Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2020/05/18 12:0 a.m.69 views

Nitro Pro PDF Javascript XML error handling Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling. A specially crafted PDF document can cause uninitialized memory access resulting in information disclosure. In order to trigger this vulnerability, victim must open a...

6.5CVSS5.5AI score0.0265EPSS
Exploits1
Talos
Talos
added 2020/03/09 12:0 a.m.69 views

WAGO PFC200 Cloud Connectivity Remote Code Execution Vulnerability

Summary An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200. A specially crafted XML file will direct the Cloud Connectivity service to download and execute a shell script with root privileges. Tested Versions WAGO PFC200 Firmware versi...

9.1CVSS9.4AI score0.02508EPSS
Exploits1
Talos
Talos
added 2020/02/10 12:0 a.m.69 views

Accusoft ImageGear JPEG SOFx Code Execution Vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG SOFx parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to th...

9.8CVSS9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2020/02/10 12:0 a.m.69 views

Accusoft ImageGear BMP bmp_parsing buffer size computation code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the bmpparsing function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted BMP file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a...

9.8CVSS9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2019/09/30 12:0 a.m.69 views

Foxit PDF Reader JavaScript Array.includes remote code execution vulnerability

Summary An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 9.4.1.16828. A specially crafted PDF document can trigger an out-of-memory condition which isn’t handled properly, resulting in arbitrary code execution. An attacke...

8.8CVSS8.8AI score0.0604EPSS
Exploits1
Talos
Talos
added 2017/11/20 12:0 a.m.69 views

Tinysvcmdns Multi-label DNS Heap Overflow Vulnerability

Summary An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18. A specially crafted packet can make the library overwrite an arbitrary amount of data on the heap with attacker controlled values. An attacker needs send a dns packet to trigger this...

10CVSS8.6AI score0.01943EPSS
Exploits3
Talos
Talos
added 2017/11/13 12:0 a.m.70 views

Foscam IP Video Camera webService oray.com DDNS Client Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating...

9.3CVSS8.3AI score0.0166EPSS
Exploits2
Talos
Talos
added 2021/01/27 12:0 a.m.68 views

phpGACL template multiple cross-site scripting vulnerabilities

Summary Multiple cross-site scripting vulnerabilities exist in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability. Tested Versions phpGACL 3.3.7 OpenEMR 5.0.2...

9.6CVSS6.7AI score0.77745EPSS
Exploits3
Talos
Talos
added 2020/02/24 12:0 a.m.68 views

Moxa AWK-3131A iw_console conio_writestr Remote Code Execution Vulnerability

Summary An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send...

8.8CVSS9.2AI score0.04652EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.68 views

Moxa AWK-3131A iw_console Privilege Escalation Vulnerability

Summary An exploitable privilege escalation vulnerability exists in the iwconsole functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send...

9CVSS9AI score0.02479EPSS
Exploits4
Talos
Talos
added 2020/02/18 12:0 a.m.68 views

CoTURN HTTP Server POST-parsing denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of service. An attacker needs to send an HTTP request to trigger this vulnerability. Tested Versions...

7.5CVSS7.4AI score0.06102EPSS
Exploits1
Talos
Talos
added 2019/12/10 12:0 a.m.68 views

Adobe Acrobat Reader DC Javascript gotoNamedDest information leak vulnerability

Summary A specific JavaScript code embedded in a PDF file can lead to information leak when opening a PDF document in Adobe Acrobat Reader DC 2019.021.20048. With careful memory manipulation, this can lead to sensitive information disclose which could be abused when exploiting another vulnerabili...

10CVSS9.6AI score0.05438EPSS
Exploits0
Talos
Talos
added 2019/04/25 12:0 a.m.68 views

Sierra Wireless AirLink ES450 ACEManager ping_result.cgi Cross-Site Scripting Vulnerability

Summary An exploitable cross-site scripting vulnerability exists in the ACEManager pingresult.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on...

6.1CVSS6.6AI score0.05233EPSS
Exploits3
Talos
Talos
added 2019/04/25 12:0 a.m.68 views

Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Get_Task.cgi Information Disclosure Vulnerability

Summary An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGetTask.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause an information disclosure, resulting in the exposure of confidential information,...

