Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2023/07/06 12:0 a.m.40 views

Milesight UR32L vtysh_ubus _get_fw_logs OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1712 Milesight UR32L vtyshubus getfwlogs OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22299 SUMMARY An OS command injection vulnerability exists in the vtyshubus getfwlogs functionality of Milesight UR32L v32.3.0.5. A specially crafted...

8.8CVSS8.9AI score0.03634EPSS
Exploits1
Talos
Talos
added 2023/04/13 12:0 a.m.40 views

Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability

Talos Vulnerability Report TALOS-2023-1692 Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability April 13, 2023 CVE Number CVE-2023-0896 SUMMARY A hard-coded password vulnerability exists in the SSH, telnet functionality of Lenovo Group Ltd. Smart Clock Essential 4.9.113. ...

8.8CVSS8.9AI score0.00405EPSS
Exploits0
Talos
Talos
added 2023/01/26 12:0 a.m.40 views

Siretta QUARTZ-GOLD m2m DELETE_FILE cmd OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1638 Siretta QUARTZ-GOLD m2m DELETEFILE cmd OS command injection vulnerability January 26, 2023 CVE Number CVE-2022-40222 SUMMARY An OS command injection vulnerability exists in the m2m DELETEFILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-14102...

9.8CVSS9.6AI score0.043EPSS
Exploits1
Talos
Talos
added 2022/11/22 12:0 a.m.40 views

Callback technologies CBFS Filter handle_ioctl_0x830a0_systembuffer null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2022-1649 Callback technologies CBFS Filter handleioctl0x830a0systembuffer null pointer dereference vulnerability November 22, 2022 CVE Number CVE-2022-43590 SUMMARY A null pointer dereference vulnerability exists in the handleioctl0x830a0systembuffer functionalit...

6.2CVSS5.7AI score0.00329EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.40 views

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory* authentication bypass vulnerability

Talos Vulnerability Report TALOS-2022-1554 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory authentication bypass vulnerability October 20, 2022 CVE Number CVE-2022-29477 SUMMARY An authentication bypass vulnerability exists in the web interface /action/factory...

9.8CVSS9.2AI score0.01218EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.40 views

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost integer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1564 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost integer overflow vulnerability October 20, 2022 CVE Number CVE-2022-32775 SUMMARY An integer overflow vulnerability exists in the web interface /action/ipcamRecordPost...

9CVSS8.8AI score0.01441EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.40 views

WWBN AVideo all cross-site request forgery (csrf) vulnerability

Talos Vulnerability Report TALOS-2022-1534 WWBN AVideo all cross-site request forgery csrf vulnerability August 16, 2022 CVE Number CVE-2022-29468 SUMMARY A cross-site request forgery CSRF vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request ca...

8.8CVSS9AI score0.01439EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.40 views

TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1483 TCL LinkHub Mesh Wi-Fi confsrv ucloudsetnodelocation stack-based buffer overflow vulnerability August 1, 2022 CVE Number CVE-2022-26009 SUMMARY A stack-based buffer overflow vulnerability exists in the confsrv ucloudsetnodelocation functionality of TCL...

9.8CVSS9.5AI score0.01109EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.40 views

TCL LinkHub Mesh Wi-Fi confsrv confctl_set_app_language stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1462 TCL LinkHub Mesh Wi-Fi confsrv confctlsetapplanguage stack-based buffer overflow vulnerability August 1, 2022 CVE Number CVE-2022-23103 SUMMARY A stack-based buffer overflow vulnerability exists in the confsrv confctlsetapplanguage functionality of TCL...

9.8CVSS9.6AI score0.01118EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.40 views

TCL LinkHub Mesh Wifi libcommonprod.so prod_change_root_passwd hard-coded password vulnerability

Talos Vulnerability Report TALOS-2022-1459 TCL LinkHub Mesh Wifi libcommonprod.so prodchangerootpasswd hard-coded password vulnerability August 1, 2022 CVE Number CVE-2022-22144 SUMMARY A hard-coded password vulnerability exists in the libcommonprod.so prodchangerootpasswd functionality of TCL...

