Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2020/12/16 12:0 a.m.61 views

NZXT CAM WinRing0x64 driver privileged I/O read IRPs information disclosure vulnerability

Summary An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet IRP can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this...

6.5CVSS6.2AI score0.00509EPSS
Exploits3
Talos
Talos
added 2020/09/23 12:0 a.m.61 views

Aveva eDNA Enterprise Data Historian FavoritesService.asmx SQL injection Vulnerability

Talos Vulnerability Report TALOS-2020-1097 Aveva eDNA Enterprise Data Historian FavoritesService.asmx SQL injection Vulnerability September 23, 2020 CVE Number CVE-2020-6153 Summary An exploitable SQL injection vulnerability exists in the FavoritesService.asmx Web Service functionality of eDNA...

7.5AI score
Exploits0
Talos
Talos
added 2020/09/15 12:0 a.m.61 views

Nitro Pro PDF Object Stream Parsing Number of Objects Remote Code Execution Vulnerability

Summary An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will perform a calculation in order to allocate...

8.8CVSS8.3AI score0.6862EPSS
Exploits1
Talos
Talos
added 2020/05/18 12:0 a.m.61 views

Nitro PRO PDF nested pages remote code execution vulnerability

Summary An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. A specially crafted PDF document can cause a use-after-free which can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Nitro...

8.8CVSS9.3AI score0.40879EPSS
Exploits1
Talos
Talos
added 2020/03/23 12:0 a.m.61 views

Videolabs libmicrodns 0.1.0 resource record recursive label uncompression denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the compression pointer is followed without checking for recursion, leading to a denial of service. An attack...

7.5CVSS7.4AI score0.02396EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.61 views

Moxa AWK-3131A WAP Hostname Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An...

9CVSS7.6AI score0.06892EPSS
Exploits1
Talos
Talos
added 2019/12/16 12:0 a.m.61 views

WAGO PFC200 iocheckd service "I/O-Check" BC_ProductLabel remote code execution vulnerability

Summary An exploitable stack buffer overflow vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause a stack buffer overflow, resulting in code execution. An attacker can send unauthenticated packets to trigger this...

10CVSS9.9AI score0.0328EPSS
Exploits0
Talos
Talos
added 2019/12/02 12:0 a.m.61 views

EmbedThis GoAhead web server code execution vulnerability

Summary An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to a use-after-free condition during the processing of thi...

9.8CVSS10AI score0.66982EPSS
Exploits2
Talos
Talos
added 2019/12/02 12:0 a.m.61 views

Accusoft ImageGear GEM Raster Code Execution Vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll GEM Raster parser of the Accusoft ImageGear 19.3.0 library. A specially crafted GEM file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to th...

9.8CVSS9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2019/11/13 12:0 a.m.61 views

Exhibitor UI command injection vulnerability

Summary An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $ can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKeeper. An...

10CVSS10AI score0.5715EPSS
Exploits2
Talos
Talos
added 2019/08/13 12:0 a.m.61 views

Schneider Electric Modicon M580 UMAS read strategy denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the UMAS read strategy functionality of the Schneider Electric Modicon M580 programmable automation controller, firmware version SV2.70. A specially crafted set of UMAS commands can cause the device to enter a non-recoverable fault...

7.8CVSS7.7AI score0.01757EPSS
Exploits0
Talos
Talos
added 2018/01/11 12:0 a.m.61 views

Blender Directory Browsing Thumbnail Viewer Integer Overflow Code Execution Vulnerability

Summary An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...

7.8CVSS7.6AI score0.01799EPSS
Exploits1
Talos
Talos
added 2016/11/21 12:0 a.m.61 views

Network Time Protocol Broadcast Mode Poll Interval Enforcement Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the broadcast mode poll interval enforcement functionality of ntpd. To limit abuse, ntpd restricts the rate at which each broadcast association will process incoming packets. ntpd will reject broadcast mode packets that arrive befor...

6.5CVSS6.8AI score0.03334EPSS
Exploits2
Talos
Talos
added 2024/07/08 12:0 a.m.60 views

Realtek rtl819x Jungle SDK boa set_RadvdInterfaceParam stack-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1893 Realtek rtl819x Jungle SDK boa setRadvdInterfaceParam stack-based buffer overflow vulnerabilities July 8, 2024 CVE Number CVE-2023-50239,CVE-2023-50240 SUMMARY Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam...

