Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2016/01/19 12:0 a.m.47 views

Network Time Protocol Private Mode 'reslist' Stack Memory Exhaustion Vulnerability

CERT VU357792 Summary An unauthenticated ntpdc reslist command can cause a segmentation fault in ntpd by exhausting the call stack. The following conditions must be met: 1. Mode 7 must be enabled. By default, mode 7 is disabled. 2. A large enough number of entries must be in the restrict lists to...

7.5CVSS6.9AI score0.09905EPSS
Exploits0
Talos
Talos
added 2024/07/23 12:0 a.m.46 views

NVIDIA GPU Compiler Driver Shader Functionality out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1956 NVIDIA GPU Compiler Driver Shader Functionality out-of-bounds read vulnerability July 23, 2024 CVE Number CVE-2024-0107 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA GPU Compiler Driver 551.61,...

7.8CVSS7.7AI score0.00455EPSS
Exploits0
Talos
Talos
added 2024/07/08 12:0 a.m.46 views

Realtek rtl819x Jungle SDK configuration file mib_init_value_array heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1911 Realtek rtl819x Jungle SDK configuration file mibinitvaluearray heap-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2024-21778 SUMMARY A heap-based buffer overflow vulnerability exists in the configuration file mibinitvaluearray...

7.2CVSS7.7AI score0.00943EPSS
Exploits0
Talos
Talos
added 2024/06/26 12:0 a.m.46 views

Progress Software Corporation WhatsUp Gold TestController Chart denial of service vulnerability

Talos Vulnerability Report TALOS-2024-1934 Progress Software Corporation WhatsUp Gold TestController Chart denial of service vulnerability June 26, 2024 CVE Number CVE-2024-5011 SUMMARY An uncontrolled resource consumption vulnerability exists in the TestController Chart functionality of Progress...

7.5CVSS7.6AI score0.47092EPSS
Exploits0
Talos
Talos
added 2024/02/20 12:0 a.m.46 views

The Biosig Project libbiosig sopen_FAMOS_read integer underflow to out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-1922 The Biosig Project libbiosig sopenFAMOSread integer underflow to out-of-bounds write vulnerability February 20, 2024 CVE Number CVE-2024-23313 SUMMARY An integer underflow vulnerability exists in the sopenFAMOSread functionality of The Biosig Project...

9.8CVSS9.5AI score0.01792EPSS
Exploits1
Talos
Talos
added 2024/01/10 12:0 a.m.46 views

WWBN AVideo userRecoverPass.php recoverPass generation insufficient entropy vulnerability

Talos Vulnerability Report TALOS-2023-1896 WWBN AVideo userRecoverPass.php recoverPass generation insufficient entropy vulnerability January 10, 2024 CVE Number CVE-2023-49589 SUMMARY An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation functionality of...

8.8CVSS8.7AI score0.00947EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.46 views

GTKWave decompression OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2023-1786 GTKWave decompression OS command injection vulnerabilities January 8, 2024 CVE Number CVE-2023-35963,CVE-2023-35960,CVE-2023-35964,CVE-2023-35959,CVE-2023-35961,CVE-2023-35962 SUMMARY Multiple OS command injection vulnerabilities exist in the decompressi...

7.8CVSS8AI score0.01493EPSS
Exploits6
Talos
Talos
added 2023/11/27 12:0 a.m.46 views

Foxit Reader field value property type confusion vulnerability

Talos Vulnerability Report TALOS-2023-1838 Foxit Reader field value property type confusion vulnerability November 27, 2023 CVE Number CVE-2023-41257 SUMMARY A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties. A specially crafted Javascript...

8.8CVSS8.4AI score0.01627EPSS
Exploits0
Talos
Talos
added 2023/09/25 12:0 a.m.46 views

Accusoft ImageGear CreateDIBfromPict out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1729 Accusoft ImageGear CreateDIBfromPict out-of-bounds write vulnerability September 25, 2023 CVE Number CVE-2023-23567 SUMMARY A heap-based buffer overflow vulnerability exists in the CreateDIBfromPict functionality of Accusoft ImageGear 20.1. A specially...

