Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2018/04/13 12:0 a.m.52 views

Moxa EDR-810 Web Server OpenVPN Config Multiple Command Injection Vulnerabilities

Summary An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into various paramaters in the...

9CVSS8.9AI score0.04832EPSS
Exploits4
Talos
Talos
added 2018/04/11 12:0 a.m.52 views

Computerinsel Photoline PCX Decompress Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this...

8.8CVSS8.2AI score0.0147EPSS
Exploits1
Talos
Talos
added 2017/10/31 12:0 a.m.52 views

Cesanta Mongoose Websocket Protocol Packet Length Code Execution Vulnerability

Summary An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow resulting leading to heap buffer overflow resulting in denial of service and potential remote code...

9.8CVSS9.1AI score0.02417EPSS
Exploits2
Talos
Talos
added 2016/11/17 12:0 a.m.52 views

HDF5 Group libhdf5 Shareable Message Type Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0178 HDF5 Group libhdf5 Shareable Message Type Code Execution Vulnerability November 17, 2016 CVE Number CVE-2016-4332 Description HDF5 is a file format that is maintained by a non-profit organization, The HDF Group. HDF5 is designed to be used for storage an...

8.6CVSS7.7AI score0.00812EPSS
Exploits2
Talos
Talos
added 2023/01/26 12:0 a.m.51 views

Siretta QUARTZ-GOLD httpd delfile.cgi directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1606 Siretta QUARTZ-GOLD httpd delfile.cgi directory traversal vulnerability January 26, 2023 CVE Number CVE-2022-40701 SUMMARY A directory traversal vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A...

8.1CVSS7AI score0.02574EPSS
Exploits1
Talos
Talos
added 2021/11/22 12:0 a.m.51 views

Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'company_list' page

Summary Multiple exploitable SQL injection vulnerabilities exist in the ‘companylist’ page of the Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. However, the high...

7.7CVSS6.1AI score0.01134EPSS
Exploits2
Talos
Talos
added 2020/12/16 12:0 a.m.51 views

Lantronix XPort EDGE Web Manager and telnet CLI cleartext transmission of sensitive information vulnerability

Summary An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause information disclosure. An attacker can sniff the network to trigger this...

5.3CVSS4.3AI score0.02933EPSS
Exploits0
Talos
Talos
added 2020/08/24 12:0 a.m.51 views

Microsoft Azure Sphere uid_map UID uniqueness privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the uidmap functionality of Microsoft Azure Sphere 20.06. A specially crafted uidmap file can cause multiple applications to get the same UID assigned, thus broadening the attack surface. An attacker can modify the uidmap file to trigger this...

6.8CVSS6.1AI score0.00826EPSS
Exploits0
Talos
Talos
added 2020/08/24 12:0 a.m.51 views

Microsoft Azure Sphere Normal World application /proc/thread-self/mem unsigned code execution vulnerability

Summary A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted shellcode can cause a process’ non-writable memory to be written. An attacker can execute a shellcode that modifies the program at runtime v...

7.8CVSS7.4AI score0.01254EPSS
Exploits0
Talos
Talos
added 2020/02/24 12:0 a.m.51 views

Moxa AWK-3131A multiple iw_* utilities Use of Hard-coded Credentials Vulnerability

Summary An exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. Tested Versions Moxa...

7.1CVSS6.7AI score0.00337EPSS
Exploits1
Talos
Talos
added 2019/12/10 12:0 a.m.51 views

Microsoft Remote Desktop Services (RDP8) license negotiation denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the RDP8 implementation of Microsoft’s Remote Desktop Services. A certain component of license negotiation can allow a remote client to read an amount of memory that is controlled by the client. Due to this, a client can coerce the...

7.5CVSS8.2AI score0.09202EPSS
Exploits0
Talos
Talos
added 2019/01/08 12:0 a.m.51 views

Apple IntelHD5000 Graphics Process Token Privilege Escalation Vulnerability

Summary A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds access inside of the KEXT leading to a use after free and invalid memory...