7.2CVSS8AI score0.01413EPSS
Exploits2
Talos
Talos
added 2023/07/06 12:0 a.m.60 views

Milesight UR32L zebra vlan_name OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2023-1723 Milesight UR32L zebra vlanname OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-25582,CVE-2023-25583 SUMMARY Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially...

7.2CVSS7.6AI score0.03543EPSS
Exploits2
Talos
Talos
added 2023/01/26 12:0 a.m.60 views

Siretta QUARTZ-GOLD httpd shell.cgi leftover debug code vulnerability

Talos Vulnerability Report TALOS-2022-1610 Siretta QUARTZ-GOLD httpd shell.cgi leftover debug code vulnerability January 26, 2023 CVE Number CVE-2022-38715 SUMMARY A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A...

8.8CVSS8.2AI score0.03701EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.60 views

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect format string injection vulnerabilities

Talos Vulnerability Report TALOS-2022-1585 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect format string injection vulnerabilities October 20, 2022 CVE Number CVE-2022-35885,CVE-2022-35886,CVE-2022-35884,CVE-2022-35887 SUMMARY Four format string injection...

8.8CVSS8.8AI score0.01252EPSS
Exploits4
Talos
Talos
added 2022/08/16 12:0 a.m.60 views

WWBN AVideo footer alerts cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2022-1538 WWBN AVideo footer alerts cross-site scripting XSS vulnerability August 16, 2022 CVE Number CVE-2022-32770,CVE-2022-32772,CVE-2022-32771 SUMMARY A cross-site scripting xss vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and de...

9.6CVSS6.2AI score0.03355EPSS
Exploits0
Talos
Talos
added 2022/05/10 12:0 a.m.60 views

InHand Networks InRouter302 daretools binary OS command injection vulnerability

Summary An OS command injection vulnerability exists in the daretools binary functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions...

9.9CVSS9.1AI score0.08477EPSS
Exploits1
Talos
Talos
added 2021/12/20 12:0 a.m.60 views

Garrett Metal Detectors iC Module CMA CLI readfile stack-based buffer overflow vulnerabilities

Summary Two stack-based buffer overflow vulnerabilities exist in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. Convincing the system to call readfile on a specially-crafted file can lead to stack-based buffer overflows. An attacke...

8.5CVSS8.2AI score0.00953EPSS
Exploits1
Talos
Talos
added 2021/07/26 12:0 a.m.60 views

CODESYS Development System Engine.plugin ProfileInformation ProfileData Unsafe Deserialization vulnerability

Summary An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to...

8.8CVSS8AI score0.01769EPSS
Exploits1
Talos
Talos
added 2020/08/30 12:0 a.m.60 views

NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV2 code execution vulnerability

Summary An exploitable code execution vulnerability exists in the nvwg MOV2 functionality of NVIDIA D3D10 Driver Version 442.50 - 26.21.14.4250. A specially crafted shader can cause remote code execution. An attacker can use this vulnerability to guest-to-host escape through Hyper-V RemoteFX...

7.8CVSS8AI score0.00359EPSS
Exploits0
Talos
Talos
added 2020/02/24 12:0 a.m.60 views

Moxa AWK-3131A iw_webs hostname Authentication Bypass Vulnerability

Summary An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. A...

8CVSS7.7AI score0.02233EPSS
Exploits1
Talos
Talos
added 2019/10/17 12:0 a.m.60 views

YouPHPTube /objects/subscribe.json.php SQL injection vulnerability

Summary Exploitable SQL injection vulnerabilities exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.6AI score0.01064EPSS
Exploits1
Talos
Talos
added 2019/10/08 12:0 a.m.60 views

Schneider Electric Modicon M580 UMAS REST API readbolarray information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the UMAS REST API readbolarray functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to return blocks of program...

7.5CVSS7.5AI score0.01709EPSS
Exploits0
Talos
Talos
added 2017/08/04 12:0 a.m.60 views

Kakadu SDK JPEG 2000 Contiguous Codestream Code Execution Vulnerability

Summary A code execution vulnerability exists in the kdubufferedexpand function of the Kakadu SDK 7.9. A specially crafted JPEG 2000 file can be read by the program and can lead to an out of bounds write causing an exploitable condition to arise. Tested Versions Kakadu SDK 7.9 - OSX & Linux Produ...