8.8CVSS8.8AI score0.18647EPSS
Exploits4
Talos
Talos
added 2016/11/21 12:0 a.m.68 views

Network Time Protocol Control Mode Unauthenticated Trap Information Disclosure and DDoS Amplification Vulnerability

Summary An exploitable configuration modification vulnerability exists in the control mode mode 6 functionality of ntpd. A specially crafted control mode packet can set ntpd traps, providing information disclosure and DDoS amplification, and unset ntpd traps, preventing legitimate monitoring. A...

7AI score
Exploits0
Talos
Talos
added 2022/06/30 12:0 a.m.67 views

Robustel R1510 web_server action endpoints OS command injection vulnerabilities

Summary Multiple command injection vulnerabilities exist in the webserver action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities. Tested...

9.8CVSS10AI score0.04251EPSS
Exploits3
Talos
Talos
added 2022/03/15 12:0 a.m.67 views

Webroot Secure Anywhere IOCTL GetProcessCommand and B_03 out-of-bounds read vulnerability

Summary An out-of-bounds read vulnerability exists in the IOCTL GetProcessCommand and B03 of Webroot Secure Anywhere 21.4. A specially-crafted executable can lead to denial of service. An attacker can issue an ioctl to trigger this vulnerability. Tested Versions Webroot Secure Anywhere 21.4 Produ...

6.7AI score
Exploits0
Talos
Talos
added 2021/07/27 12:0 a.m.67 views

Foxit Reader Field OnFocus event use-after-free vulnerability

Summary A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.0.0.49893. A specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user to open t...

8.8CVSS9.1AI score0.019EPSS
Exploits1
Talos
Talos
added 2020/09/15 12:0 a.m.67 views

Nitro Pro XRefTable Entry Missing Object Code Execution Vulnerability

Talos Vulnerability Report TALOS-2020-1068 Nitro Pro XRefTable Entry Missing Object Code Execution Vulnerability September 15, 2020 CVE Number CVE-2020-6115 SUMMARY An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro...

8.8CVSS7.9AI score0.02731EPSS
Exploits1
Talos
Talos
added 2020/05/21 12:0 a.m.67 views

Epson EB-1470Ui ESPON Web Control Authentication Bypass Vulnerability

Summary An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can...

9.8CVSS9.4AI score0.02298EPSS
Exploits0
Talos
Talos
added 2019/09/09 12:0 a.m.67 views

NETGEAR N300 WNR2000v5 unauthenticated host access point daemon denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon hostapd on the NETGEAR N300 WNR2000v5 wireless router. A SOAP request sent in an invalid sequence to the service can cause a null pointer dereference, resulting in the hostapd service crashing. An...

7.5CVSS7.5AI score0.02014EPSS
Exploits1
Talos
Talos
added 2018/06/14 12:0 a.m.67 views

Pixar Renderman IT Display Service 0x69 Command Denial-of-Service Vulnerability

Summary A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6. The vulnerability is present in the parsing of a network packet without proper validation of the packet. The data read-in is not validated, and its use can lead to a null pointer dereference. The IT...

7.5CVSS6.3AI score0.01633EPSS
Exploits1
Talos
Talos
added 2018/03/01 12:0 a.m.67 views

Simple DirectMedia Layer SDL2_image do_layer_surface Double-Free Vulnerability

Summary A double-Free vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability. Tested Versions Simple DirectMedia Lay...

8.8CVSS8.3AI score0.01677EPSS
Exploits0
Talos
Talos
added 2016/10/31 12:0 a.m.67 views

Memcached Server Append/Prepend Remote Code Execution Vulnerability

Summary An integer overflow in the processbinappendprepend function which is responsible for processing multiple commands of Memcached binary protocol can be abused to cause heap overflow and lead to remote code execution. Tested Versions Memcached 1.4.31 Product URLs https://memcached.org/ CVSSv...

9.8CVSS10AI score0.23173EPSS
Exploits2
Talos
Talos
added 2025/12/17 12:0 a.m.66 views

smallstep Step-CA Certificate Signing authentication bypass vulnerability

Talos Vulnerability Report TALOS-2025-2242 smallstep Step-CA Certificate Signing authentication bypass vulnerability December 17, 2025 CVE Number CVE-2025-44005 SUMMARY An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completi...

10CVSS6.6AI score0.0326EPSS
Exploits0
Talos
Talos
added 2022/12/01 12:0 a.m.66 views

Lansweeper lansweeper AssetActions.aspx directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1528 Lansweeper lansweeper AssetActions.aspx directory traversal vulnerability December 1, 2022 CVE Number CVE-2022-32573 SUMMARY A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A...