9.8CVSS8.8AI score0.00828EPSS
Exploits1
Talos
Talos
added 2022/05/10 12:0 a.m.40 views

InHand Networks InRouter302 router configuration export information disclosure vulnerability

Summary An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions...

6.5CVSS6.3AI score0.00651EPSS
Exploits1
Talos
Talos
added 2022/05/10 12:0 a.m.40 views

InHand Networks InRouter302 iburn firmware checks firmware update vulnerability

Summary A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions InHand Network...

9.9CVSS6.6AI score0.0125EPSS
Exploits1
Talos
Talos
added 2022/05/10 12:0 a.m.40 views

ESTsoft Alyac PE section headers out of bounds read

Talos Vulnerability Report TALOS-2022-1452 ESTsoft Alyac PE section headers out of bounds read May 10, 2022 CVE Number CVE-2022-21147 SUMMARY An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this...

5.5CVSS5.3AI score0.00638EPSS
Exploits1
Talos
Talos
added 2021/11/29 12:0 a.m.40 views

Anker Eufy Homebase 2 home_security get_aes_key_info_by_packetid() authentication bypass vulnerability

Talos Vulnerability Report TALOS-2021-1382 Anker Eufy Homebase 2 homesecurity getaeskeyinfobypacketid authentication bypass vulnerability November 29, 2021 CVE Number CVE-2021-21955 SUMMARY An authentication bypass vulnerability exists in the getaeskeyinfobypacketid function of the homesecurity...

7.7CVSS7.9AI score0.00978EPSS
Exploits1
Talos
Talos
added 2021/11/17 12:0 a.m.40 views

LibreCad libdxfrw dxfRW::processLType() use-after-free vulnerability

Talos Vulnerability Report TALOS-2021-1351 LibreCad libdxfrw dxfRW::processLType use-after-free vulnerability November 17, 2021 CVE Number CVE-2021-21900 SUMMARY A code execution vulnerability exists in the dxfRW::processLType functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A...

8.8CVSS8.8AI score0.02465EPSS
Exploits1
Talos
Talos
added 2021/11/15 12:0 a.m.40 views

Lantronix PremierWave 2050 Web Manager FSBrowsePage directory traversal vulnerability

Summary A directory traversal vulnerability exists in the Web Manager FSBrowsePage functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially crafted HTTP request can lead to information disclosure. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested...

4.3CVSS4.2AI score0.01876EPSS
Exploits1
Talos
Talos
added 2020/10/14 12:0 a.m.40 views

F2fs-Tools F2fs.Fsck init_node_manager Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the initnodemanager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability. Tested Version...

5.5CVSS5.2AI score0.01514EPSS
Exploits1
Talos
Talos
added 2019/11/12 12:0 a.m.40 views

Microsoft Media Foundation CMP4MetadataHandler AddQTMetadata Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the mfmp4srcsnk.dll of Microsoft Media Foundation. A specially crafted QuickTime file can cause a Use-After-Free, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the...

9.3CVSS7.9AI score0.12956EPSS
Exploits0
Talos
Talos
added 2019/08/19 12:0 a.m.40 views

Nest Labs Nest Cam IQ Indoor Weave TCP connection denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Weave daemon of the Nest Cam IQ Indoor, version 4620002. A set of TCP connections can cause unrestricted resource allocation, resulting in a denial of service. An attacker can connect multiple times to trigger this vulnerability...

7.8CVSS6.2AI score0.00673EPSS
Exploits1
Talos
Talos
added 2019/01/03 12:0 a.m.40 views

Apple IntelHD5000 Graphics Delete Resource Privilege Escalation Vulnerability

Summary A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds access inside of the KEXT leading to a use after free and invalid memory...

9.3CVSS7.3AI score0.00895EPSS
Exploits0
Talos
Talos
added 2018/07/26 12:0 a.m.40 views

Samsung SmartThings Hub video-core Database clips Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core’s HTTP server of Samsung SmartThings Hub. The video-core process insecurely extracts the fields from the “clips” table of its SQLite database, leading to a buffer overflow on...

