Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2014/11/06 12:0 a.m.59 views

Pidgin Theme/Smiley Untar Arbitrary File Write Vulnerability

Talos Vulnerability Report VRT-2014-0205 Pidgin Theme/Smiley Untar Arbitrary File Write Vulnerability November 6, 2014 CVE Number CVE-2014-3697 Description An exploitable remote code execution vulnerability exists in Pidgin’s implementation of the TAR archive parsing functionality. An attacker wh...

6.4CVSS7.2AI score0.03838EPSS
Exploits0
Talos
Talos
added 2024/08/13 12:0 a.m.58 views

Microsoft Windows CLIPSP.SYS License Update Field Type 0xCC out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1971 Microsoft Windows CLIPSP.SYS License Update Field Type 0xCC out-of-bounds read vulnerability August 13, 2024 CVE Number None SUMMARY An out-of-bounds read vulnerability exists in the License Update Field Type 0xCC functionality of Microsoft Windows...

7.1AI score
Exploits0
Talos
Talos
added 2023/12/05 12:0 a.m.58 views

Buildroot BR_NO_CHECK_HASH_FOR data integrity vulnerability

Talos Vulnerability Report TALOS-2023-1845 Buildroot BRNOCHECKHASHFOR data integrity vulnerability December 5, 2023 CVE Number CVE-2023-43608 SUMMARY A data integrity vulnerability exists in the BRNOCHECKHASHFOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted...

8.1CVSS8.3AI score0.00819EPSS
Exploits1
Talos
Talos
added 2023/04/24 12:0 a.m.58 views

IBM Corporation AIX errlog() Log Injection Vulnerability

Talos Vulnerability Report TALOS-2023-1690 IBM Corporation AIX errlog Log Injection Vulnerability April 24, 2023 CVE Number None,CVE-2023-26286 SUMMARY An OS command injection vulnerability exists in the errlog syscall functionality of IBM Corporation AIX 7.2. A specially crafted syscall can lead...

8.4CVSS8.4AI score0.00296EPSS
Exploits0
Talos
Talos
added 2023/03/20 12:0 a.m.58 views

WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability

Talos Vulnerability Report TALOS-2022-1674 WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability March 20, 2023 CVE Number CVE-2022-43663 SUMMARY An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian...

9.8CVSS9AI score0.14039EPSS
Exploits1
Talos
Talos
added 2022/06/15 12:0 a.m.58 views

Bachmann Visutec GmbH Atvise License registration information disclosure vulnerability

Summary An information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this...

5.9CVSS5.6AI score0.00437EPSS
Exploits0
Talos
Talos
added 2022/02/28 12:0 a.m.58 views

Lansweeper lansweeper AssetActions.aspx SQL injection vulnerability

Summary An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions Lansweeper lansweeper...

8.8CVSS7.9AI score0.71227EPSS
Exploits1
Talos
Talos
added 2022/01/26 12:0 a.m.58 views

Reolink RLC-410W cgiserver.cgi command parser denial of service vulnerability

Summary A denial of service vulnerability exists in the cgiserver.cgi API command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted series of HTTP requests can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested...

7.8CVSS7.6AI score0.01339EPSS
Exploits1
Talos
Talos
added 2021/11/15 12:0 a.m.58 views

Lantronix PremierWave 2050 Web Manager FsTFtp directory traversal vulnerability

Summary A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to arbitrary file overwrite and arbitrary file disclosure. An attacker can make an authenticated HTTP request to...

9.1CVSS8AI score0.02399EPSS
Exploits2
Talos
Talos
added 2021/10/18 12:0 a.m.58 views

ZTE MF971R STK_PROCESS stack-based buffer overflow vulnerability

Summary An exploitable Stack Based Buffer Overflow vulnerability exists in ZTE MF971R LTE router version wainnerversion:BDPLKPLMF971R1V1.0.0B06. A specially-crafted HTTP request can cause a stack-based buffer overflow and leads to remote code execution. An attacker needs to provide a URL to the...

9.8CVSS10AI score0.01565EPSS
Exploits0
Talos
Talos
added 2021/03/24 12:0 a.m.58 views

Genivia gSOAP WS-Addressing plugin code execution vulnerability redux

Talos Vulnerability Report TALOS-2021-1245 Genivia gSOAP WS-Addressing plugin code execution vulnerability redux March 24, 2021 CVE Number CVE-2021-21783 Summary A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP...

9.8CVSS10AI score0.04983EPSS
Exploits1
Talos
Talos
added 2020/12/02 12:0 a.m.58 views

EIP Stack Group OpENer Ethernet/IP server out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...

