Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2017/11/15 12:0 a.m.48 views

libxls xls_addCell Formula Code Execution Vulnerability

Summary An exploitable out-of-bounds vulnerability exists in the xlsaddCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability. Tested...

8.8CVSS8.1AI score0.02078EPSS
Exploits1
Talos
Talos
added 2017/06/30 12:0 a.m.48 views

Invincea-X SboxDrv.sys Version Number Query Local Privilege Escalation Vulnerability

Summary An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058. A specially crafted input buffer and race condition can result in kernel memory corruption, which could result in privilege escalation. An attacker needs to execute a specia...

7.8CVSS7.7AI score0.00313EPSS
Exploits2
Talos
Talos
added 2016/07/21 12:0 a.m.48 views

OpenOffice Impress MetaActions Arbitrary Read Write Vulnerability

Talos Vulnerability Report TALOS-2016-0051 OpenOffice Impress MetaActions Arbitrary Read Write Vulnerability July 21, 2016 CVE Number CVE-2016-1513 Description An exploitable out-of-bounds vulnerability exists in OpenOffice when handling MetaActions. A specially crafted Open Office Impress file c...

7.8CVSS0.2AI score0.04484EPSS
Exploits1
Talos
Talos
added 2016/04/19 12:0 a.m.48 views

Oracle IOT IX SDK libvs_pdf XRef Index Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0086 Oracle IOT IX SDK libvspdf XRef Index Code Execution Vulnerability April 19, 2016 CVE Number CVE-2016-3455 DESCRIPTION A vulnerability in PDF parser of the IX SDK exists that allows an out of bounds heap memory overwrite potentially leading to remote cod...

9CVSS0.5AI score0.03122EPSS
Exploits0
Talos
Talos
added 2016/01/19 12:0 a.m.48 views

Network Time Protocol Deja Vu: Broadcast Mode Replay Vulnerability

Summary Expected Behavior: RFC 5905 page 29 Section 8 states that the on-wire protocol resists replay of server response packet in broadcast mode. Also on page 55 section 15, the RFC claims security in authenticated mode against on-path attackers where an attacker can: a Intercept and archive...

6.5CVSS6.1AI score0.03334EPSS
Exploits2
Talos
Talos
added 2024/08/19 12:0 a.m.47 views

Microsoft Word for macOS library injection vulnerability

Talos Vulnerability Report TALOS-2024-1977 Microsoft Word for macOS library injection vulnerability August 19, 2024 CVE Number CVE-2024-41165 SUMMARY A library injection vulnerability exists in Microsoft Word 16.83 for macOS. A specially crafted library can leverage Word’s access privileges,...

9.1CVSS6.7AI score0.00722EPSS
Exploits1
Talos
Talos
added 2024/07/08 12:0 a.m.47 views

LevelOne WBR-6013 boa formSysCmd leftover debug code vulnerability

Talos Vulnerability Report TALOS-2023-1873 LevelOne WBR-6013 boa formSysCmd leftover debug code vulnerability July 8, 2024 CVE Number CVE-2023-49593 SUMMARY Leftover debug code exists in the boa formSysCmd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A specially crafted network...

7.2CVSS7.6AI score0.01061EPSS
Exploits0
Talos
Talos
added 2024/02/20 12:0 a.m.47 views

Weston Embedded uC-HTTP HTTP Server heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1843 Weston Embedded uC-HTTP HTTP Server heap-based buffer overflow vulnerability February 20, 2024 CVE Number CVE-2023-45318 SUMMARY A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit...

10CVSS9.9AI score0.01746EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.47 views

ManageEngine OpManager uploadMib directory traversal vulnerability

Talos Vulnerability Report TALOS-2023-1851 ManageEngine OpManager uploadMib directory traversal vulnerability January 8, 2024 CVE Number CVE-2023-47211 SUMMARY A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP...

9.1CVSS8.9AI score0.47024EPSS
Exploits1
Talos
Talos
added 2023/11/14 12:0 a.m.47 views

Weston Embedded uC-HTTP HTTP Server buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1726 Weston Embedded uC-HTTP HTTP Server buffer overflow vulnerability November 14, 2023 CVE Number CVE-2023-25181 SUMMARY A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially...