9.9CVSS9.2AI score0.00946EPSS
Exploits2
Talos
Talos
added 2018/07/11 12:0 a.m.40 views

Computerinsel Photoline PCX Run Length Encoding Code Execution Vulnerability

Summary A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.54. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this...

8.8CVSS8AI score0.01484EPSS
Exploits1
Talos
Talos
added 2018/07/10 12:0 a.m.40 views

Antenna House Office Server Document Converter GetShapePropery 0x105 code execution vulnerability

Summary An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 6,1,2018,0312. A crafted Microsoft Word DOC document can lead to an out-of-bounds write, resulting in...

8.8CVSS8.3AI score0.02035EPSS
Exploits1
Talos
Talos
added 2018/04/04 12:0 a.m.40 views

Natus Xltek EEG NeuroWorks NewProducerStream Use of Return Value Denial of Service Vulnerability

Summary An exploitable Denial of Service vulnerability exists in the use of a return value in the NewProducerStream command in Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out of bounds read resulting in a denial of service. An attacker can send a malicious packet to...

7.5CVSS7.6AI score0.01448EPSS
Exploits0
Talos
Talos
added 2018/01/09 12:0 a.m.40 views

CPP-Ethereum JSON-RPC miner_setEtherbase improper authorization Vulnerability

Summary An exploitable improper authorization vulnerability exists in minersetEtherbase API of cpp-ethereum’s JSON-RPC commit 4e1015743b95821849d001618a7ce82c7c073768. A JSON request can cause an access to the restricted functionality resulting in authorization bypass. An attacker can send JSON t...

8.1CVSS7.5AI score0.01591EPSS
Exploits2
Talos
Talos
added 2017/11/15 12:0 a.m.40 views

libxls xls_preparseWorkSheet MULBLANK Code Execution Vulnerability

Summary An exploitable integer overflow vulnerability exists in the xlspreparseWorkSheet function of libxls 1.4 when handling a MULBLANK record. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this...

8.8CVSS9AI score0.02771EPSS
Exploits2
Talos
Talos
added 2017/02/03 12:0 a.m.40 views

Nitro Pro PDF Handling Code Execution Vulnerability

Summary A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this...

8.8CVSS8AI score0.01293EPSS
Exploits2
Talos
Talos
added 2016/08/04 12:0 a.m.40 views

Hancom Hangul HCell Workbook Table and Pivot Style Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0148 Hancom Hangul HCell Workbook Table and Pivot Style Code Execution Vulnerability August 4, 2016 CVE Number CVE-2016-4293 Description This vulnerability was discovered within the Hangul Hcell application which is part of the Hangul Office Suite. Hangul...

7.8CVSS7.8AI score0.03617EPSS
Exploits2
Talos
Talos
added 2016/07/19 12:0 a.m.40 views

Oracle OIT IX SDK GIF ImageWidth Code Execution Vulnerabiity

Talos Vulnerability Report TALOS-2016-0105 Oracle OIT IX SDK GIF ImageWidth Code Execution Vulnerabiity July 19, 2016 CVE Number CVE-2016-3583 Description While parsing a specially crafted GIF file, an integer overflow vulnerability and result in out of bounds heap memory overwrite potentially...

9CVSS0.1AI score0.0393EPSS
Exploits1
Talos
Talos
added 2016/07/19 12:0 a.m.40 views

Oracle OIT ImageExport libvs_bmp BMP BI_RLE8 Width Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0163 Oracle OIT ImageExport libvsbmp BMP BIRLE8 Width Code Execution Vulnerability July 19, 2016 CVE Number CVE-2016-3596 Description When parsing a specially crafted BMP file, an erroneous memory copy operation can cause a heap buffer overflow leading to...

9CVSS8.9AI score0.0393EPSS
Exploits1
Talos
Talos
added 2016/06/21 12:0 a.m.40 views

Pidgin MXIT Splash Image Arbitrary File Overwrite Vulnerability

Talos Vulnerability Report TALOS-2016-0128 Pidgin MXIT Splash Image Arbitrary File Overwrite Vulnerability June 21, 2016 CVE Number CVE-2016-4323 DESCRIPTION A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could...

