Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2022/01/10 12:0 a.m.64 views

AnyCubic Chitubox AnyCubic Plugin readDatHeadVec heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the readDatHeadVec functionality of AnyCubic Chitubox AnyCubic Plugin 1.0.0. A specially-crafted GF file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions AnyCubi...

7.8CVSS7.7AI score0.00766EPSS
Exploits1
Talos
Talos
added 2021/08/10 12:0 a.m.64 views

AT&T Labs Xmill multiple command line parsing vulnerabilities

Summary Multiple stack-based buffer overflow vulnerabilities exists in the command-line-parsing HandleFileArg functionality of AT&T Labs’ Xmill 0.7. A specially crafted command-line argument can lead to code execution. An attacker can provide malicious input to trigger these vulnerabilities. Test...

7.8CVSS8.3AI score0.00333EPSS
Exploits2
Talos
Talos
added 2020/10/29 12:0 a.m.64 views

Synology SRM lbd service Command Execution Vulnerability

Summary An exploitable command execution vulnerability exists in the lbd service functionality of Qualcomm lbd 1.1, as present in Synology SRM 1.2.3 RT2600ac 8017-5. A specially crafted debug command can overwrite arbitrary files with controllable content, resulting in remote code execution. An...

9.8CVSS10AI score0.20075EPSS
Exploits1
Talos
Talos
added 2020/07/31 12:0 a.m.64 views

Microsoft Azure Sphere mtd character device driver privilege escalation vulnerability

Summary An arbitrary flash write vulnerability exists in the mtd character device driver of Microsoft Azure Sphere 20.06. A specially crafted ioctl can bypass file permissions and allow writes to flash by unauthorized users. An attacker can issue a MEMWRITE ioctl to trigger this vulnerability...

7.2CVSS6.7AI score0.01216EPSS
Exploits1
Talos
Talos
added 2020/07/31 12:0 a.m.64 views

Microsoft Azure Sphere asynchronous ioctl denial-of-service vulnerability

Summary A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write a shellcode to trigger this vulnerability. Tested Versions Microsoft Azure...

5.5CVSS5.5AI score0.01314EPSS
Exploits1
Talos
Talos
added 2020/05/05 12:0 a.m.64 views

Accusoft ImageGear PNG store_data_buffer size computation code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the storedatabuffer function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed...

9.8CVSS8.9AI score0.03597EPSS
Exploits1
Talos
Talos
added 2020/03/23 12:0 a.m.64 views

Videolabs libmicrodns 0.1.0 mdns_recv return value denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdnsrecv, the return value of the mdnsreadheader function is not checked, leading to an uninitialized variable usage that eventually...

7.5CVSS7.4AI score0.03011EPSS
Exploits1
Talos
Talos
added 2019/11/13 12:0 a.m.64 views

Intel IGC64.DLL shader functionality DCL_INDEXABLE_TEMP denial-of-service vulnerability

Summary An exploitable memory corruption vulnerability exists in Intel’s IGC64.DLL graphics driver, versions 26.20.100.6709 and 26.20.100.6861. A specially crafted pixel shader can cause an out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this...

5.5CVSS5.7AI score0.00297EPSS
Exploits0
Talos
Talos
added 2019/06/14 12:0 a.m.64 views

KCodes NetUSB unauthenticated remote kernel arbitrary memory read vulnerability

Summary An exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functionality of at least two NETGEAR Nighthawk Routers and potentially several other vendors/products. A specially crafted index value can cause an invalid...

10CVSS9AI score0.03562EPSS
Exploits0
Talos
Talos
added 2019/02/20 12:0 a.m.64 views

McAfee GetSusp VersionInfo Parsing Denial of Service Vulnerability

Summary An exploitable Denial of Service vulnerability exists in the file scanning functionality of McAfee GetSusp 3.0.0.461. A specially crafted executable can cause an infinite loop resulting in a Denial of Service. An attacker can scan this executable to trigger this vulnerability. Tested...