9.8CVSS9.7AI score0.01688EPSS
Exploits1
Talos
Talos
added 2023/10/11 12:0 a.m.47 views

Yifan YF325 httpd debug credentials leftover debug code vulnerability

Talos Vulnerability Report TALOS-2023-1752 Yifan YF325 httpd debug credentials leftover debug code vulnerability October 11, 2023 CVE Number CVE-2023-32645 SUMMARY A leftover debug code vulnerability exists in the httpd debug credentials functionality of Yifan YF325 v1.020221108. A specially...

9.8CVSS9.8AI score0.53533EPSS
Exploits0
Talos
Talos
added 2023/10/11 12:0 a.m.47 views

Yifan YF325 httpd manage_post stack-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1787 Yifan YF325 httpd managepost stack-based buffer overflow vulnerabilities October 11, 2023 CVE Number CVE-2023-35965,CVE-2023-35966 SUMMARY Two heap-based buffer overflow vulnerabilities exist in the httpd managepost functionality of Yifan YF325...

9.8CVSS9.8AI score0.00773EPSS
Exploits0
Talos
Talos
added 2023/07/06 12:0 a.m.47 views

Milesight UR32L urvpn_client cmd_name_action OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2023-1710 Milesight UR32L urvpnclient cmdnameaction OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-24583,CVE-2023-24582 SUMMARY Two OS command injection vulnerabilities exist in the urvpnclient cmdnameaction functionality of Milesight UR32L...

8.8CVSS9.2AI score0.03003EPSS
Exploits2
Talos
Talos
added 2023/01/26 12:0 a.m.47 views

FreshTomato httpd logs/view.cgi OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1641 FreshTomato httpd logs/view.cgi OS command injection vulnerability January 26, 2023 CVE Number CVE-2022-42484 SUMMARY An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP...

9.8CVSS9.7AI score0.06013EPSS
Exploits1
Talos
Talos
added 2023/01/26 12:0 a.m.47 views

Siretta QUARTZ-GOLD httpd txt/restore.cgi OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1612 Siretta QUARTZ-GOLD httpd txt/restore.cgi OS command injection vulnerability January 26, 2023 CVE Number CVE-2022-40220 SUMMARY An OS command injection vulnerability exists in the httpd txt/restore.cgi functionality of Siretta QUARTZ-GOLD...

8.8CVSS8.2AI score0.04054EPSS
Exploits1
Talos
Talos
added 2022/10/14 12:0 a.m.47 views

Robustel R1510 js_package install OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1577 Robustel R1510 jspackage install OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-33150 SUMMARY An OS command injection vulnerability exists in the jspackage install functionality of Robustel R1510 3.1.16. A specially-crafted netwo...

9.8CVSS9.8AI score0.03359EPSS
Exploits1
Talos
Talos
added 2022/10/14 12:0 a.m.47 views

Robustel R1510 sysupgrade command injection OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1576 Robustel R1510 sysupgrade command injection OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-32765 SUMMARY An OS command injection vulnerability exists in the sysupgrade command injection functionality of Robustel R1510 3.1.16 and...

9.8CVSS9.8AI score0.03455EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.47 views

TCL LinkHub Mesh Wi-Fi confctl_set_wan_cfg denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1506 TCL LinkHub Mesh Wi-Fi confctlsetwancfg denial of service vulnerability August 1, 2022 CVE Number CVE-2022-27178 SUMMARY A denial of service vulnerability exists in the confctlsetwancfg functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A...

9.8CVSS9.3AI score0.00999EPSS
Exploits1
Talos
Talos
added 2022/02/11 12:0 a.m.47 views

Moxa MXView Series Web Application authentication bypass vulnerability

Summary An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. A specially-crafted HTTP request can lead to unauthorized access. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Moxa MXView Series 3.2.4...

10CVSS9.5AI score0.02418EPSS
Exploits1
Talos
Talos
added 2022/02/01 12:0 a.m.47 views

Sealevel Systems, Inc. SeaConnect 370W URL_decode out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the URLdecode functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to an out-of-bounds write. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. Tested...