9.8CVSS9.6AI score0.04519EPSS
Exploits1
Talos
Talos
added 2020/11/03 12:0 a.m.58 views

Moxa MXView series installation privilege escalation vulnerability

Talos Vulnerability Report TALOS-2020-1148 Moxa MXView series installation privilege escalation vulnerability November 3, 2020 CVE Number CVE-2020-13537,CVE-2020-13536 SUMMARY Multiple exploitable local privilege elevation vulnerabilities exist in the file system permissions of Moxa MXView series...

9.3CVSS8.4AI score0.00544EPSS
Exploits2
Talos
Talos
added 2020/07/31 12:0 a.m.58 views

Microsoft Azure Sphere ASXipFS inode type privilege escalation vulnerability

Talos Vulnerability Report TALOS-2020-1131 Microsoft Azure Sphere ASXipFS inode type privilege escalation vulnerability July 31, 2020 CVE Number None SUMMARY A privilege escalation vulnerability exists in the ASXipFS inode type functionality of Microsoft Azure Sphere 20.06. A specially crafted...

7.2AI score
Exploits0
Talos
Talos
added 2020/07/14 12:0 a.m.58 views

AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality RESOURCE Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be...

9.9CVSS9.7AI score0.02781EPSS
Exploits1
Talos
Talos
added 2020/05/05 12:0 a.m.58 views

Accusoft ImageGear TIFF fill_in_raster buffer copy operation code execution vulnerability

Summary An exploitable code execution vulnerability exists in the TIFF fillinraster function of the igcore19d.dll library of Accusoft ImageGear 19.4, 19.5 and 19.6. A specially crafted TIFF file can cause an out-of-bounds write, resulting in remote code execution. An attacker can provide a...

9.8CVSS9.1AI score0.03597EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.58 views

Moxa AWK-3131A iw_webs Account Settings Improper Access Control Vulnerability

Summary An exploitable improper access control vulnerability exists in the iwwebs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the...

9.9CVSS9.1AI score0.02695EPSS
Exploits1
Talos
Talos
added 2020/01/21 12:0 a.m.58 views

AMD ATI Radeon ATIDXX64.DLL shader functionality VTABLE remote code execution vulnerability

Summary An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a specially...

9CVSS9.2AI score0.01802EPSS
Exploits0
Talos
Talos
added 2020/01/02 12:0 a.m.58 views

OpenCV JSON persistence parser buffer overflow vulnerability

Summary An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, version 4.1.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a...

8.8CVSS8.9AI score0.10618EPSS
Exploits1
Talos
Talos
added 2019/12/10 12:0 a.m.58 views

LEADTOOLS libltdic.so DICOM LDicomNet::SendData Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this...

9.8CVSS9AI score0.02529EPSS
Exploits0
Talos
Talos
added 2019/01/03 12:0 a.m.58 views

Foxit PDF Reader XFA xdpContent information leak vulnerability

Summary An exploitable out-of-bounds read vulnerability exists in the handling of certain XFA element attributes of Foxit Software’s PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger an out-of-bounds read, which can disclose sensitive memory content and aid in exploitati...

7.1CVSS6.7AI score0.49566EPSS
Exploits1
Talos
Talos
added 2018/03/15 12:0 a.m.58 views

VMware VNC Lock Count Denial of Service Vulnerability

Summary An exploitable Denial of Service vulnerability exists in the remote management functionality of VMware . A large amount of VNC connections can cause an exception in the server to trigger, resulting in a shutdown of the virtual machine. An attacker can initiate VNC sessions to trigger this...

5.3CVSS5.2AI score0.01654EPSS
Exploits0
Talos
Talos
added 2018/01/09 12:0 a.m.58 views

CPP-Ethereum libevm create2 Information Leak Vulnerability

Summary An exploitable information leak / denial of service vulnerability exists in the libevm Ethereum Virtual Machine create2 opcode handler of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read leading to memory disclosure or denial of service. An attacker ca...

8.2CVSS8.1AI score0.01709EPSS
Exploits1
Talos
Talos
added 2017/10/31 12:0 a.m.58 views

Circle with Disney libbluecoat.so SSL TLD MITM Vulnerability

Summary An exploitable vulnerability exists in filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this...

8.1CVSS5.9AI score0.00673EPSS
Exploits2
Talos
Talos
added 2017/10/31 12:0 a.m.58 views

Circle with Disney Firmware Update Signature Check Bypass Vulnerability

Summary An exploitable vulnerability exists in the signature verification of the firmware update functionality of Circle with Disney. Specially crafted network packets can cause an unsigned firmware to be installed in the device resulting in arbitrary code execution. An attacker can send a series...