6.5CVSS5.7AI score0.00816EPSS
Exploits0
Talos
Talos
added 2019/01/21 12:0 a.m.64 views

Bitdefender BOX 2 bootstrap update_setup command execution vulnerability

Summary An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method /api/updatesetup does not perform firmware signature checks atomically, leading to an exploitable race condition TOCTTOU that allows arbitrary execution o...

9.3CVSS8.2AI score0.01948EPSS
Exploits0
Talos
Talos
added 2018/07/20 12:0 a.m.64 views

Sony IPELA E Series Camera measurementBitrateExec command injection vulnerability

Summary An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to trigger this vulnerability. Tested...

9.1CVSS8.7AI score0.09617EPSS
Exploits2
Talos
Talos
added 2018/02/23 12:0 a.m.64 views

Adobe Acrobat Reader DC Document ID Remote Code Execution Vulnerability

Summary A specific Javascript script embedded in a PDF file can cause the document ID field to be used in an unbounded copy operation leading to stack-based buffer overflow when opening a specially crafted PDF document in Adobe Acrobat Reader DC 2018.009.20044. This stack overflow can lead to...

8.8CVSS9.5AI score0.16483EPSS
Exploits0
Talos
Talos
added 2017/08/30 12:0 a.m.64 views

Ledger CLI Tags Parsing Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the tag parsing functionality of Ledger-CLI 3.1.1. A specially crafted journal file can cause a integer underflow resulting in code execution. An attacker can construct a malicious journal file to trigger this vulnerability. Tested...

7.8CVSS7.8AI score0.01974EPSS
Exploits1
Talos
Talos
added 2017/03/22 12:0 a.m.64 views

National Instruments LabVIEW LvVarientUnflatten Code Execution Vulnerability

Summary An exploitable memory corruption vulnerability exists in the LvVarientUnflatten functionality of LabVIEW 2016 version 16.0.0.49152. A specially crafted VI file can cause a user controlled value to be used as a loop terminator resulting in internal heap corruption. An attacker controlled V...

7.8CVSS7.7AI score0.0294EPSS
Exploits2
Talos
Talos
added 2023/11/14 12:0 a.m.63 views

Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability

Talos Vulnerability Report TALOS-2023-1746 Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability November 14, 2023 CVE Number CVE-2023-31247 SUMMARY A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded...

9.8CVSS9.9AI score0.01672EPSS
Exploits1
Talos
Talos
added 2023/07/13 12:0 a.m.63 views

VMware vCenter DCERPC Improper calculation of authentication trailer pointer

Talos Vulnerability Report TALOS-2022-1658 VMware vCenter DCERPC Improper calculation of authentication trailer pointer July 13, 2023 CVE Number CVE-2023-20894 SUMMARY A memory corruption vulnerability exists in the DCERPC functionality of VMware vCenter Server 7.0.3.01000. A specially crafted...

9.8CVSS9.3AI score0.33945EPSS
Exploits0
Talos
Talos
added 2022/01/26 12:0 a.m.63 views

Reolink RLC-410W cgiserver.cgi session creation denial of service vulnerability

Summary A denial of service vulnerability exists in the cgiserver.cgi session creation functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to prevent users from logging in. An attacker can send an HTTP request to trigger this vulnerability. Tested...

7.8CVSS7.7AI score0.01534EPSS
Exploits1
Talos
Talos
added 2021/07/07 12:0 a.m.63 views

IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c406144 vulnerability

Summary A privilege escalation vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to increased privileges. An attacker can send a malicious IRP to trigger this vulnerability. Tested Versions...

8.8CVSS7.9AI score0.00295EPSS
Exploits1
Talos
Talos
added 2021/06/09 12:0 a.m.63 views

Komoot GmbH Komoot Friend finder information disclosure vulnerability

Talos Vulnerability Report TALOS-2021-1288 Komoot GmbH Komoot Friend finder information disclosure vulnerability June 9, 2021 CVE Number CVE-2021-21823 Summary An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A special...