9.3CVSS8AI score0.00907EPSS
Exploits0
Talos
Talos
added 2018/06/19 12:0 a.m.51 views

Insteon Hub PubNub "ad" Channel Message Handler Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the PubNub message handler for the “ad” channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

8.5CVSS8.2AI score0.01081EPSS
Exploits2
Talos
Talos
added 2018/04/11 12:0 a.m.51 views

Computerinsel Photoline PSD Blending Channels Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the PSD parsing functionality of Computerinsel Photoline 20.53. A specially crafted PSD document processed via the application can lead to an out of bounds write overwriting arbitrary data. An attacker can deliver a PSD document to trigger this...

8.8CVSS8.4AI score0.01271EPSS
Exploits0
Talos
Talos
added 2018/04/11 12:0 a.m.51 views

Computerinsel Photoline TIFF Samples Per Pixel Parsing Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the TIFF parsing functionality of Computerinsel Photoline 20.53. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this...

8.8CVSS8AI score0.01501EPSS
Exploits1
Talos
Talos
added 2017/10/31 12:0 a.m.51 views

Circle with Disney Apid Strstr Authentication Bypass Vulnerability

Summary An exploitable authentication bypass vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A specially crafted token can bypass the authentication routine of the Apid binary, causing the device to grant unintended administrative access. An attacker needs...

9CVSS8.2AI score0.01555EPSS
Exploits2
Talos
Talos
added 2017/07/24 12:0 a.m.51 views

FreeRDP Rdp Client License Read Challenge Packet Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use ma...

6.5CVSS6.4AI score0.01722EPSS
Exploits1
Talos
Talos
added 2017/06/19 12:0 a.m.51 views

Foscam IP Video Camera CGIProxy.fcgi Wifi Settings Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data, potentially...

7.5CVSS7.8AI score0.01939EPSS
Exploits1
Talos
Talos
added 2017/05/05 12:0 a.m.51 views

PowerISO ISO Parsing Use After Free

Summary A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .ISO file to trigger this vulnerability. Tested Versions PowerISO 6.8 6, ...

8.8CVSS8.5AI score0.09358EPSS
Exploits2
Talos
Talos
added 2017/05/04 12:0 a.m.51 views

WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability

Summary An exploitable off-by-one write vulnerability exists in the x509 certificate parsing functionality of wolfSSL library versions up to 3.10.2. A specially crafted x509 certificate can cause a single out of bounds byte overwrite resulting in potential certificate validation vulnerabilities,...

9.8CVSS9AI score0.0853EPSS
Exploits5
Talos
Talos
added 2017/04/10 12:0 a.m.51 views

Moxa AWK-3131A Web Application bkpath HTTP Header Injection Vulnerability

Summary An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the...

4.3CVSS4.7AI score0.01362EPSS
Exploits2
Talos
Talos
added 2016/08/06 12:0 a.m.51 views

LexMark Perceptive Document Filters XLS Convert Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0172 LexMark Perceptive Document Filters XLS Convert Code Execution Vulnerability August 6, 2016 CVE Number CVE-2016-4335 Description An exploitable buffer overflow exists in the XLS parsing of the Perspective Document Filters conversion functionality. A...

8.4CVSS0.2AI score0.03787EPSS
Exploits2
Talos
Talos
added 2016/02/05 12:0 a.m.51 views

Libgraphite Bidirectional Font mFeatureMap Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0060 Libgraphite Bidirectional Font mFeatureMap Denial of Service Vulnerability February 5, 2016 CVE Number CVE-2016-1522 Description An exploitable NULL pointer dereference exists in the bidirectional font handling functionality of Libgraphite. A specially...

9.3CVSS7.2AI score0.0831EPSS
Exploits1
Talos
Talos
added 2023/11/15 12:0 a.m.50 views

Adobe Acrobat Reader U3D page event use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1842 Adobe Acrobat Reader U3D page event use-after-free vulnerability November 15, 2023 CVE Number CVE-2023-44372 SUMMARY A use-after-free vulnerability exists in the page event processing in Adobe Acrobat Reader 2023.006.20320. A specially crafted Javascript...

7.8CVSS8.2AI score0.02611EPSS
Exploits0
Talos
Talos
added 2023/02/23 12:0 a.m.50 views

EIP Stack Group OpENer SetAttributeList attribute_count_request out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1662 EIP Stack Group OpENer SetAttributeList attributecountrequest out-of-bounds write vulnerability February 23, 2023 CVE Number CVE-2022-43605 SUMMARY An out-of-bounds write vulnerability exists in the SetAttributeList attributecountrequest functionality of...