9.9CVSS7.8AI score0.01556EPSS
Exploits2
Talos
Talos
added 2017/09/11 12:0 a.m.58 views

FreeXL read_biff_next_record Code Execution Vulnerability

Summary An exploitable heap based buffer overflow vulnerability exists in the readbiffnextrecord function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. Tested...

8.8CVSS8.9AI score0.03313EPSS
Exploits1
Talos
Talos
added 2017/05/04 12:0 a.m.58 views

AntennaHouse DMC HTMLFilter PPT DHFSummary Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a stack corruption resulting in arbitrary code execution. An attacker can send/provide maliciou...

8.3CVSS8.4AI score0.01299EPSS
Exploits2
Talos
Talos
added 2017/01/17 12:0 a.m.58 views

Oracle Outside In Technology PDF parser confusion Code Execution Vulnerability

Summary An exploitable arbitrary write vulnerability exists in the PDF parser functionality of Oracle Outside In Technology SDK. A specially crafted PDF document can cause a parser confusion resulting in an arbitrary write vulnerability ultimately leading to code execution. Tested Versions Oracle...

8.6CVSS9.2AI score0.02099EPSS
Exploits1
Talos
Talos
added 2016/10/03 12:0 a.m.58 views

FreeImage Library XMP Image Handling Code Execution Vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this...

7.8CVSS7.7AI score0.0183EPSS
Exploits1
Talos
Talos
added 2016/09/29 12:0 a.m.58 views

OpenJPEG JPEG2000 mcc record Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful...

7.8CVSS8.4AI score0.02563EPSS
Exploits2
Talos
Talos
added 2015/10/21 12:0 a.m.58 views

Network Time Protocol Reference Clock Memory Corruption Vulnerability

Talos Vulnerability Report TALOS-2015-0064 Network Time Protocol Reference Clock Memory Corruption Vulnerability October 21, 2015 CVE Number CVE-2015-7853 Description A potential buffer overflow vulnerability exists in the refclock of ntpd. An invalid length provided by a hardware reference clock...

9.8CVSS9.3AI score0.11781EPSS
Exploits0
Talos
Talos
added 2014/01/26 12:0 a.m.58 views

Pidgin libpurple SIP/SIMPLE Content-Length Integer Overflow Vulnerability

Talos Vulnerability Report VRT-2013-1004 Pidgin libpurple SIP/SIMPLE Content-Length Integer Overflow Vulnerability January 26, 2014 CVE Number CVE-2013-6490 Description An exploitable remote code execution vulnerability exists in Pidgin’s implementation of SIP/SIMPLE message handling. An attacker...

10CVSS6.8AI score0.14809EPSS
Exploits0
Talos
Talos
added 2023/07/21 12:0 a.m.57 views

Open Babel translationVectors parsing out-of-bounds write vulnerabilities

Talos Vulnerability Report TALOS-2022-1666 Open Babel translationVectors parsing out-of-bounds write vulnerabilities July 21, 2023 CVE Number CVE-2022-46292,CVE-2022-46295,CVE-2022-46294,CVE-2022-46293,CVE-2022-46291 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the...

9.8CVSS8.8AI score0.00863EPSS
Exploits5
Talos
Talos
added 2022/10/14 12:0 a.m.57 views

Robustel R1510 web_server /ajax/remove/ directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1579 Robustel R1510 webserver /ajax/remove/ directory traversal vulnerability October 14, 2022 CVE Number CVE-2022-33897 SUMMARY A directory traversal vulnerability exists in the webserver /ajax/remove/ functionality of Robustel R1510 3.1.16. A...

9.1CVSS7.7AI score0.01393EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.57 views

WWBN AVideo cookie information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1542 WWBN AVideo cookie information disclosure vulnerability August 16, 2022 CVE Number CVE-2022-32777,CVE-2022-32778 SUMMARY An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The...

7.5CVSS7.3AI score0.01983EPSS
Exploits0
Talos
Talos
added 2021/11/15 12:0 a.m.57 views

Lantronix PremierWave 2050 Web Manager Wireless Network Scanner OS command injection vulnerability

Summary An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.9CVSS9.6AI score0.37064EPSS
Exploits1
Talos
Talos
added 2021/01/26 12:0 a.m.57 views

Micrium uC-HTTP HTTP Server unchecked return value denial-of-service vulnerability

Summary A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Micrium uC-HTTP 3.01.00 Product URLs...