7.5CVSS5.8AI score0.00895EPSS
Exploits0
Talos
Talos
added 2020/12/16 12:0 a.m.63 views

NZXT CAM WinRing0x64 Driver Privileged I/O Write IRPs Privilege Escalation Vulnerability

Summary A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause increased privileges. An attacker can send a malicious IRP to trigger this vulnerability. Tested Versions...

8.8CVSS8.7AI score0.00527EPSS
Exploits3
Talos
Talos
added 2020/11/12 12:0 a.m.63 views

Pixar OpenUSD binary file format offset seek information leak vulnerability

Summary An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used...

9.3CVSS7.2AI score0.01864EPSS
Exploits0
Talos
Talos
added 2020/09/23 12:0 a.m.63 views

Aveva eDNA Enterprise data historian DNAPoints.asmx SQL injection vulnerability

Talos Vulnerability Report TALOS-2020-1107 Aveva eDNA Enterprise data historian DNAPoints.asmx SQL injection vulnerability September 23, 2020 CVE Number CVE-2020-13502 Summary An exploitable SQL injection vulnerability exists in the DNAPoints.asmx web Service functionality of eDNA Enterprise Data...

7.5AI score
Exploits0
Talos
Talos
added 2020/03/23 12:0 a.m.63 views

Videolabs libmicrodns 0.1.0 TXT record RDATA-parsing denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send ...

7.5CVSS7.4AI score0.02396EPSS
Exploits1
Talos
Talos
added 2020/03/09 12:0 a.m.63 views

WAGO e!Cockpit network communication cleartext transmission vulnerability

Summary A cleartext transmission vulnerability exists in the network communication functionality of WAGO e!Cockpit, version 1.5.1.1. An attacker with access to network traffic can easily intercept, interpret, and manipulate data coming from, or destined for e!Cockpit. This includes passwords,...

7.5CVSS7.5AI score0.01103EPSS
Exploits0
Talos
Talos
added 2019/12/16 12:0 a.m.63 views

WAGO PFC200 iocheckd service "I/O-Check" ReadPSN remote code execution vulnerability

WAGO PFC200 iocheckd service “I/O-Check” ReadPSN remote code execution vulnerability Summary An exploitable heap buffer overflow vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause a heap buffer overflow, potentially...

9.8CVSS10AI score0.03316EPSS
Exploits1
Talos
Talos
added 2019/04/09 12:0 a.m.63 views

Adobe Acrobat Reader DC text field value remote code execution vulnerability — redux

Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC 2019.8.20071. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need t...

9.3CVSS9.4AI score0.13541EPSS
Exploits0
Talos
Talos
added 2018/12/11 12:0 a.m.63 views

Adobe Acrobat Reader DC Text Field Value Remote Code Execution Vulnerability

Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC 2019.8.20071. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need t...

9.8CVSS7.1AI score0.09744EPSS
Exploits0
Talos
Talos
added 2018/01/09 12:0 a.m.63 views

CPP-Ethereum JSON-RPC admin_addPeer Authorization Bypass Vulnerability

Summary An exploitable improper authorization vulnerability exists in adminaddPeer API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON to...

8.1CVSS6.3AI score0.01443EPSS
Exploits2
Talos
Talos
added 2017/10/19 12:0 a.m.63 views

Google PDFium TIFF Image Flate Decoder Code Execution Vulnerability

Summary An off-by-one read/write on the heap vulnerability exists in the TIFF image decoder functionality of Pdfium as used by Google Chrome up to and including 60.0.3112.101. A specially crafted PDF file can trigger an off-by-one read and write on the heap resulting in memory corruption and a...