5.8CVSS0.3AI score0.02305EPSS
Exploits2
Talos
Talos
added 2016/06/14 12:0 a.m.40 views

Adobe Flash Player Infinite Recursion Arbitrary Read Access Violation

SUMMARY A potentially exploitable read access violation vulnerability exists in the a way Adobe Flash Player handles infinitely recursive calls. A specially crafted ActionScript code can cause a read access violation which can potentially be further abused. To trriger this vulnerability user...

9.3CVSS8.9AI score0.03977EPSS
Exploits1
Talos
Talos
added 2016/04/26 12:0 a.m.40 views

Network Time Protocol Ephemeral Association Time Spoofing Vulnerability

SUMMARY ntpd is vulnerable to Sybil attacks. A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win ntpd’s clock selection algorithm and modify a victim’s clock. TESTED VERSIONS NTP 4.2.8p3 NTP 4.2.8p4 NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 NTPs...

6.5CVSS6.7AI score0.03147EPSS
Exploits1
Talos
Talos
added 2024/07/08 12:0 a.m.39 views

Realtek rtl819x Jungle SDK boa formWsc stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1904 Realtek rtl819x Jungle SDK boa formWsc stack-based buffer overflow vulnerability July 8, 2024 CVE Number CVE-2023-49867 SUMMARY A stack-based buffer overflow vulnerability exists in the boa formWsc functionality of Realtek rtl819x Jungle SDK v3.4.11. A...

7.2CVSS7.9AI score0.01101EPSS
Exploits0
Talos
Talos
added 2024/05/28 12:0 a.m.39 views

AutomationDirect P3-550E Programming Software Connection CurrDir heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1937 AutomationDirect P3-550E Programming Software Connection CurrDir heap-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24947,CVE-2024-24946 SUMMARY A heap-based buffer overflow vulnerability exists in the Programming Software Connecti...

8.2CVSS8.6AI score0.00836EPSS
Exploits2
Talos
Talos
added 2024/02/26 12:0 a.m.39 views

llama.cpp GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1912 llama.cpp GGUF library GGUFTYPEARRAY/GGUFTYPESTRING parsing heap-based buffer overflow vulnerability February 26, 2024 CVE Number CVE-2024-21825 SUMMARY A heap-based buffer overflow vulnerability exists in the GGUF library GGUFTYPEARRAY/GGUFTYPESTRING...

9.8CVSS8.9AI score0.01349EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.39 views

GTKWave EVCD var len parsing improper array index validation vulnerability

Talos Vulnerability Report TALOS-2023-1803 GTKWave EVCD var len parsing improper array index validation vulnerability January 8, 2024 CVE Number CVE-2023-34087 SUMMARY An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially...

7.8CVSS7.8AI score0.00397EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.39 views

GTKWave FST LEB128 varint stack-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1783 GTKWave FST LEB128 varint stack-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-35704,CVE-2023-35703,CVE-2023-35702 SUMMARY Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of...

7.8CVSS7.8AI score0.00438EPSS
Exploits3
Talos
Talos
added 2023/10/11 12:0 a.m.39 views

Yifan YF325 libutils.so nvram_restore stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1763 Yifan YF325 libutils.so nvramrestore stack-based buffer overflow vulnerability October 11, 2023 CVE Number CVE-2023-34365 SUMMARY A stack-based buffer overflow vulnerability exists in the libutils.so nvramrestore functionality of Yifan YF325 v1.020221108...

9.8CVSS9.5AI score0.00773EPSS
Exploits0
Talos
Talos
added 2023/07/13 12:0 a.m.39 views

VMware vCenter Server DCERPC save_sec_fragment out-of-bounds pointer vulnerability

Talos Vulnerability Report TALOS-2023-1740 VMware vCenter Server DCERPC savesecfragment out-of-bounds pointer vulnerability July 13, 2023 CVE Number CVE-2023-20895 SUMMARY A memory corruption vulnerability with a potential for authentication bypass exists in the DCERPC service as used by VMware...