10CVSS9.8AI score0.14372EPSS
Exploits1
Talos
Talos
added 2022/10/27 12:0 a.m.50 views

InHand Networks InRouter302 console support leftover debug code vulnerability

Talos Vulnerability Report TALOS-2022-1521 InHand Networks InRouter302 console support leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-28689 SUMMARY A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A...

8.8CVSS7.8AI score0.00905EPSS
Exploits0
Talos
Talos
added 2022/05/17 12:0 a.m.50 views

NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXABLE memory corruption vulnerability

Summary A memory corruption vulnerability exists in the shader dclindexable functionality of NVIDIA D3D10 Driver version 496.76, 30.0.14.9676. A specially-crafted executable / shader file can lead to memory corruption. This vulnerability potentially could be triggered from guest machines running...

9.9CVSS9.1AI score0.01034EPSS
Exploits0
Talos
Talos
added 2022/05/10 12:0 a.m.51 views

InHand Networks InRouter302 console infactory_wlan command injection vulnerability

Summary An OS command injection vulnerability exists in the console infactorywlan functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Test...

9.9CVSS8.9AI score0.05829EPSS
Exploits1
Talos
Talos
added 2022/05/09 12:0 a.m.50 views

WPS Office HtmTableAlt use-after-free vulnerability

Summary An exploitable use-after-free vulnerability exists in WPS Spreadsheets ET as part of WPS Office, version 11.2.0.10351. A specially-crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to...

8.8CVSS8.4AI score0.01273EPSS
Exploits0
Talos
Talos
added 2022/03/23 12:0 a.m.50 views

Sound Exchange libsox sphere.c start_read() heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2021-1434 Sound Exchange libsox sphere.c startread heap-based buffer overflow vulnerability March 23, 2022 CVE Number CVE-2021-40426 SUMMARY A heap-based buffer overflow vulnerability exists in the sphere.c startread functionality of Sound Exchange libsox 14.4.2 a...

10CVSS8.9AI score0.02211EPSS
Exploits1
Talos
Talos
added 2022/02/01 12:0 a.m.50 views

Sealevel Systems, Inc. SeaConnect 370W MQTTS Certificate Validation vulnerability

Summary A misconfiguration exists in the MQTTS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. This misconfiguration significantly simplifies a man-in-the-middle attack, which directly leads to control of device functionality. Tested Versions Sealevel Systems, Inc. SeaConnect 370...

8.1CVSS7.9AI score0.00843EPSS
Exploits1
Talos
Talos
added 2021/12/20 12:0 a.m.50 views

Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame parsing uninitialized uuid object vulnerability

Summary When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed from a frame within the video container. Upon destruction of the object that owns it, the...

9.8CVSS9.6AI score0.17945EPSS
Exploits1
Talos
Talos
added 2021/12/06 12:0 a.m.50 views

Dream Report ODS Remote Connector privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability. Tested Version...

8.8CVSS8AI score0.01244EPSS
Exploits1
Talos
Talos
added 2021/08/10 12:0 a.m.50 views

AT&T Labs Xmill XML decompression EnumerationUncompressor::UncompressItem heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability...

9.8CVSS9.3AI score0.02545EPSS
Exploits1
Talos
Talos
added 2021/04/08 12:0 a.m.50 views

Dream Report platform privilege escalation vulnerability

Summary Multiple privilege escalation vulnerabilities exist in Dream Report 5 R20-2. A specially crafted executable can cause elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Dream Report 5 R20-2 Product URLs https://dreamreport.net/...

9.3CVSS8.2AI score0.00889EPSS
Exploits3
Talos
Talos
added 2021/02/09 12:0 a.m.50 views

Accusoft ImageGear PSD Header processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the PSD Header processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.8...

9.8CVSS8.9AI score0.01855EPSS
Exploits1
Talos
Talos
added 2021/01/27 12:0 a.m.50 views

phpGACL database multiple SQL injection vulnerabilities

Summary Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OpenEMR 5.0.2 OpenEMR development version 6.0.0 commit...