8.8CVSS9.2AI score0.01999EPSS
Exploits1
Talos
Talos
added 2017/09/14 12:0 a.m.63 views

ansible-vault Yaml Load Code Execution Vulnerability

Summary An exploitable vulnerability exists in the yaml loading functionality of ansible-vault. A specially crafted vault can execute arbitrary python commands resulting in command execution. An attacker can insert python into the vault to trigger this vulnerability. Tested Versions ansible-vault...

7.8CVSS7.8AI score0.02967EPSS
Exploits1
Talos
Talos
added 2017/08/30 12:0 a.m.63 views

Gdk-Pixbuf JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability

Summary An exploitable heap overflow vulnerability exists in the gdkpixbufjpegimageloadincrement functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability. Tested...

8.8CVSS8.1AI score0.04599EPSS
Exploits3
Talos
Talos
added 2016/04/26 12:0 a.m.63 views

Network Time Protocol Forced Interleaved Time Spoofing Vulnerability

SUMMARY It is possible to change the time of an ntpd client or deny service to an ntpd client by forcing it to change from basic client/server mode to interleaved symmetric mode. An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-dst...

7.2CVSS6.9AI score0.03844EPSS
Exploits3
Talos
Talos
added 2023/07/06 12:0 a.m.62 views

Milesight MilesightVPN requestHandlers.js detail_device cross-site scripting (XSS) vulnerabilities

Talos Vulnerability Report TALOS-2023-1704 Milesight MilesightVPN requestHandlers.js detaildevice cross-site scripting XSS vulnerabilities July 6, 2023 CVE Number CVE-2023-24497,CVE-2023-24496 SUMMARY Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice...

4.7CVSS5.7AI score0.00572EPSS
Exploits2
Talos
Talos
added 2022/05/10 12:0 a.m.62 views

InHand Networks InRouter302 console infactory_net command injection vulnerability

Summary An OS command injection vulnerability exists in the console infactorynet functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Teste...

9.9CVSS8.8AI score0.04774EPSS
Exploits1
Talos
Talos
added 2022/01/10 12:0 a.m.62 views

Google Chrome WebRTC RTPSenderVideoFrameTransformerDelegate memory corruption vulnerability

Summary A memory corruption vulnerability exists in the WebRTC functionality of Google Chrome 92.0.4515.159 Stable and 95.0.4623.0 Canary. A specially-crafted web page can trigger this vulnerability, which can cause a heap buffer overflow and result in remote code execution. Victim would need to...

8.8CVSS8.5AI score0.01711EPSS
Exploits1
Talos
Talos
added 2020/07/31 12:0 a.m.62 views

Microsoft Azure Sphere kernel message ring buffer Information Disclosure Vulnerability

Summary An information disclosure vulnerability exists in the kernel message ring buffer functionality of Microsoft Azure Sphere 20.05. Unprivileged users can access the kernel message ring buffer, which can potentially leak sensitive information, such as kernel or userland memory addresses. An...

6.2CVSS6.3AI score0.0144EPSS
Exploits0
Talos
Talos
added 2020/03/24 12:0 a.m.62 views

Intel Raid Web Console 3 add server denial-of-service vulnerability

Summary A remote, exploitable denial-of-service vulnerability exists in the web API functionality of Intel Raid Web Console 3. A specially crafted request can lead to a null pointer dereference in the Intel Raid Web Console server. This would result in a denial of service until the user restarts...

7.5CVSS7.5AI score0.01524EPSS
Exploits0
Talos
Talos
added 2019/11/05 12:0 a.m.62 views

LEADTOOLS BMP Parsing Remote Code Execution Vulnerability

Summary An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this vulnerabilit...

8.8CVSS8.1AI score0.02038EPSS
Exploits1
Talos
Talos
added 2019/01/21 12:0 a.m.62 views

Bitdefender BOX 2 bootstrap download_image command injection vulnerability

Summary An exploitable command injection vulnerability exists in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method /api/downloadimage unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands...