9.8CVSS9.1AI score0.01375EPSS
Exploits0
Talos
Talos
added 2023/05/26 12:0 a.m.39 views

Mitsubishi Electric Corporation MELSEC iQ-F FX5U MELSOFT Direct memory corruption vulnerability

Talos Vulnerability Report TALOS-2023-1727 Mitsubishi Electric Corporation MELSEC iQ-F FX5U MELSOFT Direct memory corruption vulnerability May 26, 2023 CVE Number CVE-2023-1424 SUMMARY A memory corruption vulnerability exists in the MELSOFT Direct functionality of Mitsubishi Electric Corporation...

10CVSS9.2AI score0.0344EPSS
Exploits0
Talos
Talos
added 2023/05/10 12:0 a.m.39 views

Weston Embedded uC-FTPs Authentication authentication bypass vulnerability

Talos Vulnerability Report TALOS-2022-1680 Weston Embedded uC-FTPs Authentication authentication bypass vulnerability May 10, 2023 CVE Number CVE-2022-41985 SUMMARY An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially...

8.6CVSS8.1AI score0.01488EPSS
Exploits1
Talos
Talos
added 2023/03/30 12:0 a.m.39 views

OpenImageIO Project OpenImageIO FitsOutput::close() denial of service vulnerability

Talos Vulnerability Report TALOS-2023-1709 OpenImageIO Project OpenImageIO FitsOutput::close denial of service vulnerability March 30, 2023 CVE Number CVE-2023-24472 SUMMARY A denial of service vulnerability exists in the FitsOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.7.1...

7.5CVSS6.2AI score0.01344EPSS
Exploits1
Talos
Talos
added 2022/12/22 12:0 a.m.39 views

OpenImageIO TIFF file IPTC data information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1631 OpenImageIO TIFF file IPTC data information disclosure vulnerability December 22, 2022 CVE Number CVE-2022-41649 SUMMARY A heap out of bounds read vulnerability exists in the handling of IPTC data while parsing TIFF images in OpenImageIO v2.3.19.0. A...

9.1CVSS8.4AI score0.01458EPSS
Exploits1
Talos
Talos
added 2022/12/22 12:0 a.m.39 views

OpenImageIO Project OpenImageIO IFFOutput channel interleaving information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1654 OpenImageIO Project OpenImageIO IFFOutput channel interleaving information disclosure vulnerability December 22, 2022 CVE Number CVE-2022-43596 SUMMARY An information disclosure vulnerability exists in the IFFOutput channel interleaving functionality of...

5.9CVSS7.4AI score0.01132EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.39 views

WWBN AVideo image403 cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2022-1539 WWBN AVideo image403 cross-site scripting XSS vulnerability August 16, 2022 CVE Number CVE-2022-30690 SUMMARY A cross-site scripting xss vulnerability exists in the image403 functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A...

9.6CVSS6.4AI score0.83583EPSS
Exploits1
Talos
Talos
added 2022/05/10 12:0 a.m.39 views

InHand Networks InRouter302 console inhand command execution vulnerability

Summary A command execution vulnerability exists in the console inhand functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions InHan...

9.9CVSS8.8AI score0.026EPSS
Exploits1
Talos
Talos
added 2022/02/28 12:0 a.m.39 views

Gerbv RS-274X aperture macro outline primitive out-of-bounds read vulnerability

Summary An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev commit b5f1eacd and the forked version of Gerbv commit d7f42a9a. A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a...

9.3CVSS7.6AI score0.01268EPSS
Exploits1
Talos
Talos
added 2022/02/23 12:0 a.m.39 views

Accusoft ImageGear XWD parser heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.10 Product URLs...

9.8CVSS8.7AI score0.01494EPSS
Exploits1
Talos
Talos
added 2022/02/01 12:0 a.m.39 views

Eclipse Foundation Paho MQTTClient-C library readPacket out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the readPacket functionality of Eclipse Foundation Embedded Paho MQTTClient-C library v1.0.0. A specially-crafted MQTT payload can lead to an out-of-bounds write. An attacker can send a malicious MQTT message to trigger this vulnerability...

9.8CVSS9.7AI score0.01165EPSS
Exploits0
Total number of security vulnerabilities2224