9.9CVSS9.1AI score0.0369EPSS
Exploits1
Talos
Talos
added 2022/05/25 12:0 a.m.66 views

Open Automation Software OAS Platform REST API unauthenticated vulnerability

Summary An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this...

9.4CVSS9.3AI score0.37606EPSS
Exploits1
Talos
Talos
added 2022/01/11 12:0 a.m.66 views

Adobe Acrobat Reader Javascript event.richValue use-after-free vulnerability

Summary A use-after-free vulnerability exists in the way certain events are handled in Adobe Acrobat Reader 21.007.20091. A specially-crafted javascript code can exploit a use-after-free vulnerability which can lead to arbitrary code execution. User would need to open a malicious file to trigger...

9.3CVSS7.9AI score0.11613EPSS
Exploits0
Talos
Talos
added 2021/08/10 12:0 a.m.66 views

AT&T Labs Xmill XML decompression DecodeTreeBlock multiple heap-based buffer overflow vulnerabilities

Summary Multiple heap-based buffer overflow vulnerabilities exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. A specially crafted XMI File can lead to remote code execution. An attacker can provide a malicious file to trigger these vulnerabilities. Tested...

8.7AI score
Exploits0
Talos
Talos
added 2021/06/01 12:0 a.m.66 views

Accusoft ImageGear PDF process_fontname stack-based buffer overflow vulnerability

Summary A stack-based buffer overflow vulnerability exists in the PDF processfontname functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear...

9.8CVSS9.7AI score0.01963EPSS
Exploits1
Talos
Talos
added 2020/12/16 12:0 a.m.66 views

NZXT CAM WinRing0x64 driver IRP 0x9c406144 information disclosure vulnerability

Summary An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c406144 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability. Tested...

6.5CVSS6.4AI score0.00509EPSS
Exploits1
Talos
Talos
added 2020/02/11 12:0 a.m.66 views

Microsoft Media Foundation IMFASFSplitter::Initialize Code Execution Vulnerability

Summary An exploitable type confusion vulnerability exists in the mfasfsrcsnk.dll of Microsoft Media Foundation 10.0.18362.207. A specially crafted ASF file can cause type confusion, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the...

9.3CVSS8.7AI score0.06149EPSS
Exploits0
Talos
Talos
added 2019/08/13 12:0 a.m.66 views

Schneider Electric Modicon M580 UMAS Read System Coils and Registers Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the UMAS Read System Coils and Registers functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted UMAS command can cause the device to enter a non-recoverab...

7.8CVSS7.8AI score0.01526EPSS
Exploits0
Talos
Talos
added 2018/07/26 12:0 a.m.66 views

Samsung SmartThings Hub hubCore ZigBee firmware update CRC16 check denial-of-service vulnerability

Summary An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub. The hubCore process incorrectly handles malformed files existing in its “data” directory, leading to an infinite loop, which eventually causes...

5.5CVSS5.4AI score0.00421EPSS
Exploits2
Talos
Talos
added 2018/05/15 12:0 a.m.66 views

Adobe Acrobat Reader DC Net.Discovery.queryServices Remote Code Execution Vulnerability

Summary A specific Javascript script embedded in a PDF file can lead to a pointer to previously freed object to be reused when opening a PDF document in Adobe Acrobat Reader DC 2018.009.20044. With careful memory manipulation, this can potentially lead to sensitive memory disclosure or arbitrary...

10CVSS9.7AI score0.09178EPSS
Exploits1
Talos
Talos
added 2017/12/08 12:0 a.m.66 views

ACDSee Ultimate 10 IDE_PSD PSD Parsing Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the .PSD parsing functionality of ACDSee Ultimate 10.0.0.292. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in potential code execution. An attacker can send a specific .PSD file to trigger this...

8.8CVSS8.2AI score0.01023EPSS
Exploits0
Talos
Talos
added 2017/10/31 12:0 a.m.66 views

Cesanta Mongoose MQTT Payload Length Remote Code Execution

Summary An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT packet can cause an arbitrary out-of-bounds memory read and write potentially resulting in information disclosure, denial of service and...

9.8CVSS9.8AI score0.02395EPSS
Exploits1
Talos
Talos
added 2014/03/07 12:0 a.m.66 views

Microsoft Windows FastFAT NumberOfFATs Buffer Overflow Vulnerability

Talos Vulnerability Report VRT-2014-0301 Microsoft Windows FastFAT NumberOfFATs Buffer Overflow Vulnerability March 7, 2014 CVE Number CVE-2014-4115 Description An exploitable local privileged code execution vulnerability exists in the Microsoft Windows FastFAT system driver. The FastFAT system...

