Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2017/10/04 12:0 a.m.44 views

Computerinsel Photoline TGA Parsing Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the .TGA parsing functionality of Computerinsel Photoline 20.02. A specially crafted .TGA file can cause an out of bounds write resulting in potential code execution. An attacker can send a specific .TGA file to trigger this vulnerability. Teste...

8.8CVSS8.5AI score0.01761EPSS
Exploits2
Talos
Talos
added 2017/07/20 12:0 a.m.44 views

Corel PHOTO-PAINT X8 64-bit TIFF Filter Code Execution Vulnerability

Summary A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger...

8.8CVSS8AI score0.01154EPSS
Exploits1
Talos
Talos
added 2017/03/09 12:0 a.m.44 views

R PDF LoadEncoding Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this...

8.8CVSS8.5AI score0.02403EPSS
Exploits2
Talos
Talos
added 2017/02/27 12:0 a.m.44 views

Iceni Argus PDF Uninitialized WordStyle Color Length Code Execution Vulnerability

Summary An exploitable uninitialized variable vulnerability which leads to a stack-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF to XML a stack variable will be left uninitialized which will later be used to fetch a length that is used in a copy operatio...

9.3CVSS8.1AI score0.0225EPSS
Exploits2
Talos
Talos
added 2016/08/04 12:0 a.m.45 views

Hancom Hangul Office HShow!NXDeleteLineObj+0x47269 Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0147 Hancom Hangul Office HShow!NXDeleteLineObj+0x47269 Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4292 Description This vulnerability was discovered within the Hangul HShow application which is part of the Hangul Office Suite. Hangul...

7.8CVSS7.9AI score0.0209EPSS
Exploits2
Talos
Talos
added 2016/07/19 12:0 a.m.44 views

Oracle OIT ContentAccess libvs_mwkd VwStreamReadRecord Memory Corruption Vulnerability

Talos Vulnerability Report TALOS-2016-0157 Oracle OIT ContentAccess libvsmwkd VwStreamReadRecord Memory Corruption Vulnerability July 19, 2016 CVE Number CVE-2016-3591 Description Partially controlled memory write vulnerability exists in Mac Works Database file format parsing code of Oracle Outsi...

9CVSS8.4AI score0.0393EPSS
Exploits1
Talos
Talos
added 2016/06/21 12:0 a.m.44 views

Pidgin MXIT Contact Mood Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0141 Pidgin MXIT Contact Mood Denial of Service Vulnerability June 21, 2016 CVE Number CVE-2016-2373 DESCRIPTION A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could...

5.9CVSS6.3AI score0.023EPSS
Exploits1
Talos
Talos
added 2016/01/08 12:0 a.m.44 views

Apple Quicktime mdat Corruption Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0020 Apple Quicktime mdat Corruption Denial of Service Vulnerability January 8, 2016 CVE Number CVE-2015-7088 Description There is a denial of service vulnerability in Apple Quicktime. An attacker who can control the content of the mdat section of a .mov file...

6.8CVSS6.4AI score0.01691EPSS
Exploits0
Talos
Talos
added 2014/01/26 12:0 a.m.44 views

Pidgin for Windows URL Handling Remote Code Execution Vulnerability

Talos Vulnerability Report VRT-2013-1003 Pidgin for Windows URL Handling Remote Code Execution Vulnerability January 26, 2014 CVE Number CVE-2013-6486 Description An exploitable remote code execution vulnerability exists in Pidgin’s implementation of HTTP URL handling. An attacker can supply a...

9.3CVSS8.2AI score0.03847EPSS
Exploits0
Talos
Talos
added 2025/01/14 12:0 a.m.43 views

Wavlink AC3000 nas.cgi set_nas() proftpd Configuration Control Vulnerabilities

Talos Vulnerability Report TALOS-2024-2053 Wavlink AC3000 nas.cgi setnas proftpd Configuration Control Vulnerabilities January 14, 2025 CVE Number CVE-2024-39793,CVE-2024-39795,CVE-2024-39794 SUMMARY Multiple external config control vulnerabilities exist in the nas.cgi setnas proftpd functionalit...

