
7.8CVSS
7.2AI Score
0.0005EPSS
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the HomePlug Green PHY Protocol......
7.5CVSS
6.3AI Score
0.001EPSS
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Improper Access Control Firewall Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass firewall rules and access another interface on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of...
5.3CVSS
6.8AI Score
0.001EPSS
(Pwn2Own) Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability
This vulnerability allows physically present attackers to bypass signature validation mechanism on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware metadata signature validation mechanism. The....
7.4AI Score
EPSS
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TUTK P2P library. The issue results from the lack of proper...
7.5AI Score
EPSS
7.5AI Score
0.0004EPSS
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing....
7.5AI Score
EPSS
(Pwn2Own) Alpine Halo9 Missing Authentication Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DLT interface, which listens on TCP port 3490 by default. The issue...
7.1AI Score
EPSS
Sony XAV-AX5500 Insufficient Verification of Data Authenticity Remote Code Execution Vulnerability
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Sony XAV-AX5500 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of software updates. The issue results from the lack of.....
7AI Score
EPSS
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the run_action_batch endpoint of the cloud infrastructure. The issue...
7.2AI Score
EPSS
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CharxSystemConfigManager service, which listens on...
9.8CVSS
7.3AI Score
0.002EPSS
This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CharxUpdateAgent service, which listens on TCP port.....
5.3CVSS
7.1AI Score
0.001EPSS
This vulnerability allows network-adjacent attackers to injection malicious content into log files on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of logging. The...
5.3CVSS
7.2AI Score
0.001EPSS
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of JSON-encoded arrays. The issue...
5.9CVSS
6.4AI Score
0.001EPSS
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of ClientSession objects in the...
4.8CVSS
7.3AI Score
0.001EPSS
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UPDM_wemCmdUpdFSpeDecomp function. The issue results from the lack...
7.5AI Score
EPSS
(Pwn2Own) QNAP TS-464 Improper Validation Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication logic. The issue results from improper validation of the...
10CVSS
9.6AI Score
0.001EPSS
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the location parameter of the...
7.3CVSS
7.2AI Score
0.001EPSS
(Pwn2Own) Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability
This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SSIDs embedded in scanned QR codes. The issue results.....
7.5AI Score
EPSS
Linux Kernel USB/IP VHCI Driver Race Condition Privilege Escalation Vulnerability
This vulnerability allows physically present attackers to escalate privileges on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the reset event. The issue results from the lack of proper...
7.7AI Score
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Wyze Cam v3 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Realtek Wi-Fi kernel module. The issue results from the lack of...
7.4AI Score
EPSS
CVE-2024-37742: Clipboard Exploit in SEB ≤ 3.5.0 (Windows)...
7.4AI Score
0.0004EPSS
Tabletop exercises are headed to the next frontier: Space
I think we can all agree that tabletop exercises are a good thing. They allow organizations of all sizes to test their incident response plans without the potentially devastating effects of a real-world cyber attack or intrusion. As part of my role at Talos, I've read hundreds of tabletop...
9.8CVSS
8.2AI Score
0.321EPSS
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/tsens: Fix null pointer dereference compute_intercept_slope() is called from calibrate_8960() (in tsens-8960.c) as compute_intercept_slope(priv, p1, NULL, ONE_PT_CALIB) which lead to null pointer dereference (if...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: usb: xhci-plat: fix crash when suspend if remote wake enable Crashed at i.mx8qm platform when suspend if enable remote wakeup Internal error: synchronous external abort: 96000210 [#1] PREEMPT SMP Modules linked in: CPU: 2 PID: 244....
7.2AI Score
0.0004EPSS
Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs
Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been...
7.5CVSS
8.1AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it missing a check if the VF representor is on the same phys...
7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix UAF of leds class devs at unbinding The LED class devices that are created by HD-audio codec drivers are registered via devm_led_classdev_register() and associated with the HD-audio codec device. Unfortunately, it...
7.1AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between quota disable and qgroup rescan worker Quota disable ioctl starts a transaction before waiting for the qgroup rescan worker completes. However, this wait can be infinite and results in deadlock because.....
7AI Score
0.0004EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (June 10, 2024 to June 16, 2024)
_ Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? __Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the...
10CVSS
9.2AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, before executing...
7.1AI Score
0.0004EPSS