8.8CVSS8.7AI score0.0101EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.46 views

Milesight UR32L libzebra.so security_decrypt_password buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1715 Milesight UR32L libzebra.so securitydecryptpassword buffer overflow vulnerability July 6, 2023 CVE Number CVE-2023-24018 SUMMARY A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 securitydecryptpassword functionality of Milesigh...

8.8CVSS8.8AI score0.0148EPSS
Exploits1
Talos
Talos
added 2023/01/26 12:0 a.m.46 views

Siretta QUARTZ-GOLD httpd downfile.cgi directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1609 Siretta QUARTZ-GOLD httpd downfile.cgi directory traversal vulnerability January 26, 2023 CVE Number CVE-2022-38088 SUMMARY A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. ...

6.5CVSS5.8AI score0.02283EPSS
Exploits1
Talos
Talos
added 2022/12/01 12:0 a.m.46 views

Lansweeper lansweeper HdConfigActions.aspx altertextlanguages stored cross-site scripting vulnerability

Talos Vulnerability Report TALOS-2022-1532 Lansweeper lansweeper HdConfigActions.aspx altertextlanguages stored cross-site scripting vulnerability December 1, 2022 CVE Number CVE-2022-28703 SUMMARY A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages...

9.1CVSS5.9AI score0.0112EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.46 views

TCL LinkHub Mesh Wifi confctl_set_guest_wlan denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1502 TCL LinkHub Mesh Wifi confctlsetguestwlan denial of service vulnerability August 1, 2022 CVE Number CVE-2022-27660 SUMMARY A denial of service vulnerability exists in the confctlsetguestwlan functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A...

9.3CVSS7.8AI score0.00901EPSS
Exploits1
Talos
Talos
added 2022/06/30 12:0 a.m.46 views

Robustel R1510 web_server /action/remove/ API data removal vulnerability

Summary A data removal vulnerability exists in the webserver /action/remove/ API functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary file deletion. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions Robustel R151...

9.1CVSS8.9AI score0.35165EPSS
Exploits1
Talos
Talos
added 2022/06/15 12:0 a.m.46 views

Blynk Blynk-Library BlynkConsole.h runCommand stack-based buffer overflow vulnerability

Summary A stack-based buffer overflow vulnerability exists in the BlynkConsole.h runCommand functionality of Blynk -Library v1.0.1. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability. Tested Versions Blynk -Libra...

9.8CVSS9.8AI score0.01942EPSS
Exploits1
Talos
Talos
added 2022/05/25 12:0 a.m.46 views

Open Automation Software Platform Engine SecureTransferFiles information disclosure vulnerability

Summary An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger...

7.5CVSS6.4AI score0.01221EPSS
Exploits1
Talos
Talos
added 2022/05/05 12:0 a.m.46 views

Anker Eufy Homebase 2 libxm_av.so DemuxCmdInBuffer buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1480 Anker Eufy Homebase 2 libxmav.so DemuxCmdInBuffer buffer overflow vulnerability May 5, 2022 CVE Number CVE-2022-26073 SUMMARY A denial of service vulnerability exists in the libxmav.so DemuxCmdInBuffer functionality of Anker Eufy Homebase 2 2.1.8.5h. A...

7.4CVSS7.1AI score0.0071EPSS
Exploits1
Talos
Talos
added 2022/05/05 12:0 a.m.46 views

Anker Eufy Homebase 2 libxm_av.so getpeermac() authentication bypass vulnerability

Talos Vulnerability Report TALOS-2022-1479 Anker Eufy Homebase 2 libxmav.so getpeermac authentication bypass vulnerability May 5, 2022 CVE Number CVE-2022-25989 SUMMARY An authentication bypass vulnerability exists in the libxmav.so getpeermac functionality of Anker Eufy Homebase 2 2.1.8.5h. A...