9.1CVSS6.6AI score0.01457EPSS
Exploits3
Talos
Talos
added 2024/05/28 12:0 a.m.43 views

libigl readMSH improper array index validation vulnerability

Talos Vulnerability Report TALOS-2024-1926 libigl readMSH improper array index validation vulnerability May 28, 2024 CVE Number CVE-2024-23948,CVE-2024-23951,CVE-2024-23947,CVE-2024-23950,CVE-2024-23949 SUMMARY Multiple improper array index validation vulnerabilities exist in the readMSH...

8.8CVSS8.7AI score0.00916EPSS
Exploits0
Talos
Talos
added 2024/04/03 12:0 a.m.43 views

Open Automation Software OAS Platform OAS Engine File Data Source Configuration denial of service vulnerability

Talos Vulnerability Report TALOS-2024-1948 Open Automation Software OAS Platform OAS Engine File Data Source Configuration denial of service vulnerability April 3, 2024 CVE Number CVE-2024-24976 SUMMARY A denial of service vulnerability exists in the OAS Engine File Data Source Configuration...

4.9CVSS5.7AI score0.00901EPSS
Exploits1
Talos
Talos
added 2023/09/25 12:0 a.m.43 views

Accusoft ImageGear pictwread heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1760 Accusoft ImageGear pictwread heap-based buffer overflow vulnerability September 25, 2023 CVE Number CVE-2023-35002 SUMMARY A heap-based buffer overflow vulnerability exists in the pictwread functionality of Accusoft ImageGear 20.1. A specially crafted...

9.8CVSS9.4AI score0.01308EPSS
Exploits1
Talos
Talos
added 2022/12/01 12:0 a.m.43 views

Lansweeper lansweeper KnowledgebasePageActions.aspx ImportArticles directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1530 Lansweeper lansweeper KnowledgebasePageActions.aspx ImportArticles directory traversal vulnerability December 1, 2022 CVE Number CVE-2022-29511 SUMMARY A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles...

9.1CVSS6.9AI score0.02483EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.43 views

Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_abode_code OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1567 Abode Systems, Inc. iota All-In-One Security Kit web interface utilsetabodecode OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-27804 SUMMARY An os command injection vulnerability exists in the web interface utilsetabodecode...

9.8CVSS9.1AI score0.03635EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.43 views

Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities

Talos Vulnerability Report TALOS-2022-1583 Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities October 20, 2022 CVE Number CVE-2022-35879,CVE-2022-35878,CVE-2022-35881,CVE-2022-35880 SUMMARY Four format string injection vulnerabilities exist in th...

8.8CVSS8.4AI score0.00792EPSS
Exploits4
Talos
Talos
added 2022/05/25 12:0 a.m.43 views

Open Automation Software Platform Engine SecureConfigValues denial of service vulnerability

Summary A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability...

7.5CVSS7.8AI score0.0114EPSS
Exploits1
Talos
Talos
added 2022/02/23 12:0 a.m.43 views

Accusoft ImageGear TIFF YCbCr image parser out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the TIFF YCbCr image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.1...

9.8CVSS9AI score0.01885EPSS
Exploits1
Talos
Talos
added 2021/11/29 12:0 a.m.43 views

Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_RSA_KEY_REQUEST authentication bypass vulnerability

Talos Vulnerability Report TALOS-2021-1379 Anker Eufy Homebase 2 homesecurity CMDDEVICEGETRSAKEYREQUEST authentication bypass vulnerability November 29, 2021 CVE Number CVE-2021-21952 SUMMARY An authentication bypass vulnerability exists in the CMDDEVICEGETRSAKEYREQUEST functionality of the...

