Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2023/09/05 12:0 a.m.74 views

Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability

Talos Vulnerability Report TALOS-2023-1770 Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability September 5, 2023 CVE Number CVE-2023-34998 SUMMARY An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platfor...

8.1CVSS8.2AI score0.01153EPSS
Exploits0
Talos
Talos
added 2021/10/12 12:0 a.m.74 views

Microsoft Office Excel 2019/365 ConditionalFormatting code execution vulnerability

Talos Vulnerability Report TALOS-2021-1259 Microsoft Office Excel 2019/365 ConditionalFormatting code execution vulnerability October 12, 2021 CVE Number CVE-2021-40474 Details Microsoft Office is a suite of tools used for productivity in both a corporate environment as well as by end-users. It...

7.8CVSS0.6AI score0.02194EPSS
Exploits0
Talos
Talos
added 2020/11/30 12:0 a.m.74 views

Webkit WebSocket code execution vulnerability

Summary A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability...

8.8CVSS9AI score0.03266EPSS
Exploits1
Talos
Talos
added 2019/03/26 12:0 a.m.74 views

GOG Galaxy Games privileged helper denial-of-service vulnerability

Summary An exploitable local denial-of-service vulnerability exists in the privileged helper tool of GOG Galaxy’s Games, version 1.2.47 for macOS. An attacker can send malicious data to the root-listening service, causing the application to terminate and become unavailable. Tested Versions Gog...

6.2CVSS5.9AI score0.00325EPSS
Exploits0
Talos
Talos
added 2018/07/19 12:0 a.m.74 views

Foxit PDF Reader Javascript MailForm Remote Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to tri...

8.8CVSS8.5AI score0.4414EPSS
Exploits1
Talos
Talos
added 2018/03/28 12:0 a.m.74 views

Allen Bradley Micrologix 1400 Series B Ladder Logic Program Download Device Fault Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the program download functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a device fault resulting in halted operations. An attacker can send an unauthenticated packet to...

8.6CVSS6.2AI score0.05065EPSS
Exploits1
Talos
Talos
added 2023/12/05 12:0 a.m.73 views

Buildroot package hash checking data integrity vulnerabilities

Talos Vulnerability Report TALOS-2023-1844 Buildroot package hash checking data integrity vulnerabilities December 5, 2023 CVE Number CVE-2023-45841,CVE-2023-45842,CVE-2023-45838,CVE-2023-45839,CVE-2023-45840 SUMMARY Multiple data integrity vulnerabilities exist in the package hash checking...

8.1CVSS8.4AI score0.00819EPSS
Exploits5
Talos
Talos
added 2022/05/10 12:0 a.m.73 views

InHand Networks InRouter302 libnvram.so nvram_import improper input validation vulnerabilities

Summary Multiple improper input validation vulnerabilities exists in the libnvram.so nvramimport functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested...

9.9CVSS9.3AI score0.03247EPSS
Exploits1
Talos
Talos
added 2021/02/19 12:0 a.m.73 views

Sytech XL reporter installation privilege escalation vulnerability

Summary An exploitable local privilege elevation vulnerability exists in the file system permissions of Sytech XL Reporter v14.0.1 install directory. Depending on the vector chosen, an attacker can overwrite service executables and execute arbitrary code with privileges of user set to run the...

8.8CVSS8.3AI score0.00465EPSS
Exploits1
Talos
Talos
added 2020/08/31 12:0 a.m.73 views

OS4Ed openSIS install remote code execution vulnerability

Summary A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. A specially crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.4 Product URLs...

10CVSS10AI score0.06172EPSS
Exploits2
Talos
Talos
added 2020/08/31 12:0 a.m.73 views

OS4Ed openSIS GetSchool.php SQL injection Vulnerability

Summary An exploitable SQL injection vulnerability exists in the GetSchool.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.3 Produc...

8.8CVSS7.8AI score0.01803EPSS
Exploits1
Talos
Talos
added 2019/12/16 12:0 a.m.73 views

WAGO PFC200 iocheckd service "I/O-Check" external tool information exposure vulnerability

Summary An exploitable information exposure vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause an external tool to fail, resulting in uninitialized stack data to be copied to the response packet buffer. An attacker...