8.8CVSS8.2AI score0.01574EPSS
Exploits1
Talos
Talos
added 2017/07/19 12:0 a.m.60 views

ProcessMaker Enterprise Core Code Execution Vulnerability

Summary A code execution vulnerability exists in ProcessMarker Enterprise Core 3.0.1.7-community. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker can send a crafted web parameter to trigger this vulnerability. Tested...

8.8CVSS8.9AI score0.02211EPSS
Exploits2
Talos
Talos
added 2016/12/16 12:0 a.m.60 views

Tarantool Key-type Denial Of Service Vulnerability

Summary An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified...

7.8CVSS7.2AI score0.03675EPSS
Exploits2
Talos
Talos
added 2023/10/11 12:0 a.m.59 views

peplink Surf SOHO HW1 api.cgi cmd.mvpn.x509.write OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1782 peplink Surf SOHO HW1 api.cgi cmd.mvpn.x509.write OS command injection vulnerability October 11, 2023 CVE Number CVE-2023-35194,CVE-2023-35193 SUMMARY An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of peplin...

8.8CVSS8.1AI score0.05604EPSS
Exploits2
Talos
Talos
added 2023/07/13 12:0 a.m.59 views

VMWare vCenter Server DCERPC presentation result list out of bounds memory access

Talos Vulnerability Report TALOS-2023-1800 VMWare vCenter Server DCERPC presentation result list out of bounds memory access July 13, 2023 CVE Number CVE-2023-20896 SUMMARY An out of bounds memory access vulnerability exists in the processing of packets containing presentation result lists in...

7.5CVSS6.8AI score0.00909EPSS
Exploits0
Talos
Talos
added 2023/01/19 12:0 a.m.59 views

Ghost Foundation Ghost Post Creation insecure default installation vulnerability

Talos Vulnerability Report TALOS-2022-1686 Ghost Foundation Ghost Post Creation insecure default installation vulnerability January 19, 2023 CVE Number CVE-2022-47197,CVE-2022-47195,CVE-2022-47194,CVE-2022-47196 SUMMARY An insecure default vulnerability exists in the Post Creation functionality o...

9CVSS6.1AI score0.01024EPSS
Exploits4
Talos
Talos
added 2022/10/27 12:0 a.m.59 views

InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability

Talos Vulnerability Report TALOS-2022-1522 InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-29888 SUMMARY A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks...

8.1CVSS7.4AI score0.01487EPSS
Exploits1
Talos
Talos
added 2022/09/22 12:0 a.m.59 views

uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities

Talos Vulnerability Report TALOS-2022-1517 uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities September 22, 2022 CVE Number CVE-2022-29503 SUMMARY A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng...

9.8CVSS9.1AI score0.01178EPSS
Exploits1
Talos
Talos
added 2022/05/10 12:0 a.m.59 views

InHand Networks InRouter302 console infactory hard-coded password vulnerability

Summary A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted network request can lead to privileged operation execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested...

8.8CVSS6.8AI score0.0107EPSS
Exploits1
Talos
Talos
added 2021/11/30 12:0 a.m.59 views

Google Chrome Blink setBaseAndExtent use after free vulnerability

Summary A use-after-free vulnerability exists in the Selection API of Blink rendering engine in Google Chrome 92.0.4515.131 Stable and 94.0.4597.1 Canary. A specially-crafted web page can trigger reuse of previously freed memory which can lead to arbitrary code execution. Victim would need to vis...

8.8CVSS9.2AI score0.10127EPSS
Exploits1
Talos
Talos
added 2020/10/14 12:0 a.m.59 views

F2fs-Tools F2fs.Fsck Multiple Devices Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.2CVSS7.7AI score0.02009EPSS
Exploits1
Talos
Talos
added 2020/03/10 12:0 a.m.59 views

Microsoft Windows 10 Kernel SetMapMode MM_HIENGLISH information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the kernel of Microsoft Windows 10 Insider Preview Fast and Stable. A specially crafted executable can cause an out-of-bounds read, resulting in information disclosure. To trigger this vulnerability, the attacker needs to execu...

