Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2018/07/26 12:0 a.m.44 views

Samsung SmartThings Hub video-core Database shard.videoHostURL Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core’s HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the shard.videoHostURL field from its SQLite database, leading to a buffer overflow on th...

8.2CVSS8.3AI score0.0041EPSS
Exploits2
Talos
Talos
added 2018/07/19 12:0 a.m.44 views

ACD Systems Canvas Draw 4 IO Metadata Out-of-Bounds Write Code Execution Vulnerability

Summary An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this...

8.8CVSS7.9AI score0.01444EPSS
Exploits1
Talos
Talos
added 2018/07/10 12:0 a.m.44 views

Adobe Acrobat Reader DC Collab newWrStreamToCosObj Remote Code Execution Vulnerability

Summary A specific JavaScript code embedded in a PDF file can lead to an object type confusion when opening a PDF document in Adobe Acrobat Reader DC 2018.011.20038. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim wou...

10CVSS9.6AI score0.08849EPSS
Exploits0
Talos
Talos
added 2018/04/13 12:0 a.m.44 views

Moxa EDR-810 Web Server Cross-Site Request Forgery Vulnerability

Summary An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP packet can cause cross-site request forgery. An attacker can create malicious HTML to trigger this vulnerability. Tested Versions Mo...

8.8CVSS8.9AI score0.01011EPSS
Exploits2
Talos
Talos
added 2018/04/11 12:0 a.m.44 views

Computerinsel Photoline TIFF Bits Per Pixel Parsing Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the TIFF parsing functionality of Computerinsel Photoline 20.53. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this...

8.8CVSS8.2AI score0.01036EPSS
Exploits1
Talos
Talos
added 2018/01/10 12:0 a.m.44 views

rails_admin rails gem XSS vulnerability

Summary An exploitable XSS vulnerability exists in the add filter functionality of the railsadmin rails gem version 1.2.0. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim’s browser. An attacker can phish an...

6.1CVSS6.1AI score0.01279EPSS
Exploits3
Talos
Talos
added 2017/12/19 12:0 a.m.44 views

VMware VNC Pointer Decode Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the remote management functionality of VMware . A specially crafted set of VNC packets can cause a type confusion resulting in stack overwrite, which could lead to code execution. An attacker can initiate a VNC session to trigger this...

8.8CVSS8.9AI score0.03157EPSS
Exploits1
Talos
Talos
added 2017/11/13 12:0 a.m.44 views

Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0000 Information Disclosure Vulnerability

Summary An information disclosure vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 can allow for a user to retrieve sensitive information without authentication. Tested...

7.5CVSS7.7AI score0.01778EPSS
Exploits2
Talos
Talos
added 2017/10/04 12:0 a.m.44 views

Computerinsel Photoline TGA Parsing Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the .TGA parsing functionality of Computerinsel Photoline 20.02. A specially crafted .TGA file can cause an out of bounds write resulting in potential code execution. An attacker can send a specific .TGA file to trigger this vulnerability. Teste...

8.8CVSS8.5AI score0.01761EPSS
Exploits2
Talos
Talos
added 2017/05/04 12:0 a.m.44 views

AntennaHouse DMC HTMLFilter FillRowFormat Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the FillRowFormat functionality of AntennaHouse DMC HTMLFilter that is shipped with MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide maliciou...

8.3CVSS8.4AI score0.01328EPSS
Exploits2
Talos
Talos
added 2017/03/09 12:0 a.m.44 views

R PDF LoadEncoding Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this...

8.8CVSS8.5AI score0.02403EPSS
Exploits2
Talos
Talos
added 2017/02/27 12:0 a.m.44 views

Iceni Argus PDF Uninitialized WordStyle Color Length Code Execution Vulnerability

Summary An exploitable uninitialized variable vulnerability which leads to a stack-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF to XML a stack variable will be left uninitialized which will later be used to fetch a length that is used in a copy operatio...

9.3CVSS8.1AI score0.0225EPSS
Exploits2
Talos
Talos
added 2016/08/04 12:0 a.m.45 views

Hancom Hangul Office HShow!NXDeleteLineObj+0x47269 Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0147 Hancom Hangul Office HShow!NXDeleteLineObj+0x47269 Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4292 Description This vulnerability was discovered within the Hangul HShow application which is part of the Hangul Office Suite. Hangul...

7.8CVSS7.9AI score0.0209EPSS
Exploits2
Talos
Talos
added 2016/08/04 12:0 a.m.44 views

Hancom Hangul Office HShow!NXDeleteLineObj+0x6960c Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0145 Hancom Hangul Office HShow!NXDeleteLineObj+0x6960c Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4290 Description This vulnerability was discovered within the Hangul HShow application which is part of the Hangul Office Suite. Hangul...