5.9CVSS5.2AI score0.00696EPSS
Exploits1
Talos
Talos
added 2021/10/11 12:0 a.m.47 views

Anker Eufy Homebase 2 pushMuxer processRtspInfo heap buffer overflow vulnerability

Talos Vulnerability Report TALOS-2021-1369 Anker Eufy Homebase 2 pushMuxer processRtspInfo heap buffer overflow vulnerability October 11, 2021 CVE Number CVE-2021-21940 SUMMARY A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase ...

10CVSS9.5AI score0.01292EPSS
Exploits1
Talos
Talos
added 2021/06/01 12:0 a.m.47 views

Accusoft ImageGear DICOM parse_dicom_meta_info integer overflow vulnerability

Summary An integer overflow vulnerability exists in the DICOM parsedicommetainfo functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft...

9.8CVSS9.7AI score0.01458EPSS
Exploits1
Talos
Talos
added 2021/05/24 12:0 a.m.47 views

Trend Micro Inc. Home Network Security SFTP log collection server hard-coded password vulnerability

Summary A hard-coded password vulnerability exists in the SFTP Log Collection Server function of Trend Micro Inc.’s Home Network Security 6.1.567. A specially crafted network request can lead to arbitrary authentication. An attacker can send an unauthenticated message to trigger this vulnerabilit...

6.5CVSS6.9AI score0.0096EPSS
Exploits0
Talos
Talos
added 2021/04/21 12:0 a.m.47 views

Prusa Research PrusaSlicer Admesh stl_fix_normal_directions() out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the Admesh stlfixnormaldirections functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted AMF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS7.8AI score0.01274EPSS
Exploits1
Talos
Talos
added 2020/09/30 12:0 a.m.47 views

NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV_SAT code execution vulnerability

Summary An exploitable code execution vulnerability exists in the nvwg MOVSAT functionality of the NVIDIA D3D10 driver, version 442.50 - 26.21.14.4250. A specially crafted shader can cause remote code execution. An attacker can use this vulnerability to guest-to-host escape through Hyper-V...

7.8CVSS8AI score0.00359EPSS
Exploits0
Talos
Talos
added 2020/03/25 12:0 a.m.47 views

3S-Smart Software Solutions CODESYS GatewayService memory corruption vulnerability

Summary An exploitable memory corruption vulnerability exists in the Name Service Client functionality of 3S-Smart Software Solutions CODESYS GatewayService. A specially crafted packet can cause a large memcpy, resulting in an access violation and termination of the process. An attacker can send ...

7.5CVSS7.8AI score0.02154EPSS
Exploits1
Talos
Talos
added 2019/12/02 12:0 a.m.47 views

Accusoft ImageGear PNG IHDR width code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG header-parser of the Accusoft ImageGear 19.3.0 library. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to th...

9.8CVSS8.9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2019/08/06 12:0 a.m.47 views

MongoDB Server session reuse vulnerability

Summary An exploitable authentication vulnerability exists in MongoDB Server prior to version 4.0.9. Access to a MongoDB database server can be persisted after user deletion by reusing an established session of said user. Tested Versions MongoDB Server 4.0.5 MongoDB Server 3.4.18 Product URLs...

7.1CVSS6.9AI score0.01225EPSS
Exploits1
Talos
Talos
added 2018/12/06 12:0 a.m.47 views

Signal Messenger Android self deleting messages Information Disclosure Vulnerability

Summary Signal Messenger for Android 4.24.8 may expose private information when using “disappearing messages.” If a user uses the photo feature available in the “attach file” menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system...

4.7CVSS4.3AI score0.00507EPSS
Exploits1
Talos
Talos
added 2018/07/26 12:0 a.m.47 views

Samsung SmartThings Hub video-core credentials Parsing SQL Injection Vulnerability

Summary An exploitable JSON injection vulnerability exists in the credentials handler of video-core’s HTTP server of Samsung SmartThings Hub. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the...