9.8CVSS9.6AI score0.01271EPSS
Exploits1
Talos
Talos
added 2021/11/15 12:0 a.m.43 views

Lantronix PremierWave 2050 Web Manager Applications and FsBrowse local file inclusion vulnerability

Summary A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted series of HTTP requests can lead to local file inclusion. An attacker can make a series of authenticated HTTP requests to...

6.8CVSS5.3AI score0.01203EPSS
Exploits1
Talos
Talos
added 2020/05/12 12:0 a.m.43 views

Adobe Acrobat Reader DC Javascript submitForm Remote Code Execution Vulnerability

Summary A specific JavaScript code embedded in a PDF file can lead to out of bounds memory access when opening a PDF document in Adobe Acrobat Reader DC 2020.006.20034. With careful memory manipulation, this can lead to sensitive information disclose as well as memory corruption which can lead to...

5.5CVSS7.4AI score0.02717EPSS
Exploits0
Talos
Talos
added 2019/08/19 12:0 a.m.43 views

Nest Labs Openweave Weave tool Print-TLV code execution vulnerability

Summary An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. A specially crafted weave TLV can trigger a stack-based buffer overflow, resulting in code execution. An attacker can trigger this vulnerability by convincing the user to open a specially crafted...

8.8CVSS8.5AI score0.02722EPSS
Exploits1
Talos
Talos
added 2019/04/25 12:0 a.m.43 views

Sierra Wireless AirLink ES450 ACEManager Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A HTTP request can result in disclosure of the default configuration for the device. An attacker can send an unauthenticated HTTP request to trigger this...

5.3CVSS5.6AI score0.11396EPSS
Exploits2
Talos
Talos
added 2019/01/14 12:0 a.m.43 views

Pixar Renderman Install Helper Arbitrary File Read Privilege Escalation Vulnerability

Summary A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X version of Pixar Renderman, version 22.2.0. A user with local access can use this vulnerability to read any root file from the file system. An attacker would need local access to the machine to...

7.1CVSS5.9AI score0.00522EPSS
Exploits1
Talos
Talos
added 2018/07/10 12:0 a.m.43 views

Adobe Acrobat Reader DC Collab newWrStreamToCosObj Remote Code Execution Vulnerability

Summary A specific JavaScript code embedded in a PDF file can lead to an object type confusion when opening a PDF document in Adobe Acrobat Reader DC 2018.011.20038. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim wou...

10CVSS9.6AI score0.08849EPSS
Exploits0
Talos
Talos
added 2018/06/19 12:0 a.m.43 views

Insteon Hub PubNub "cc" Channel Message Handler Multiple Global Overflow Code Execution Vulnerabilities

Summary Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the “cc” channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a buffer overflow on a global section overwriting arbitrary data...

9.5AI score
Exploits0
Talos
Talos
added 2018/06/19 12:0 a.m.43 views

Insteon Hub HTTPExecuteGet Firmware Update URL Parameter Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET reque...

9.9CVSS9.6AI score0.01438EPSS
Exploits2
Talos
Talos
added 2018/04/13 12:0 a.m.43 views

Moxa EDR-810 Web Server strcmp Multiple Denial of Service Vulnerabilities

Summary An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to “/MOXALOG.ini, /MOXACFG.ini, o...

7.5CVSS7.3AI score0.0219EPSS
Exploits4
Talos
Talos
added 2018/04/13 12:0 a.m.43 views

Moxa EDR-810 Web RSA Key Generation Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the rsakeyname= parm in the...

9CVSS9AI score0.04328EPSS
Exploits2
Talos
Talos
added 2017/12/19 12:0 a.m.43 views

VMware VNC Dynamic Resolution Request Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the remote management functionality of VMware . A specially crafted set of VNC packets can cause a heap overflow resulting in heap corruption. An attacker can create a VNC session to trigger this vulnerability. Tested Versions Vase,...