5.3CVSS6.1AI score0.01621EPSS
Exploits1
Talos
Talos
added 2019/12/16 12:0 a.m.73 views

WAGO PFC200 iocheckd service "I/O-Check" Erase Denial of Service Vulnerability

WAGO PFC200 iocheckd service “I/O-Check” Erase Denial of Service Vulnerability Summary An exploitable denial of service vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause a denial of service, resulting in the device...

9.4CVSS9AI score0.01655EPSS
Exploits0
Talos
Talos
added 2019/11/05 12:0 a.m.73 views

LEADTOOLS CMP-parsing code execution vulnerability

Summary An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...

8.8CVSS7.9AI score0.02038EPSS
Exploits1
Talos
Talos
added 2019/03/26 12:0 a.m.73 views

GOG Galaxy Games createFolderAtPath privilege escalation vulnerability

Summary An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy’s Games, version 1.2.47 for macOS. An attacker can globally create directories and subdirectories on the root file system, as well as change the permissions of existing directories...

7.1CVSS5.8AI score0.00278EPSS
Exploits0
Talos
Talos
added 2017/07/19 12:0 a.m.73 views

ProcessMaker Enterprise Core Multiple SQL Injection Vulnerabilities

Summary Multiple exploitable SQL Injection vulnerabilities exists in ProcessMarker Enterprise Core 3.0.1.7-community. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability,...

7.4CVSS8.1AI score0.00798EPSS
Exploits2
Talos
Talos
added 2016/02/05 12:0 a.m.73 views

Libgraphite LocaLookup Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0061 Libgraphite LocaLookup Denial of Service Vulnerability February 5, 2016 CVE Number CVE-2016-1521 Description An exploitable denial of service vulnerability exists in the font handling of Libgraphite. A specially crafted font can cause an out-of-bounds re...

8.8CVSS7.3AI score0.04065EPSS
Exploits0
Talos
Talos
added 2020/09/30 12:0 a.m.72 views

NVIDIA D3D10 Driver nvwgf2umx_cfg.dll nvwg DCL_CONSTANT_BUFFER code execution vulnerability

Summary An exploitable code execution vulnerability exists in the nvwg DCLCONSTANTBUFFER functionality of NVIDIA D3D10 Driver Version 442.50 - 26.21.14.4250. A specially crafted shader can cause remote code execution. An attacker can use this vulnerability to guest-to-host escape through Hyper-V...

7.8CVSS8AI score0.00359EPSS
Exploits0
Talos
Talos
added 2020/08/31 12:0 a.m.72 views

OS4Ed openSIS Validator.php SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exists in the Validator.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.3 Produc...

8.8CVSS7.9AI score0.01803EPSS
Exploits1
Talos
Talos
added 2020/05/21 12:0 a.m.72 views

GNU glibc ARMv7 memcpy() memory corruption vulnerability

Summary An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the ‘num’ parameter results in a signed comparison vulnerability. If an attacker...

8.1CVSS8.2AI score0.05223EPSS
Exploits0
Talos
Talos
added 2019/12/02 12:0 a.m.72 views

Accusoft ImageGear BMP code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll BMP parser of the ImageGear 19.3.0 library. A specially crafted BMP file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to...

9.8CVSS9AI score0.03203EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.72 views

Schneider Electric Modicon M580 Mismatched Firmware Image FTP Upgrade Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the FTP firmware update functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted firmware image can cause the device to enter a recoverable fault state,...

4.9CVSS5.3AI score0.00959EPSS
Exploits0
Talos
Talos
added 2018/09/07 12:0 a.m.72 views

ProtonVPN VPN client connect privilege escalation vulnerability

Summary An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system’s privileges. Tested Versions...

10CVSS8.7AI score0.02538EPSS
Exploits0
Talos
Talos
added 2018/04/13 12:0 a.m.72 views

Moxa EDR-810 Cleartext Transmission of Password Vulnerability

Summary An exploitable clear text transmission of password vulnerability exists in the web server and telnet functionality of Moxa EDR-810 V4.1 build 17030317. An attacker can look at network traffic to get the admin password for the device. The attacker can then use the credentials to login as...

8.8CVSS6.9AI score0.01049EPSS
Exploits2
Talos
Talos
added 2016/03/22 12:0 a.m.72 views

Apple OS X Gen6Accelerator IOGen575Shared::new_texture Local Privilege Escalation Vulnerability

SUMMARY A vulnerability exists in the communication functionality of the Apple Intel HD 3000 Graphics kernel driver. A specially crafted message can cause a vulnerability resulting in local privilege escalation. TESTED VERSIONS Apple OSX Intel HD 3000 Graphics driver 10.0.0 -...