7.8CVSS7.8AI score0.01117EPSS
Exploits0
Talos
Talos
added 2020/03/09 12:0 a.m.59 views

WAGO PFC200 iocheckd service "I/O-Check" cache gateway Memory Corruption Vulnerability

Summary An exploitable double free vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted XML cache file written to a specific location on the device can cause a heap pointer to be freed twice, resulting in a denial of service and potentially...

7.8CVSS8AI score0.00848EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.59 views

Moxa AWK-3131A ServiceAgent denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send th...

7.5CVSS7.8AI score0.02516EPSS
Exploits1
Talos
Talos
added 2019/04/25 12:0 a.m.59 views

Sierra Wireless AirLink ES450 SNMPD hard-coded credentials vulnerability

Summary A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in a hard-coded, in the exposure of a privileged user. An attacker can...

9.3CVSS8.1AI score0.05324EPSS
Exploits3
Talos
Talos
added 2019/03/09 12:0 a.m.59 views

WAGO e!COCKPIT Firmware Downgrade Vulnerability

Summary An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software. A specially crafted firmware update file can allow an attacker to install an older firmware version while the user thinks a newer firmware version...

7.8CVSS7.8AI score0.01114EPSS
Exploits0
Talos
Talos
added 2018/04/11 12:0 a.m.59 views

Computerinsel Photoline PCX Bits Per Pixel Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this...

8.8CVSS8.1AI score0.01501EPSS
Exploits1
Talos
Talos
added 2017/10/31 12:0 a.m.59 views

Cesanta Mongoose MQTT SUBSCRIBE Command Denial Of Service

Summary An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packet can cause a NULL pointer dereference leading to server crash and denial of service. An attacker needs to send a specially crafted MQTT...

7.5CVSS7.7AI score0.26577EPSS
Exploits2
Talos
Talos
added 2017/07/24 12:0 a.m.59 views

FreeRDP Rdp Client Recv RDP Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11. A specially crafted server response can cause an out-of-bounds write resulting in an exploitable condition. An attacker can compromise the server or use a man in the middl...

8.8CVSS7.4AI score0.01483EPSS
Exploits1
Talos
Talos
added 2017/07/07 12:0 a.m.59 views

Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability

Summary An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler-0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to...

7.5CVSS8.3AI score0.05566EPSS
Exploits2
Talos
Talos
added 2017/04/18 12:0 a.m.59 views

Moxa AWK-3131A Web Application Ping Command Injection Vulnerability

Summary An exploitable OS Command Injection vulnerability exists in the web application ‘ping’ functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device...

9.1CVSS9.8AI score0.0328EPSS
Exploits2
Talos
Talos
added 2016/06/08 12:0 a.m.59 views

ESnet iPerf3 JSON parse_string UTF Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0164 ESnet iPerf3 JSON parsestring UTF Code Execution Vulnerability June 8, 2016 CVE Number CVE-2016-4303 DESCRIPTION An exploitable remote code execution vulnerability exists in the JSON handling functionality of ESnet iPerf3. A specially crafted JSON string...

9.8CVSS9.9AI score0.06963EPSS
Exploits2
Talos
Talos
added 2016/04/26 12:0 a.m.59 views

Network Time Protocol Crypto-NAK Preemptible Association Denial of Service Vulnerability

SUMMARY An off-path attacker can cause a preemptible client association to be demobilized by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled. Furthermore, if the attacker keeps sending cryp...

5.3CVSS7.4AI score0.0511EPSS
Exploits2
Talos
Talos
added 2014/11/06 12:0 a.m.59 views

Pidgin Theme/Smiley Untar Arbitrary File Write Vulnerability

Talos Vulnerability Report VRT-2014-0205 Pidgin Theme/Smiley Untar Arbitrary File Write Vulnerability November 6, 2014 CVE Number CVE-2014-3697 Description An exploitable remote code execution vulnerability exists in Pidgin’s implementation of the TAR archive parsing functionality. An attacker wh...

6.4CVSS7.2AI score0.03838EPSS
Exploits0
Talos
Talos
added 2024/08/13 12:0 a.m.58 views

Microsoft Windows CLIPSP.SYS License Update Field Type 0xCC out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1971 Microsoft Windows CLIPSP.SYS License Update Field Type 0xCC out-of-bounds read vulnerability August 13, 2024 CVE Number None SUMMARY An out-of-bounds read vulnerability exists in the License Update Field Type 0xCC functionality of Microsoft Windows...

7.1AI score
Exploits0
Total number of security vulnerabilities2224