7.8CVSS7.9AI score0.02133EPSS
Exploits2
Talos
Talos
added 2016/07/19 12:0 a.m.44 views

Oracle OIT ContentAccess libvs_mwkd VwStreamReadRecord Memory Corruption Vulnerability

Talos Vulnerability Report TALOS-2016-0157 Oracle OIT ContentAccess libvsmwkd VwStreamReadRecord Memory Corruption Vulnerability July 19, 2016 CVE Number CVE-2016-3591 Description Partially controlled memory write vulnerability exists in Mac Works Database file format parsing code of Oracle Outsi...

9CVSS8.4AI score0.0393EPSS
Exploits1
Talos
Talos
added 2016/06/21 12:0 a.m.44 views

Pidgin MXIT Contact Mood Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0141 Pidgin MXIT Contact Mood Denial of Service Vulnerability June 21, 2016 CVE Number CVE-2016-2373 DESCRIPTION A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could...

5.9CVSS6.3AI score0.023EPSS
Exploits1
Talos
Talos
added 2016/01/08 12:0 a.m.44 views

Apple Quicktime mdat Corruption Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0020 Apple Quicktime mdat Corruption Denial of Service Vulnerability January 8, 2016 CVE Number CVE-2015-7088 Description There is a denial of service vulnerability in Apple Quicktime. An attacker who can control the content of the mdat section of a .mov file...

6.8CVSS6.4AI score0.01691EPSS
Exploits0
Talos
Talos
added 2014/01/26 12:0 a.m.44 views

Pidgin for Windows URL Handling Remote Code Execution Vulnerability

Talos Vulnerability Report VRT-2013-1003 Pidgin for Windows URL Handling Remote Code Execution Vulnerability January 26, 2014 CVE Number CVE-2013-6486 Description An exploitable remote code execution vulnerability exists in Pidgin’s implementation of HTTP URL handling. An attacker can supply a...

9.3CVSS8.2AI score0.03847EPSS
Exploits0
Talos
Talos
added 2025/01/14 12:0 a.m.43 views

Wavlink AC3000 nas.cgi set_nas() proftpd Configuration Control Vulnerabilities

Talos Vulnerability Report TALOS-2024-2053 Wavlink AC3000 nas.cgi setnas proftpd Configuration Control Vulnerabilities January 14, 2025 CVE Number CVE-2024-39793,CVE-2024-39795,CVE-2024-39794 SUMMARY Multiple external config control vulnerabilities exist in the nas.cgi setnas proftpd functionalit...

9.1CVSS6.6AI score0.01457EPSS
Exploits3
Talos
Talos
added 2024/05/28 12:0 a.m.43 views

libigl readMSH improper array index validation vulnerability

Talos Vulnerability Report TALOS-2024-1926 libigl readMSH improper array index validation vulnerability May 28, 2024 CVE Number CVE-2024-23948,CVE-2024-23951,CVE-2024-23947,CVE-2024-23950,CVE-2024-23949 SUMMARY Multiple improper array index validation vulnerabilities exist in the readMSH...

8.8CVSS8.7AI score0.00916EPSS
Exploits0
Talos
Talos
added 2024/02/06 12:0 a.m.43 views

TP-Link ER7206 Omada Gigabit VPN Router uhttpd Wireguard VPN command injection vulnerability

Talos Vulnerability Report TALOS-2023-1857 TP-Link ER7206 Omada Gigabit VPN Router uhttpd Wireguard VPN command injection vulnerability February 6, 2024 CVE Number CVE-2023-46683 SUMMARY A post authentication command injection vulnerability exists when configuring the wireguard VPN functionality ...

7.2CVSS7.7AI score0.03442EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.43 views

GTKWave FST fstReaderIterBlocks2 chain_table allocation integer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1798 GTKWave FST fstReaderIterBlocks2 chaintable allocation integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-36915,CVE-2023-36916 SUMMARY Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chaintable allocation...

7.8CVSS8.1AI score0.00436EPSS
Exploits2
Talos
Talos
added 2023/10/12 12:0 a.m.43 views

SoftEther VPN ClientConnect() information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1768 SoftEther VPN ClientConnect information disclosure vulnerability October 12, 2023 CVE Number CVE-2023-31192 SUMMARY An information disclosure vulnerability exists in the ClientConnect functionality of SoftEther VPN 5.01.9674. A specially crafted network...

5.3CVSS5.6AI score0.00976EPSS
Exploits1
Talos
Talos
added 2023/05/10 12:0 a.m.43 views

Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1681 Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability May 10, 2023 CVE Number CVE-2022-46377,CVE-2022-46378 SUMMARY An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of...