9.3CVSS6.4AI score0.05457EPSS
Exploits5
Talos
Talos
added 2022/02/28 12:0 a.m.71 views

Swift Sensors Gateway device password generation authentication bypass vulnerability

Summary An authentication bypass vulnerability exists in the device password generation functionality of Swift Sensors Gateway SG3-1010. A specially-crafted network request can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Version...

10CVSS10AI score0.0581EPSS
Exploits1
Talos
Talos
added 2022/01/26 12:0 a.m.71 views

Reolink RLC-410W cgiserver.cgi cgi_check_ability improper access control vulnerabilities

Summary Multiple incorrect default permissions vulnerabilities exist in the cgiserver.cgi cgicheckability functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Teste...

7.1CVSS7AI score0.0082EPSS
Exploits2
Talos
Talos
added 2021/11/22 12:0 a.m.71 views

CloudLinux Inc Imunify360 Ai-Bolit php unserialize vulnerability

Summary A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360 5.8 and 5.9. A specially-crafted malformed file can lead to potential arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions...

8.3AI score
Exploits0
Talos
Talos
added 2021/09/23 12:0 a.m.71 views

D-LINK DIR-3040 WiFi Smart Mesh information disclosure vulnerability

Summary An information disclosure vulnerability exists in the WiFi Smart Mesh functionality of D-LINK DIR-3040 1.13B03. A specially-crafted network request can lead to command execution. An attacker can connect to the MQTT service to trigger this vulnerability. Tested Versions D-LINK DIR-3040...

8.5AI score
Exploits0
Talos
Talos
added 2020/02/24 12:0 a.m.71 views

Moxa AWK-3131A Encrypted Diagnostic Script Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An...

9.9CVSS9.9AI score0.05364EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.71 views

Moxa AWK-3131A ServiceAgent Use of Hard-coded Cryptographic Key

Summary The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13. Tested Versions Moxa AWK-3131A Firmware version 1.13 Product URLs...

7.5CVSS7.5AI score0.02304EPSS
Exploits1
Talos
Talos
added 2019/11/05 12:0 a.m.71 views

LEADTOOLS JPEG2000 j2pc Parsing Remote Code Execution Vulnerability

Summary An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this...

8.8CVSS8.2AI score0.01994EPSS
Exploits1
Talos
Talos
added 2019/07/01 12:0 a.m.71 views

Google V8 Array.prototype Memory Corruption Vulnerability

Summary A specific JavaScript code can trigger a memory corruption in V8 7.3.492.17 which could potentially be abused for remote code execution. In order to trigger this vulnerability in the context of a browser, such as Google Chrome, the victim would need to visit a malicious web page. Tested...

8.8CVSS8.7AI score0.01985EPSS
Exploits0
Talos
Talos
added 2019/04/08 12:0 a.m.71 views

Capsule Technologies SmartLinx Neuron 2 restricted environment protection mechanism failure vulnerability

Summary A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment, resulting in ful...

7.6CVSS7.3AI score0.00472EPSS
Exploits0
Talos
Talos
added 2018/06/14 12:0 a.m.71 views

Pixar Renderman IT Display Service 0x67 Command Denial of Service Vulnerability

Summary A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6. The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read by the application is not validated, and its use can lead to a null pointer...

7.5CVSS6.4AI score0.01617EPSS
Exploits1
Talos
Talos
added 2018/01/17 12:0 a.m.71 views

Tinysvcmdns Multi-label DNS mdns_parse_qn Denial Of Service Vulnerability

Summary An exploitable NULL pointer dereference vulnerability exists in the tinysvcmdns library version 2017-11-05. A specially crafted packet can make the library dereference a NULL pointer leading to server crash and denial of service. An attacker needs to send a DNS query to trigger this...

7.5CVSS7.2AI score0.02426EPSS
Exploits1
Talos
Talos
added 2016/07/18 12:0 a.m.71 views

Apple Image I/O EXR Compression Remote Code Execution Vulnerability

SUMMARY An exploitable heap based buffer overflow exists in the handling of EXR images on OS X. A crafted EXR document can lead to a heap based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved EXR file delivered by other means when opened in any...