8.8CVSS8.9AI score0.03571EPSS
Exploits1
Talos
Talos
added 2017/11/13 12:0 a.m.43 views

Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0000 Information Disclosure Vulnerability

Summary An information disclosure vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 can allow for a user to retrieve sensitive information without authentication. Tested...

7.5CVSS7.7AI score0.01778EPSS
Exploits2
Talos
Talos
added 2017/10/31 12:0 a.m.43 views

Circle with Disney Goclient SSL TLD MITM Vulnerability

Summary An exploitable vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. SSL certificates for specific domain names can cause the goclient daemon to accept a different certificate than intended. An attacker can host an HTTPS server with this...

7.4CVSS6.1AI score0.00663EPSS
Exploits2
Talos
Talos
added 2017/08/30 12:0 a.m.43 views

Ledger CLI Account Directive Use-After-Free Vulnerability

Summary An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger th...

7.8CVSS7.8AI score0.01701EPSS
Exploits1
Talos
Talos
added 2017/08/28 12:0 a.m.43 views

Lexmark Perceptive Document Filters PDF GfxFont Code Execution Vulnerability

Lexmark Perceptive Document Filters PDF GfxFont Code Execution Vulnerability Summary An exploitable use-after-free exists in the PDF parsing functionality of the Lexmark Perspective Document Filters 11.3.0.2400 and 11.4.0.2452. A crafted PDF document can lead to a use-after-free resulting in dire...

8.8CVSS9.1AI score0.02303EPSS
Exploits1
Talos
Talos
added 2017/06/19 12:0 a.m.43 views

Foscam IP Video Camera CGIProxy.fcgi DNS2 Address Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...

8.8CVSS9.1AI score0.04527EPSS
Exploits1
Talos
Talos
added 2017/05/04 12:0 a.m.43 views

AntennaHouse DMC HTMLFilter FillRowFormat Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the FillRowFormat functionality of AntennaHouse DMC HTMLFilter that is shipped with MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide maliciou...

8.3CVSS8.4AI score0.01328EPSS
Exploits2
Talos
Talos
added 2017/04/21 12:0 a.m.43 views

Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability

Talos Vulnerability Report TALOS-2017-0231 Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability April 21, 2017 Report ID CVE-2016-8717 Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The devic...

9.1AI score0.0233EPSS
Exploits1
Talos
Talos
added 2017/04/10 12:0 a.m.43 views

Moxa AWK-3131A Web Application Nonce Reuse Vulnerability

Summary An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds. Teste...

8.1CVSS7.1AI score0.01353EPSS
Exploits2
Talos
Talos
added 2017/02/27 12:0 a.m.43 views

Iceni Argus PDF Font-Encoding GlyphMap Adjustment Code Execution Vulnerability

Summary An exploitable arbitrary heap-overwrite vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will explicitly trust an index within the specific font object and use it to write the font’s name to a single object within an array of objects. Due to ...

9.3CVSS8AI score0.01867EPSS
Exploits2
Talos
Talos
added 2017/01/20 12:0 a.m.43 views

Adobe Acrobat Reader DC jpeg decoder Remote Code Execution Vulnerability

Summary A use of uninitialized memory vulnerability exists in JPEG image file format decoding code of Adobe Acrobat Reader which ultimately leads to a heap-based buffer overflow which can be abused to achieve remote code execution. A specially crafted PDF file with an embedded JPEG can trigger th...

9.3CVSS8.6AI score0.09125EPSS
Exploits1
Talos
Talos
added 2017/01/09 12:0 a.m.43 views

Aerospike Database Server Index Name Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function assindexsimatchbyiname resulting in remote code execution. An attacker ca...

9.8CVSS9.7AI score0.077EPSS
Exploits2
Talos
Talos
added 2016/11/17 12:0 a.m.43 views

HDF5 Group libhdf5 H5T_COMPOUND Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0179 HDF5 Group libhdf5 H5TCOMPOUND Code Execution Vulnerability November 17, 2016 CVE Number CVE-2016-4333 Description HDF5 is a file format that is maintained by a non-profit organization, The HDF Group. HDF5 is designed to be used for storage and...