10CVSS9.2AI score0.04234EPSS
Exploits1
Talos
Talos
added 2015/09/15 12:0 a.m.62 views

Microsoft Windows CDD Font Parsing Kernel Memory Corruption

Talos Vulnerability Report TALOS-2015-0007 Microsoft Windows CDD Font Parsing Kernel Memory Corruption September 15, 2015 CVE Number CVE-2015-2506 Description An exploitable kernel memory corruption vulnerability exists in Microsoft Windows. A specially crafted font file can cause the Microsoft...

9.3CVSS7.1AI score0.15881EPSS
Exploits0
Talos
Talos
added 2024/04/17 12:0 a.m.61 views

Peplink Smart Reader web interface /cgi-bin/debug_dump.cgi information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1863 Peplink Smart Reader web interface /cgi-bin/debugdump.cgi information disclosure vulnerability April 17, 2024 CVE Number CVE-2023-43491 SUMMARY An information disclosure vulnerability exists in the web interface /cgi-bin/debugdump.cgi functionality of...

9.8CVSS6.6AI score0.01485EPSS
Exploits4
Talos
Talos
added 2024/04/09 12:0 a.m.61 views

Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) web interface Radio Scheduling stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1888 Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 web interface Radio Scheduling stack-based buffer overflow vulnerability April 9, 2024 CVE Number...

8.8CVSS7.7AI score0.01919EPSS
Exploits8
Talos
Talos
added 2023/11/27 12:0 a.m.61 views

WPS Office ET Data use of uninitialized pointer vulnerability

Talos Vulnerability Report TALOS-2023-1748 WPS Office ET Data use of uninitialized pointer vulnerability November 27, 2023 CVE Number CVE-2023-31275 SUMMARY An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elements in an Excel fil...

8.8CVSS8.5AI score0.01692EPSS
Exploits0
Talos
Talos
added 2023/09/05 12:0 a.m.61 views

Open Automation Software OAS Platform OAS Engine configuration file write vulnerability

Talos Vulnerability Report TALOS-2023-1771 Open Automation Software OAS Platform OAS Engine configuration file write vulnerability September 5, 2023 CVE Number CVE-2023-32615 SUMMARY A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS...

8.1CVSS7.4AI score0.00727EPSS
Exploits0
Talos
Talos
added 2022/06/30 12:0 a.m.61 views

Robustel R1510 clish art2 command execution vulnerability

Summary A command execution vulnerability exists in the clish art2 functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions Robustel R1510 3.3.0...

9.8CVSS9.6AI score0.02776EPSS
Exploits1
Talos
Talos
added 2021/06/16 12:0 a.m.61 views

EIP Stack Group OpENer Ethernet/IP UDP handler information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read. Tested Versions EIP Stack Group OpENer 2.3 EIP Stack Group OpENe...

10CVSS9.1AI score0.01667EPSS
Exploits1
Talos
Talos
added 2020/12/16 12:0 a.m.61 views

NZXT CAM WinRing0x64 driver IRP 0x9c40a148 privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c40a148 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause an adversary to obtain elevated privileges. An attacker can send a malicious IRP to trigger this vulnerability. Tested...

8.8CVSS8.9AI score0.00527EPSS
Exploits1
Talos
Talos
added 2020/12/16 12:0 a.m.61 views

NZXT CAM WinRing0x64 driver privileged I/O read IRPs information disclosure vulnerability

Summary An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this...

6.5CVSS6.2AI score0.00509EPSS
Exploits3
Talos
Talos
added 2020/09/23 12:0 a.m.61 views

Aveva eDNA Enterprise Data Historian FavoritesService.asmx SQL injection Vulnerability

Talos Vulnerability Report TALOS-2020-1097 Aveva eDNA Enterprise Data Historian FavoritesService.asmx SQL injection Vulnerability September 23, 2020 CVE Number CVE-2020-6153 Summary An exploitable SQL injection vulnerability exists in the FavoritesService.asmx Web Service functionality of eDNA...

7.5AI score
Exploits0
Total number of security vulnerabilities2224