8.6CVSS7.6AI score0.02612EPSS
Exploits1
Talos
Talos
added 2020/10/20 12:0 a.m.57 views

Google Chrome WebGL Buffer11::getBufferStorage Code Execution Vulnerability

Talos Vulnerability Report TALOS-2020-1127 Google Chrome WebGL Buffer11::getBufferStorage Code Execution Vulnerability October 20, 2020 CVE Number CVE-2020-6542 SUMMARY A code execution vulnerability exists in the WebGL functionality of Google Chrome 84.0.4147.89 and 85.0.4169.0 Developer Build...

8.8CVSS8.6AI score0.02028EPSS
Exploits0
Talos
Talos
added 2020/07/31 12:0 a.m.57 views

Microsoft Azure Sphere AF_AZSPIO socket memory corruption vulnerability

Summary A memory corruption vulnerability exists in the AFAZSPIO socket functionality of Microsoft Azure Sphere 20.05. A sequence of socket operations can cause a double-free and out-of-bounds read in the kernel. An attacker can write a shellcode to trigger this vulnerability. Tested Versions...

8.8CVSS8AI score0.01378EPSS
Exploits1
Talos
Talos
added 2020/05/05 12:0 a.m.57 views

Accusoft ImageGear ICO ico_read buffer size computation code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the icoread function of the igcore19d.dll library of Accusoft ImageGear 19.6.0. A specially crafted ICO file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to...

9.8CVSS9.3AI score0.03597EPSS
Exploits1
Talos
Talos
added 2020/04/14 12:0 a.m.57 views

Microsoft Media Foundation CQTMetadataKeysAtom GetKeyForIndex Information Disclosure Vulnerability

Summary An exploitable code execution vulnerability exists in the CQTMetadataKeysAtom GetKeyForIndex functionality of Microsoft Corporation Microsoft Media Foundation 10.0.18362.476. A specially crafted malformed file can cause code execution resulting in remote code execution. An attacker can...

5.5CVSS6AI score0.0845EPSS
Exploits0
Talos
Talos
added 2020/02/03 12:0 a.m.57 views

Mini-SNMPD socket disconnect denial-of-service vulnerability

Talos Vulnerability Report TALOS-2019-0977 Mini-SNMPD socket disconnect denial-of-service vulnerability February 3, 2020 CVE Number CVE-2020-6060 Summary A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections. A specially timed sequence of SNMP...

5CVSS0.3AI score0.02197EPSS
Exploits1
Talos
Talos
added 2020/01/16 12:0 a.m.57 views

Foxit PDF Reader JavaScript field keystroke action remote code execution vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user t...

8.8CVSS9AI score0.03107EPSS
Exploits1
Talos
Talos
added 2020/01/02 12:0 a.m.57 views

OpenCV XML Persistence Parser Buffer Overflow Vulnerability

Summary An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially...

8.8CVSS8.8AI score0.20947EPSS
Exploits1
Talos
Talos
added 2019/10/08 12:0 a.m.57 views

Schneider Electric Modicon M580 TFTP server information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the TFTP server functionality of the Schneider Electric Modicon M580 Programmable Automation Controller. A specially crafted TFTP get request can cause a file download, resulting in disclosure of sensitive information. An...

7.5CVSS7.4AI score0.29895EPSS
Exploits0
Talos
Talos
added 2018/07/19 12:0 a.m.57 views

ACD Systems Canvas Draw 4 Huff Table Out-of-bounds Write Code Execution Vulnerability

Summary An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this...

8.8CVSS8AI score0.01819EPSS
Exploits1
Talos
Talos
added 2018/04/03 12:0 a.m.57 views

Moxa AWK-3131A Multiple Features Login Username Parameter OS Command Injection Vulnerability

Summary An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 current. An attacker can inject commands via the username parameter of...

10CVSS10AI score0.12169EPSS
Exploits1
Talos
Talos
added 2018/01/11 12:0 a.m.57 views

Blender customData_add_layer__internal Integer Overflow Code Execution Vulnerability

Summary An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute tface of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context o...

8.8CVSS7.8AI score0.0208EPSS
Exploits1
Talos
Talos
added 2017/10/26 12:0 a.m.57 views

Apache OpenOffice DOC ImportOldFormatStyles Code Execution Vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the WW8RStyle::ImportOldFormatStyles functionality of Apache OpenOffice 4.1.3. A specially crafted doc file can cause a out-of-bounds write resulting in arbitrary code execution. An attacker can send/provide malicious doc file to...

7.8CVSS8AI score0.02889EPSS
Exploits1
Talos
Talos
added 2017/09/11 12:0 a.m.57 views

FreeXL BIFF Dimension Marker Code Execution Vulnerability

Summary An exploitable heap-based buffer overflow vulnerability exists in the readlegacybiff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. Tested...

8.8CVSS8.9AI score0.03313EPSS
Exploits1
Total number of security vulnerabilities2224