8.8CVSS7.9AI score0.00989EPSS
Exploits1
Talos
Talos
added 2022/03/15 12:0 a.m.46 views

Leadtools fltSaveCMP integer overflow vulnerability

Summary An integer overflow vulnerability exists in the fltSaveCMP functionality of Leadtools 22. A specially-crafted BMP file can lead to an integer overflow, that in turn causes a buffer overflow. An attacker can provide a malicious BMP file to trigger this vulnerability. Tested Versions...

8.8CVSS8AI score0.00983EPSS
Exploits1
Talos
Talos
added 2022/02/01 12:0 a.m.46 views

Sealevel Systems, Inc. SeaConnect 370W Web Server information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger...

7.4CVSS5.8AI score0.00489EPSS
Exploits0
Talos
Talos
added 2022/01/27 12:0 a.m.46 views

Google Chrome MediaStreamTrackGenerator use after free vulnerability

Summary A potential code execution vulnerability exists in the MediaStreamTrackGenerator functionality of Google Chrome 94.0.4606.81 Stable and 97.0.4674.1 Canary. A specially-crafted web page can lead to use-after-free. An attacker can provide a malicious web site to trigger this vulnerability...

8.8CVSS9.1AI score0.01362EPSS
Exploits1
Talos
Talos
added 2021/10/18 12:0 a.m.46 views

ZTE MF971R xmlclient cross-site scripting vulnerability

Summary An exploitable Cross-Site-Scripting XSS vulnerability exists in ZTE MF971R LTE router version wainnerversion:BDPLKPLMF971R1V1.0.0B06. A specially-crafted HTTP request can cause an XSS vulnerability and as a result arbitrary JavaScript code execution in the victim’s browser. An attacker...

6.1CVSS6.5AI score0.00562EPSS
Exploits0
Talos
Talos
added 2021/06/01 12:0 a.m.46 views

Accusoft ImageGear JPG sof_nb_comp header processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the JPG sofnbcomp header processing functionality of Accusoft ImageGear 19.8 and 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions...

9.8CVSS9AI score0.01137EPSS
Exploits1
Talos
Talos
added 2021/06/01 12:0 a.m.46 views

Accusoft ImageGear PNG png_palette_process memory corruption vulnerability

Summary A memory corruption vulnerability exists in the PNG pngpaletteprocess functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide malicious inputs to trigger this vulnerability. Tested Versions Accusoft ImageGear...

8.8CVSS8.8AI score0.01004EPSS
Exploits1
Talos
Talos
added 2021/04/13 12:0 a.m.46 views

Microsoft Azure Sphere mqueue inode initialization kernel code execution vulnerability

Summary A code execution vulnerability exists in the mqueue inode initialization functionality of Microsoft Azure Sphere 21.01. A specially crafted set of syscalls can lead to uninitialized kernel read, which in turn leads to code execution in kernel. To trigger this vulnerability, an attacker ca...

9.3CVSS9.1AI score0.01216EPSS
Exploits1
Talos
Talos
added 2020/10/13 12:0 a.m.46 views

Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Data Segment Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

7.8CVSS7.3AI score0.03558EPSS
Exploits2
Talos
Talos
added 2020/08/04 12:0 a.m.46 views

SoftPerfect RAM Disk spvve.sys 0x222004 arbitrary file deletion vulnerability

Talos Vulnerability Report TALOS-2020-1121 SoftPerfect RAM Disk spvve.sys 0x222004 arbitrary file deletion vulnerability August 4, 2020 CVE Number CVE-2020-13522 SUMMARY An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O...

8.8CVSS7.2AI score0.00455EPSS
Exploits1
Talos
Talos
added 2020/05/12 12:0 a.m.46 views

Microsoft Office Excel s_Schema Code Execution Vulnerability

Talos Vulnerability Report TALOS-2020-1015 Microsoft Office Excel sSchema Code Execution Vulnerability May 12, 2020 CVE Number CVE-2020-0901 Summary An exploitable code execution vulnerability exists in the Excel sSchema functionality of Microsoft Corporation Microsoft Office 2001 build 12430.202...