9.8CVSS9.3AI score0.02308EPSS
Exploits2
Talos
Talos
added 2020/10/13 12:0 a.m.50 views

Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Logical Segment Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

7.8CVSS7.3AI score0.03515EPSS
Exploits2
Talos
Talos
added 2020/09/15 12:0 a.m.50 views

Nitro Pro PDF ICCBased ColorSpace Stroke Color Code Execution Vulnerability

Talos Vulnerability Report TALOS-2020-1084 Nitro Pro PDF ICCBased ColorSpace Stroke Color Code Execution Vulnerability September 15, 2020 CVE Number CVE-2020-6146 SUMMARY An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. Wh...

8.8CVSS8.9AI score0.78475EPSS
Exploits1
Talos
Talos
added 2020/07/14 12:0 a.m.50 views

AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality ROUND_NI Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be...

9.9CVSS9.7AI score0.02781EPSS
Exploits1
Talos
Talos
added 2020/05/12 12:0 a.m.50 views

Adobe Acrobat Reader DC Annotation Destroy Remote Code Execution

Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC 2020.006.20034. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need...

7.8CVSS8.7AI score0.04745EPSS
Exploits0
Talos
Talos
added 2020/03/09 12:0 a.m.50 views

WAGO PFC200 Cloud Connectivity TimeoutUnconfirmed Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200. An attacker can inject OS commands into the TimeoutUnconfirmed parameter value contained in the Firmware Update command. Tested Versions WAGO PFC200 Firmware version 03.02.0214 WA...

7.2CVSS7AI score0.04179EPSS
Exploits1
Talos
Talos
added 2020/02/11 12:0 a.m.50 views

Adobe Acrobat Reader DC Javascript Field Name Information Leak

Summary A specific JavaScript code embedded in a PDF file can lead to information leak when opening a PDF document in Adobe Acrobat Reader DC 2019.021.20048. With careful memory manipulation, this can lead to sensitive information disclose which could be abused when exploiting another vulnerabili...

7.5CVSS8.4AI score0.08906EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.50 views

LEADTOOLS libltdic.so DICOM LDicomNet::receive information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an out-of-bounds read, resulting in information disclosure. An attacker can send a packet to trigger...

9.1CVSS7.7AI score0.02266EPSS
Exploits0
Talos
Talos
added 2019/12/02 12:0 a.m.50 views

Forma LMS 2.2.1 ajax.adm_server.php dir parameter SQL injections

Summary Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowin...

8.8CVSS8.6AI score0.01064EPSS
Exploits1
Talos
Talos
added 2019/10/08 12:0 a.m.50 views

Schneider Electric Modicon M580 UMAS REST API getcominfo information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the UMAS REST API getcominfo functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to return arbitrary memory,...

7.5CVSS7.3AI score0.01709EPSS
Exploits0
Talos
Talos
added 2018/07/10 12:0 a.m.50 views

Antenna House Office Server Document Converter vbputanld code execution vulnerability

Summary An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted Microsoft Word DOC document can lead to an out-of-bounds write, resulting in...

8.8CVSS8.4AI score0.02052EPSS
Exploits1
Talos
Talos
added 2018/04/13 12:0 a.m.50 views

Moxa EDR-810 Web Server Weak Cryptography for Passwords Vulnerability

Summary An exploitable Weak Cryptography for Passwords vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. An attacker could intercept weakly encrypted passwords and could brute force them. Tested Versions Moxa EDR-810 V4.1 build 17030317 Product URLs...

8CVSS5.4AI score0.0071EPSS
Exploits2
Talos
Talos
added 2017/11/15 12:0 a.m.50 views

libxls xls_preparseWorkSheet MULRK Code Execution Vulnerability

Summary An exploitable integer overflow vulnerability exists in the xlspreparseWorkSheet function of libxls 1.4 when handling a MULRK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this...

8.8CVSS9AI score0.02771EPSS
Exploits2
Talos
Talos
added 2017/10/04 12:0 a.m.50 views

Computerinsel Photoline GIF Parsing Code Execution Vulnerability

Summary An memory corruption vulnerability exists in the .GIF parsing functionality of Computerinsel Photoline 20.02. A specially crafted .GIF file can cause a vulnerability resulting in potential code execution. An attacker can send specific .GIF file to trigger this vulnerability. Tested Versio...

8.8CVSS8.4AI score0.01447EPSS
Exploits2
Total number of security vulnerabilities2224