8.8CVSS8.8AI score0.01553EPSS
Exploits2
Talos
Talos
added 2018/07/10 12:0 a.m.47 views

Antenna House Office Server Document Converter putShapeProperty Code Execution Vulnerability

Summary An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted Microsoft Word DOC document can lead to an out-of-bounds write, resulting in...

8.8CVSS8.2AI score0.02489EPSS
Exploits1
Talos
Talos
added 2018/06/19 12:0 a.m.47 views

Insteon Hub HTTPExecuteGet Parameters Extraction Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation unsafely extracts parameters from the query string, leading to a buffer overflow on the stack. An attacker can send an HTTP GET request to trigger...

9.9CVSS9.4AI score0.01293EPSS
Exploits2
Talos
Talos
added 2018/04/26 12:0 a.m.47 views

Hyland Perceptive Document Filters OpenDocument to JPEG conversion SkCanvas Code Execution vulnerability

Summary An exploitable double free exists in the OpenDocument to JPEG conversion functionality of the Hyland Perspective Document Filters version 11.4.0.2647. A crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution. Tested Versions Perceptive...

8.8CVSS8.9AI score0.02749EPSS
Exploits1
Talos
Talos
added 2018/03/28 12:0 a.m.47 views

Nvidia D3D10 Driver Pixel Shader Functionality Denial Of Service

Summary An exploitable denial-of-service vulnerability exists in the Nvidia D3D10 Driver 22.21.13.8607. A specially crafted pixel shader can cause a stack overflow exception, resulting in at least denial of service. An attacker can provide a specially crafted shader file either in binary or text...

5.5CVSS6.7AI score0.00411EPSS
Exploits0
Talos
Talos
added 2018/01/22 12:0 a.m.47 views

Leptonica gplotMakeOutput Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application...

7.8CVSS7.6AI score0.01452EPSS
Exploits1
Talos
Talos
added 2017/10/30 12:0 a.m.47 views

Computerinsel Photoline PCX Parsing Code Execution Vulnerability

Summary An memory corruption vulnerability exists in the .PCX parsing functionality of Computerinsel Photoline 20.02. A specially crafted .PCX file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .PCX file to trigger this vulnerability. Tested...

8.8CVSS8.2AI score0.01266EPSS
Exploits1
Talos
Talos
added 2017/07/24 12:0 a.m.47 views

FreeRDP Rdp Client Read Server Proprietary Certificate Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the...

6.5CVSS6.4AI score0.00953EPSS
Exploits1
Talos
Talos
added 2017/07/20 12:0 a.m.47 views

Corel PHOTO-PAINT X8 TIFF Filter Code Execution Vulnerability

Summary A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this...

8.8CVSS8.1AI score0.01207EPSS
Exploits1
Talos
Talos
added 2016/12/16 12:0 a.m.47 views

Tarantool Msgpuck mp_check Denial Of Service Vulnerability

Summary An exploitable incorrect return value vulnerability exists in the mpcheck function of Tarantool’s Msgpuck library 1.0.3. A specially crafted packet can cause the mpcheck function to incorrectly return success when trying to check if decoding a map16 packet will read outside the bounds of ...

7.5CVSS7.4AI score0.02825EPSS
Exploits2
Talos
Talos
added 2016/11/17 12:0 a.m.47 views

HDF5 Group libhdf5 H5Z_NBIT Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0177 HDF5 Group libhdf5 H5ZNBIT Code Execution Vulnerability November 17, 2016 CVE Number CVE-2016-4331 Description HDF5 is a file format that is maintained by a non-profit organization, The HDF Group. HDF5 is designed to be used for storage and organization ...

8.6CVSS0.4AI score0.00762EPSS
Exploits2
Talos
Talos
added 2016/08/09 12:0 a.m.47 views

Microsoft Windows PDF API Jpeg2000 csiz Remote Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0170 Microsoft Windows PDF API Jpeg2000 csiz Remote Code Execution Vulnerability August 9, 2016 CVE Number CVE-2016-3319 Description An exploitable out of bounds write vulnerability exists in the PDF parsing API in the latest versions of Microsoft Windows. A...