9.8CVSS9AI score0.11563EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.46 views

LEADTOOLS DICOM UI Parsing Code Execution Vulnerability

Summary An exploitable heap out of bounds write vulnerability exists in the UI tag parsing functionality of the DICOM image format of LEADTOOLS 20. A specially crafted DICOM image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An...

8.8CVSS8.9AI score0.02456EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.46 views

Schneider Electric Modicon M580 malformed firmware image FTP upgrade denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the FTP firmware update function of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. A specially crafted firmware image can cause the device to enter a recoverable fault state, resulti...

4.9CVSS5.3AI score0.00959EPSS
Exploits0
Talos
Talos
added 2019/08/19 12:0 a.m.46 views

Nest Labs Nest Cam IQ Indoor Weave KeyError denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality of the Nest Cam IQ Indoor, version 4620002. A specially crafted weave packets can cause an arbitrary Weave Exchange Session to close, resulting in a denial of service. An attacker can send a...

7.8CVSS7.5AI score0.00488EPSS
Exploits1
Talos
Talos
added 2019/04/25 12:0 a.m.46 views

Sierra Wireless AirLink ES450 ACEManager Information Exposure Vulnerability

Summary An information disclosure vulnerability exists in the ACEManager authentication functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The ACEManager authentication functionality is done in plaintext XML to the web server. An attacker can listen to network traffic upstream from the devi...

7.5CVSS7.8AI score0.04011EPSS
Exploits3
Talos
Talos
added 2018/07/19 12:0 a.m.46 views

Foxit PDF Reader Javascript createTemplate nPage Remote Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick...

8.8CVSS8.5AI score0.02347EPSS
Exploits1
Talos
Talos
added 2018/07/19 12:0 a.m.46 views

ACD Systems Canvas Draw 4 PlanarConfiguration Heap Overflow Code Execution Vulnerability

Summary An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerabili...

8.8CVSS8.2AI score0.01455EPSS
Exploits1
Talos
Talos
added 2018/07/10 12:0 a.m.46 views

Antenna House Office Server Document Converter putlsttbl code execution vulnerability

Summary An exploitable stack-based buffer overflow exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted Microsoft Word DOC document can lead to a stack-based buffer overflow,...

8.8CVSS8.4AI score0.02525EPSS
Exploits1
Talos
Talos
added 2018/04/13 12:0 a.m.46 views

Moxa EDR-810 Server Agent Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability. Tested Versions Moxa...

7.5CVSS5.7AI score0.48138EPSS
Exploits2
Talos
Talos
added 2018/04/13 12:0 a.m.46 views

Moxa EDR-810 Plaintext Password Storage Vulnerability

Summary An password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. An attacker with shell access could extract passwords in clear text from the device. Tested Versions Moxa EDR-810 V4.1 build 17030317 Product URLs...

4.4CVSS4.6AI score0.0044EPSS
Exploits2
Talos
Talos
added 2018/01/11 12:0 a.m.46 views

Blender BKE_curve_bevelList_make Integer Overflow Code Execution Vulnerability

Summary An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygons. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...

8.8CVSS7.9AI score0.01824EPSS
Exploits1
Talos
Talos
added 2018/01/10 12:0 a.m.46 views

delayed_job_web rails gem XSS vulnerability

Summary An exploitable XSS vulnerability exists in the filter functionality of the delayedjobweb rails gem version 1.4. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim’s browser. An attacker can phish an authenticated...

6.1CVSS6.1AI score0.01012EPSS
Exploits3
Talos
Talos
added 2017/11/13 12:0 a.m.46 views

Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0002 Password Field Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. Tested Versions...