8.8CVSS9.3AI score0.03576EPSS
Exploits2
Talos
Talos
added 2022/02/15 12:0 a.m.70 views

Texas Instruments CC3200 SimpleLink Solution HTTP Server /ping.html information disclosure vulnerability

Summary An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an uninitialized read. An attacker can send an HTTP request to trigger this vulnerability...

5.3CVSS5.4AI score0.01384EPSS
Exploits1
Talos
Talos
added 2021/01/05 12:0 a.m.70 views

Genivia gSOAP WS-Addressing plugin denial-of-service vulnerability

Summary A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Genivia gSOAP 2.8.107 Product UR...

7.5CVSS8.3AI score0.02267EPSS
Exploits1
Talos
Talos
added 2020/03/09 12:0 a.m.70 views

WAGO PFC200 Cloud Connectivity Multiple Command Injection Vulnerabilities

Summary An exploitable command injection vulnerability exists in the cloud connectivity feature of WAGO PFC200. An attacker can inject operating system commands into any of the parameter values contained in the firmware update command. Tested Versions WAGO PFC200 Firmware version 03.02.0214 WAGO...

9CVSS7.4AI score0.04614EPSS
Exploits1
Talos
Talos
added 2020/03/09 12:0 a.m.70 views

WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Memory Corruption Vulnerabilities

Summary An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted xml cache file written to a specific location on the device can cause a stack buffer overflow, resulting in a denial of service an...

7CVSS7.3AI score0.00846EPSS
Exploits1
Talos
Talos
added 2020/02/10 12:0 a.m.70 views

Accusoft ImageGear PCX uncompress_scan_line buffer size computation code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the uncompressscanline function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide ...

9.8CVSS8.9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2020/02/10 12:0 a.m.70 views

Accusoft ImageGear PCX uncompress_scan_line buffer copy operation code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the uncompressscanline function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide ...

9.8CVSS8.8AI score0.03687EPSS
Exploits1
Talos
Talos
added 2019/10/17 12:0 a.m.70 views

YouPHPTube /plugin/AD_Server/view/campaignsVideos.json.php id SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.4AI score0.01064EPSS
Exploits1
Talos
Talos
added 2019/03/26 12:0 a.m.70 views

GOG Galaxy Games directory insecure file permissions local privilege elevation vulnerability

Summary An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy’s “Games” directory. An attacker can overwrite executables of installed games to exploit this vulnerability and execute arbitrary code with elevated privileges. Tested Versions Gog...

9.3CVSS7.9AI score0.00319EPSS
Exploits0
Talos
Talos
added 2018/07/20 12:0 a.m.70 views

FocalScope XML External Entity Injection Vulnerability

Summary An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope v2416. A unauthenticated attacker could submit a specially crafted web request to FocalScope’s server that could cause an XXE, and potentially result in data compromise. Tested Versions...

9.4CVSS9.6AI score0.01235EPSS
Exploits1
Talos
Talos
added 2023/01/12 12:0 a.m.69 views

Qt Project Qt QML QtScript Javascript spreading buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1650 Qt Project Qt QML QtScript Javascript spreading buffer overflow vulnerability January 12, 2023 CVE Number CVE-2022-43591 SUMMARY A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript...

8.8CVSS8.9AI score0.01144EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.69 views

Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP format string injection vulnerabilities

Talos Vulnerability Report TALOS-2022-1581 Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP format string injection vulnerabilities October 20, 2022 CVE Number CVE-2022-35877,CVE-2022-35874,CVE-2022-35875,CVE-2022-35876 SUMMARY Four format string injection vulnerabilities exist in...

9.8CVSS9.6AI score0.00869EPSS
Exploits4
Talos
Talos
added 2021/07/26 12:0 a.m.69 views

CODESYS Development System ComponentModel Profile.FromFile() Unsafe Deserialization vulnerability

Summary An unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

8.8CVSS8AI score0.01219EPSS
Exploits0
Talos
Talos
added 2021/01/04 12:0 a.m.69 views

Win-911 Enterprise Platform privilege escalation vulnerability

Summary Multiple exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory. Depending on the vector chosen, an attacker can overwrite various executables which could lead to escalation of the privileges when...

9.3CVSS8.2AI score0.00588EPSS
Exploits2
Total number of security vulnerabilities2224