7.5CVSS7AI score0.0148EPSS
Exploits2
Talos
Talos
added 2023/01/26 12:0 a.m.43 views

Siretta QUARTZ-GOLD httpd downfile.cgi stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1608 Siretta QUARTZ-GOLD httpd downfile.cgi stack-based buffer overflow vulnerability January 26, 2023 CVE Number CVE-2022-38459 SUMMARY A stack-based buffer overflow vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD...

8.8CVSS8.1AI score0.03861EPSS
Exploits1
Talos
Talos
added 2022/12/01 12:0 a.m.43 views

Lansweeper lansweeper KnowledgebasePageActions.aspx ImportArticles directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1530 Lansweeper lansweeper KnowledgebasePageActions.aspx ImportArticles directory traversal vulnerability December 1, 2022 CVE Number CVE-2022-29511 SUMMARY A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles...

9.1CVSS6.9AI score0.02483EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.43 views

Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_abode_code OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1567 Abode Systems, Inc. iota All-In-One Security Kit web interface utilsetabodecode OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-27804 SUMMARY An os command injection vulnerability exists in the web interface utilsetabodecode...

9.8CVSS9.1AI score0.03635EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.43 views

Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities

Talos Vulnerability Report TALOS-2022-1583 Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities October 20, 2022 CVE Number CVE-2022-35879,CVE-2022-35878,CVE-2022-35881,CVE-2022-35880 SUMMARY Four format string injection vulnerabilities exist in th...

8.8CVSS8.4AI score0.00792EPSS
Exploits4
Talos
Talos
added 2022/05/25 12:0 a.m.43 views

Open Automation Software Platform Engine SecureConfigValues denial of service vulnerability

Summary A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability...

7.5CVSS7.8AI score0.0114EPSS
Exploits1
Talos
Talos
added 2022/02/23 12:0 a.m.43 views

Accusoft ImageGear TIFF YCbCr image parser out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the TIFF YCbCr image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.1...

9.8CVSS9AI score0.01885EPSS
Exploits1
Talos
Talos
added 2021/11/29 12:0 a.m.43 views

Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_RSA_KEY_REQUEST authentication bypass vulnerability

Talos Vulnerability Report TALOS-2021-1379 Anker Eufy Homebase 2 homesecurity CMDDEVICEGETRSAKEYREQUEST authentication bypass vulnerability November 29, 2021 CVE Number CVE-2021-21952 SUMMARY An authentication bypass vulnerability exists in the CMDDEVICEGETRSAKEYREQUEST functionality of the...

9.8CVSS9.6AI score0.01271EPSS
Exploits1
Talos
Talos
added 2021/11/15 12:0 a.m.43 views

Lantronix PremierWave 2050 Web Manager Applications and FsBrowse local file inclusion vulnerability

Summary A local file inclusion vulnerability exists in the Web Manager Applications and FsBrowse functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted series of HTTP requests can lead to local file inclusion. An attacker can make a series of authenticated HTTP requests to...

6.8CVSS5.3AI score0.01203EPSS
Exploits1
Talos
Talos
added 2021/11/15 12:0 a.m.43 views

Lantronix PremierWave 2050 Web Manager FsCopyFile directory traversal vulnerability

Summary A directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to local file inclusion. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested...

7.2CVSS6.8AI score0.02386EPSS
Exploits1
Talos
Talos
added 2020/05/12 12:0 a.m.43 views

Adobe Acrobat Reader DC Javascript submitForm Remote Code Execution Vulnerability

Summary A specific JavaScript code embedded in a PDF file can lead to out of bounds memory access when opening a PDF document in Adobe Acrobat Reader DC 2020.006.20034. With careful memory manipulation, this can lead to sensitive information disclose as well as memory corruption which can lead to...

5.5CVSS7.4AI score0.02717EPSS
Exploits0
Talos
Talos
added 2019/08/19 12:0 a.m.43 views

Nest Labs Openweave Weave tool Print-TLV code execution vulnerability

Summary An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. A specially crafted weave TLV can trigger a stack-based buffer overflow, resulting in code execution. An attacker can trigger this vulnerability by convincing the user to open a specially crafted...

8.8CVSS8.5AI score0.02722EPSS
Exploits1
Talos
Talos
added 2019/04/25 12:0 a.m.43 views

Sierra Wireless AirLink ES450 ACEManager Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A HTTP request can result in disclosure of the default configuration for the device. An attacker can send an unauthenticated HTTP request to trigger this...