8.8CVSS8.3AI score0.01317EPSS
Exploits1
Talos
Talos
added 2017/10/31 12:0 a.m.46 views

Circle with Disney Firmware Update Command Injection Vulnerability

Summary An exploitable vulnerability exists in the firmware update functionality of Circle with Disney. Specially crafted network packets can cause the product to run an attacker-supplied shell script. An attacker can intercept and alter network traffic to trigger this vulnerability. Tested...

9.6CVSS7.7AI score0.00556EPSS
Exploits1
Talos
Talos
added 2017/10/26 12:0 a.m.46 views

Apache OpenOffice PPT PPTStyleSheet nLevel Code Execution Vulnerability

Summary An exploitable out of bound write vulnerability exists in the PPTStyleSheet::PPTStyleSheet functionality of Apache OpenOffice. A specially crafted PPT file can cause an out of bound write resulting in arbitrary code execution. An attacker can send/provide a malicious PPT file to trigger...

7.8CVSS7.7AI score0.02588EPSS
Exploits1
Talos
Talos
added 2017/10/04 12:0 a.m.46 views

Computerinsel Photoline SVG Parsing Code Execution Vulnerability

Summary An memory corruption vulnerability exists in the .SVG parsing functionality of Computerinsel Photoline 20.02. A specially crafted .SVG file can cause a vulnerability resulting in memory corruption, which can potentially lead to arbitrary code execution. An attacker can send a specific .SV...

8.8CVSS8.4AI score0.01835EPSS
Exploits2
Talos
Talos
added 2017/08/30 12:0 a.m.46 views

Gdk-Pixbuf TIFF tiff_image_parse Code Execution Vulnerability

Summary An exploitable integer overflow vulnerability exists in the tiffimageparse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this...

8.8CVSS8.3AI score0.02612EPSS
Exploits2
Talos
Talos
added 2017/06/22 12:0 a.m.46 views

InsideSecure MatrixSSL x509 certificate IssuerDomainPolicy Remote Code Execution Vulnerability

Summary An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a...

9.8CVSS9.1AI score0.02344EPSS
Exploits2
Talos
Talos
added 2017/06/19 12:0 a.m.46 views

Foscam IP Video Camera CGIProxy.fcgi SMTP Test Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during the SMTP configuration tes...

8.8CVSS9AI score0.07233EPSS
Exploits1
Talos
Talos
added 2017/04/10 12:0 a.m.46 views

Moxa AWK-3131A Web Application systemlog.log Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. Tested Versions Moxa AWK-3131...

5.3CVSS5.1AI score0.01301EPSS
Exploits2
Talos
Talos
added 2017/01/09 12:0 a.m.46 views

Aerospike Database Server Set Name Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchlistbysetbinid resulting in remote code execution. An...

9.8CVSS9.6AI score0.077EPSS
Exploits2
Talos
Talos
added 2016/06/14 12:0 a.m.46 views

Ruby WIN32OLE ole_invoke and ole_query_interface Type Confusion Vulnerabilities

Talos Vulnerability Report TALOS-2016-0029 Ruby WIN32OLE oleinvoke and olequeryinterface Type Confusion Vulnerabilities June 14, 2016 CVE Number CVE-2016-2336 DESCRIPTION Type Confusion exists in two methods of Ruby’s WIN32OLE class, oleinvoke and olequeryinterface. Attacker passing different typ...

9.8CVSS9.4AI score0.03291EPSS
Exploits2
Talos
Talos
added 2024/08/19 12:0 a.m.45 views

Microsoft Excel for macOS library injection vulnerability

Talos Vulnerability Report TALOS-2024-1976 Microsoft Excel for macOS library injection vulnerability August 19, 2024 CVE Number CVE-2024-43106 SUMMARY A library injection vulnerability exists in Microsoft Excel 16.83 for macOS. A specially crafted library can leverage Excel’s access privileges,...

9.1CVSS6.7AI score0.00722EPSS
Exploits1
Total number of security vulnerabilities2224