7.2CVSS6.5AI score0.02882EPSS
Exploits0
Talos
Talos
added 2024/05/01 12:0 a.m.65 views

Tinyproxy HTTP Connection Headers use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1889 Tinyproxy HTTP Connection Headers use-after-free vulnerability May 1, 2024 CVE Number CVE-2023-49606 SUMMARY A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP...

9.8CVSS10AI score0.63076EPSS
Exploits2
Talos
Talos
added 2024/02/06 12:0 a.m.65 views

TP-Link ER7206 Omada Gigabit VPN Router uhttpd web group command injection vulnerability

Talos Vulnerability Report TALOS-2023-1858 TP-Link ER7206 Omada Gigabit VPN Router uhttpd web group command injection vulnerability February 6, 2024 CVE Number CVE-2023-47617 SUMMARY A post authentication command injection vulnerability exists when configuring the web group member of Tp-Link ER72...

7.2CVSS8AI score0.03442EPSS
Exploits1
Talos
Talos
added 2020/02/03 12:0 a.m.65 views

Mini-SNMPD decode_int Information Leak Vulnerability

Talos Vulnerability Report TALOS-2019-0976 Mini-SNMPD decodeint Information Leak Vulnerability February 3, 2020 CVE Number CVE-2020-6059 Summary An exploitable out of bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request c...

6.4CVSS0.1AI score0.02567EPSS
Exploits1
Talos
Talos
added 2019/12/16 12:0 a.m.65 views

WAGO PFC200 iocheckd service "I/O-Check" ReadPCBManuNum remote code execution vulnerability

Summary An exploitable heap buffer overflow vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger...

9.8CVSS9.8AI score0.03316EPSS
Exploits1
Talos
Talos
added 2019/10/28 12:0 a.m.65 views

VMware Fusion 11 Shader Functionality Denial Of Service

Summary An exploitable denial of service vulnerability exists in VMware Fusion 11.1.0 13668589. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from a VMware...

6.5CVSS6.3AI score0.02117EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.65 views

Schneider Electric Modicon M580 UMAS cleartext data transmission vulnerability

Summary An exploitable information disclosure vulnerability exists in the UMAS functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. An attacker can sniff network traffic to exploit this vulnerability. Tested Versions Schneider Electric...

7.5CVSS7.1AI score0.01064EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.65 views

Schneider Electric Modicon M580 FTP firmware update loader service denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the FTP firmware update service function of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. A specially ordered set of FTP commands can cause the FTP loader service to enter a waiting...

4.9CVSS5.2AI score0.24374EPSS
Exploits0
Talos
Talos
added 2019/03/26 12:0 a.m.65 views

Nouveau Display Driver Remote Denial of Service

Summary A remote denial-of-service vulnerability exists in the way the Nouveau display driver the default Ubuntu Nvidia display driver handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to...

7.4CVSS6.3AI score0.01436EPSS
Exploits1
Talos
Talos
added 2017/11/13 12:0 a.m.65 views

Foscam IP Video Camera webService 3322.net DDNS Client Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. On devices with DDNS enabled, an attacker who is able to intercept HTTP connections will be able to fully compromise the device by creating...

9.3CVSS8.3AI score0.0166EPSS
Exploits2
Talos
Talos
added 2017/10/10 12:0 a.m.65 views

Simple DirectMedia Layer Create RGB Surface Code Execution Vulnerability

Summary An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provid...

8.8CVSS8.8AI score0.03072EPSS
Exploits2
Talos
Talos
added 2022/02/11 12:0 a.m.64 views

Moxa MXView Series Web Application information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. Network sniffing can lead to a disclosure of sensitive information. An attacker can sniff network traffic to exploit this vulnerability. Tested Versions Moxa MXView Series 3.2....

7.5CVSS6.2AI score0.00588EPSS
Exploits1
Talos
Talos
added 2022/01/26 12:0 a.m.64 views

Reolink RLC-410W cgiserver.cgi Upgrade API denial of service vulnerability

Summary A denial of service vulnerability exists in the cgiserver.cgi Upgrade API functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a reboot. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Reolink RLC-410W...

7.7CVSS6.6AI score0.0113EPSS
Exploits1
Total number of security vulnerabilities2224