9.3CVSS7.6AI score0.18537EPSS
Exploits1
Talos
Talos
added 2016/08/04 12:0 a.m.47 views

Hancom Hangul HCell CSSValFormat::CheckUnderbar Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0151 Hancom Hangul HCell CSSValFormat::CheckUnderbar Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4296 Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul Office...

7.8CVSS7.8AI score0.02232EPSS
Exploits2
Talos
Talos
added 2024/11/21 12:0 a.m.46 views

MC Technologies MC LR Router web interface I/O configuration OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2024-1953 MC Technologies MC LR Router web interface I/O configuration OS command injection vulnerabilities November 21, 2024 CVE Number CVE-2024-28027,CVE-2024-28025,CVE-2024-28026 SUMMARY Three OS command injection vulnerabilities exist in the web interface I/O...

7.2CVSS8AI score0.07504EPSS
Exploits3
Talos
Talos
added 2024/07/08 12:0 a.m.46 views

Realtek rtl819x Jungle SDK configuration file mib_init_value_array heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1911 Realtek rtl819x Jungle SDK configuration file mibinitvaluearray heap-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2024-21778 SUMMARY A heap-based buffer overflow vulnerability exists in the configuration file mibinitvaluearray...

7.2CVSS7.7AI score0.00943EPSS
Exploits0
Talos
Talos
added 2024/06/26 12:0 a.m.46 views

Progress Software Corporation WhatsUp Gold TestController Chart denial of service vulnerability

Talos Vulnerability Report TALOS-2024-1934 Progress Software Corporation WhatsUp Gold TestController Chart denial of service vulnerability June 26, 2024 CVE Number CVE-2024-5011 SUMMARY An uncontrolled resource consumption vulnerability exists in the TestController Chart functionality of Progress...

7.5CVSS7.6AI score0.47092EPSS
Exploits0
Talos
Talos
added 2024/01/10 12:0 a.m.46 views

WWBN AVideo userRecoverPass.php recoverPass generation insufficient entropy vulnerability

Talos Vulnerability Report TALOS-2023-1896 WWBN AVideo userRecoverPass.php recoverPass generation insufficient entropy vulnerability January 10, 2024 CVE Number CVE-2023-49589 SUMMARY An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation functionality of...

8.8CVSS8.7AI score0.00947EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.46 views

GTKWave decompression OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2023-1786 GTKWave decompression OS command injection vulnerabilities January 8, 2024 CVE Number CVE-2023-35963,CVE-2023-35960,CVE-2023-35964,CVE-2023-35959,CVE-2023-35961,CVE-2023-35962 SUMMARY Multiple OS command injection vulnerabilities exist in the decompressi...

7.8CVSS8AI score0.01493EPSS
Exploits6
Talos
Talos
added 2023/11/27 12:0 a.m.46 views

Foxit Reader field value property type confusion vulnerability

Talos Vulnerability Report TALOS-2023-1838 Foxit Reader field value property type confusion vulnerability November 27, 2023 CVE Number CVE-2023-41257 SUMMARY A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties. A specially crafted Javascript...

8.8CVSS8.4AI score0.01627EPSS
Exploits0
Talos
Talos
added 2023/10/11 12:0 a.m.46 views

peplink Surf SOHO HW1 upload_brand.cgi cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2023-1781 peplink Surf SOHO HW1 uploadbrand.cgi cross-site scripting XSS vulnerability October 11, 2023 CVE Number CVE-2023-34354 SUMMARY A stored cross-site scripting XSS vulnerability exists in the uploadbrand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 in...

5.4CVSS4.8AI score0.0081EPSS
Exploits1
Talos
Talos
added 2023/09/25 12:0 a.m.46 views

Accusoft ImageGear CreateDIBfromPict out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1729 Accusoft ImageGear CreateDIBfromPict out-of-bounds write vulnerability September 25, 2023 CVE Number CVE-2023-23567 SUMMARY A heap-based buffer overflow vulnerability exists in the CreateDIBfromPict functionality of Accusoft ImageGear 20.1. A specially...

8.8CVSS8.7AI score0.0101EPSS
Exploits1
Total number of security vulnerabilities2224