8.6CVSS8.6AI score0.00613EPSS
Exploits2
Talos
Talos
added 2016/08/04 12:0 a.m.43 views

Hancom Hangul Office HShow!NXDeleteLineObj+0x6960c Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0145 Hancom Hangul Office HShow!NXDeleteLineObj+0x6960c Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4290 Description This vulnerability was discovered within the Hangul HShow application which is part of the Hangul Office Suite. Hangul...

7.8CVSS7.9AI score0.02133EPSS
Exploits2
Talos
Talos
added 2016/07/18 12:0 a.m.43 views

Apple Image I/O EXR Color Component Remote Code Execution Vulnerability

SUMMARY An exploitable heap based buffer overflow exists in the handling of EXR images on OS X. A crafted EXR document can lead to a heap based buffer overflow resulting in remote code execution. Vulnerability can be triggered via a saved EXR file delivered by other means when opened in any...

10CVSS9.4AI score0.07418EPSS
Exploits2
Talos
Talos
added 2016/07/07 12:0 a.m.43 views

Symantec Norton Security IDSvix86 PE Remote System Denial of Service Vulnerability

SUMMARY A denial of service vulnerability exists in the Portable Executable file scanning functionality of Symantec Norton Security. A specially crafted PE file can cause an access violation in IDSvix86 kernel driver resulting in denial of service. An attacker can trigger this vulnerability for...

7.1CVSS5.4AI score0.02417EPSS
Exploits1
Talos
Talos
added 2016/02/05 12:0 a.m.43 views

Libgraphite directrun Opcode Handling Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0058 Libgraphite directrun Opcode Handling Code Execution Vulnerability February 5, 2016 CVE Number CVE-2016-1521 Description An exploitable out-of-bounds read vulnerability exists in the opcode handling functionality of Libgraphite. A specially crafted font...

8.8CVSS8AI score0.04065EPSS
Exploits0
Talos
Talos
added 2016/02/05 12:0 a.m.43 views

Libgraphite Bidirectional Font BracketPairStack Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0057 Libgraphite Bidirectional Font BracketPairStack Code Execution Vulnerability February 5, 2016 CVE Number CVE-2016-1522 Description An exploitable out-of-bounds access vulnerability exists in the bidirectional font handling functionality of Libgraphite. A...

9.3CVSS7.8AI score0.0831EPSS
Exploits1
Talos
Talos
added 2016/01/19 12:0 a.m.43 views

Network Time Protocol Private Mode 'reslist' NULL Pointer Dereference Vulnerability

Summary An unauthenticated ntpdc reslist command can cause a segmentation fault in ntpd by causing a NULL pointer dereference. The following conditions must be met: 1. Mode 7 must be enabled. By default, mode 7 is disabled. 2. A large enough number of entries must exist in the restrict list to...

5.9CVSS6.8AI score0.06295EPSS
Exploits0
Talos
Talos
added 2016/01/19 12:0 a.m.43 views

Network Time Protocol ntpq Control Protocol Replay Vulnerability

CERT VU357792 Summary The ntpq protocol is vulnerable to replay attacks. The sequence number being included under the signature fails to prevent replay attacks for two reasons. Commands that don’t require authentication can be used to move the sequence number forward, and NTP doesn’t actually car...

5.8CVSS6.1AI score0.04643EPSS
Exploits0
Talos
Talos
added 2016/01/19 12:0 a.m.43 views

Network Time Protocol ntpq Special Character Filtering Vulnerability

Summary The ntpq saveconfig command does not do adequate filtering of special characters from the supplied filename. Only back slash and forward slash are currently filtered out. There are other special characters that are allowed in the filename which can cause issues during globbing. In additio...

4.3CVSS6.3AI score0.03483EPSS
Exploits0
Total number of security vulnerabilities2224