5.3CVSS5.6AI score0.11396EPSS
Exploits2
Talos
Talos
added 2019/01/14 12:0 a.m.43 views

Pixar Renderman Install Helper Arbitrary File Read Privilege Escalation Vulnerability

Summary A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X version of Pixar Renderman, version 22.2.0. A user with local access can use this vulnerability to read any root file from the file system. An attacker would need local access to the machine to...

7.1CVSS5.9AI score0.00522EPSS
Exploits1
Talos
Talos
added 2018/06/19 12:0 a.m.43 views

Insteon Hub PubNub "cc" Channel Message Handler Multiple Global Overflow Code Execution Vulnerabilities

Summary Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the “cc” channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a buffer overflow on a global section overwriting arbitrary data...

9.5AI score
Exploits0
Talos
Talos
added 2018/06/19 12:0 a.m.43 views

Insteon Hub HTTPExecuteGet Firmware Update URL Parameter Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET reque...

9.9CVSS9.6AI score0.01438EPSS
Exploits2
Talos
Talos
added 2018/04/13 12:0 a.m.43 views

Moxa EDR-810 Web Server strcmp Multiple Denial of Service Vulnerabilities

Summary An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to “/MOXALOG.ini, /MOXACFG.ini, o...

7.5CVSS7.3AI score0.0219EPSS
Exploits4
Talos
Talos
added 2018/04/13 12:0 a.m.43 views

Moxa EDR-810 Web RSA Key Generation Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the rsakeyname= parm in the...

9CVSS9AI score0.04328EPSS
Exploits2
Talos
Talos
added 2017/12/19 12:0 a.m.43 views

VMware VNC Dynamic Resolution Request Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the remote management functionality of VMware . A specially crafted set of VNC packets can cause a heap overflow resulting in heap corruption. An attacker can create a VNC session to trigger this vulnerability. Tested Versions Vase,...

8.8CVSS8.9AI score0.03571EPSS
Exploits1
Talos
Talos
added 2017/10/31 12:0 a.m.43 views

Circle with Disney Goclient SSL TLD MITM Vulnerability

Summary An exploitable vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. SSL certificates for specific domain names can cause the goclient daemon to accept a different certificate than intended. An attacker can host an HTTPS server with this...

7.4CVSS6.1AI score0.00663EPSS
Exploits2
Talos
Talos
added 2017/08/30 12:0 a.m.43 views

Ledger CLI Account Directive Use-After-Free Vulnerability

Summary An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger th...

7.8CVSS7.8AI score0.01701EPSS
Exploits1
Talos
Talos
added 2017/08/28 12:0 a.m.43 views

Lexmark Perceptive Document Filters PDF GfxFont Code Execution Vulnerability

Lexmark Perceptive Document Filters PDF GfxFont Code Execution Vulnerability Summary An exploitable use-after-free exists in the PDF parsing functionality of the Lexmark Perspective Document Filters 11.3.0.2400 and 11.4.0.2452. A crafted PDF document can lead to a use-after-free resulting in dire...

8.8CVSS9.1AI score0.02303EPSS
Exploits1
Talos
Talos
added 2017/06/19 12:0 a.m.43 views

Foscam IP Video Camera CGIProxy.fcgi DNS2 Address Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...

8.8CVSS9.1AI score0.04527EPSS
Exploits1
Talos
Talos
added 2017/04/21 12:0 a.m.43 views

Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability

Talos Vulnerability Report TALOS-2017-0231 Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability April 21, 2017 Report ID CVE-2016-8717 Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The devic...

9.1AI score0.0233EPSS
Exploits1
Talos
Talos
added 2017/04/10 12:0 a.m.43 views

Moxa AWK-3131A Web Application Nonce Reuse Vulnerability

Summary An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds. Teste...

8.1CVSS7.1AI score0.01353EPSS
Exploits2
Talos
Talos
added 2017/02/27 12:0 a.m.43 views

Iceni Argus PDF Font-Encoding GlyphMap Adjustment Code Execution Vulnerability

Summary An exploitable arbitrary heap-overwrite vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will explicitly trust an index within the specific font object and use it to write the font’s name to a single object within an array of objects. Due to ...

9.3CVSS8AI score0.01867EPSS
Exploits2
Talos
Talos
added 2017/01/20 12:0 a.m.43 views

Adobe Acrobat Reader DC jpeg decoder Remote Code Execution Vulnerability

Summary A use of uninitialized memory vulnerability exists in JPEG image file format decoding code of Adobe Acrobat Reader which ultimately leads to a heap-based buffer overflow which can be abused to achieve remote code execution. A specially crafted PDF file with an embedded JPEG can trigger th...

9.3CVSS8.6AI score0.09125EPSS
Exploits1
Total number of security vulnerabilities2224