Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2017/05/04 12:0 a.m.34 views

AntennaHouse DMC HTMLFilter PPT ParseEnvironment Code Execution Vulnerability

Summary An exploitable heap overflow vulnerability exists in the ParseEnvironment functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious PPT fil...

8.3CVSS8.5AI score0.00917EPSS
Exploits2
Talos
Talos
added 2017/04/10 12:0 a.m.34 views

Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability

Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability Summary An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without...

5.3CVSS5AI score0.01301EPSS
Exploits2
Talos
Talos
added 2016/12/12 12:0 a.m.34 views

Joyent SmartOS Hyprlofs FS IOCTL 32-bit File System name Buffer Overflow Privilege Escalation Vulnerability

Summary An exploitable buffer overflow exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a buffer...

7CVSS7.3AI score0.00528EPSS
Exploits3
Talos
Talos
added 2016/10/18 12:0 a.m.34 views

Foxit PDF Reader JBIG2 Parser Information Disclosure Vulnerability

Summary A large out of bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR. Tested Versions Foxit Software Foxit Reader 8.0.2.805 Produc...

6.8CVSS5.1AI score0.1856EPSS
Exploits1
Talos
Talos
added 2016/06/21 12:0 a.m.34 views

Pidgin MXIT Extended Profiles Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0139 Pidgin MXIT Extended Profiles Code Execution Vulnerability June 21, 2016 CVE Number CVE-2016-2371 DESCRIPTION An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server coul...

8.1CVSS0.4AI score0.03174EPSS
Exploits1
Talos
Talos
added 2016/06/21 12:0 a.m.34 views

Pidgin MXIT Custom Resource Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0138 Pidgin MXIT Custom Resource Denial of Service Vulnerability June 21, 2016 CVE Number CVE-2016-2370 DESCRIPTION A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could...

5.9CVSS6.2AI score0.02123EPSS
Exploits1
Talos
Talos
added 2016/03/31 12:0 a.m.34 views

Lhasa lha decode_level3_header Heap Corruption Vulnerability

SUMMARY An exploitable integer underflow exists during calculation size for all headers in decodelevel3header function of Lhasa lha application. Smaller value of headerlen than LEVEL3HEADERLEN 32 cause during subtraction integer underflow and lead later to memory corruption via heap based buffer...

7.8CVSS8AI score0.03228EPSS
Exploits1
Talos
Talos
added 2016/01/08 12:0 a.m.34 views

Apple Quicktime mdat Corruption Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0021 Apple Quicktime mdat Corruption Denial of Service Vulnerability January 8, 2016 CVE Number CVE-2015-7089 Description There is a denial of service vulnerability in Apple Quicktime. An attacker who can control the content of the mdat section of a .mov file...

6.8CVSS6.4AI score0.01648EPSS
Exploits0
Talos
Talos
added 2015/10/21 12:0 a.m.34 views

Network Time Protocol Password Length Memory Corruption Vulnerability

Talos Vulnerability Report TALOS-2015-0065 Network Time Protocol Password Length Memory Corruption Vulnerability October 21, 2015 CVE Number CVE-2015-7854 Description A potential buffer overflow vulnerability exists in the password management functionality of ntp. A specially crafted key file cou...

8.8CVSS9.3AI score0.1456EPSS
Exploits0
Talos
Talos
added 2024/08/13 12:0 a.m.33 views

Microsoft CLIPSP.SYS License update privilege escalation vulnerability

Talos Vulnerability Report TALOS-2024-1966 Microsoft CLIPSP.SYS License update privilege escalation vulnerability August 13, 2024 CVE Number CVE-2024-38186 SUMMARY A privilege escalation vulnerability exists in the License update functionality of Microsoft CLIPSP.SYS 10.0.22621 Build 22621,...

7.8CVSS8.3AI score0.00839EPSS
Exploits0
Talos
Talos
added 2024/05/15 12:0 a.m.33 views

Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1952 Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability May 15, 2024 CVE Number CVE-2024-30312 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2023.008.20533.A specially crafted...

5.5CVSS6.5AI score0.01767EPSS
Exploits0
Talos
Talos
added 2024/05/01 12:0 a.m.33 views

Milesight UR32L luci2-io file-import firmware update vulnerability

Talos Vulnerability Report TALOS-2023-1852 Milesight UR32L luci2-io file-import firmware update vulnerability May 1, 2024 CVE Number CVE-2023-47166 SUMMARY A firmware update vulnerability exists in the luci2-io file-import functionality of Milesight UR32L v32.3.0.7-r2. A specially crafted network...

8.8CVSS8.7AI score0.00637EPSS
Exploits0
Talos
Talos
added 2024/04/03 12:0 a.m.33 views

Open Automation Software OAS Platform OAS Engine User Configuration improper input validation vulnerability

Talos Vulnerability Report TALOS-2024-1949 Open Automation Software OAS Platform OAS Engine User Configuration improper input validation vulnerability April 3, 2024 CVE Number CVE-2024-27201 SUMMARY An improper input validation vulnerability exists in the OAS Engine User Configuration functionali...

4.9CVSS5.5AI score0.00662EPSS
Exploits1
Talos
Talos
added 2024/02/20 12:0 a.m.33 views

Weston Embedded uC-TCP-IP IP header loopback parsing double-free vulnerability

Talos Vulnerability Report TALOS-2023-1829 Weston Embedded uC-TCP-IP IP header loopback parsing double-free vulnerability February 20, 2024 CVE Number CVE-2023-38562 SUMMARY A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A...

9.1CVSS8.8AI score0.01081EPSS
Exploits1
Talos
Talos
added 2024/02/20 12:0 a.m.33 views

The Biosig Project libbiosig sopen_FAMOS_read NULL calloc out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-1925 The Biosig Project libbiosig sopenFAMOSread NULL calloc out-of-bounds write vulnerability February 20, 2024 CVE Number CVE-2024-23606 SUMMARY An out-of-bounds write vulnerability exists in the sopenFAMOSread functionality of The Biosig Project libbiosig...

9.8CVSS9.6AI score0.01679EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.33 views

GTKWave LXT2 lxt2_rd_trace value elements allocation integer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1821 GTKWave LXT2 lxt2rdtrace value elements allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35057 SUMMARY An integer overflow vulnerability exists in the LXT2 lxt2rdtrace value elements allocation functionality of GTKWave 3.3.11...

7.8CVSS7.9AI score0.00389EPSS
Exploits1
Talos
Talos
added 2023/11/27 12:0 a.m.33 views

Foxit Reader signature field OnBlur event use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1839 Foxit Reader signature field OnBlur event use-after-free vulnerability November 27, 2023 CVE Number CVE-2023-38573 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles a signature field. A specially crafted Javascrip...

8.8CVSS9.1AI score0.01907EPSS
Exploits1
Talos
Talos
added 2023/10/19 12:0 a.m.33 views

JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1809 JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser out-of-bounds write vulnerability October 19, 2023 CVE Number CVE-2023-38128 SUMMARY An out-of-bounds write vulnerability exists in the “HyperLinkFrame” stream parser of Ichitaro 2023 1.0.1.5937...

7.8CVSS7.9AI score0.00678EPSS
Exploits1
Talos
Talos
added 2023/10/12 12:0 a.m.33 views

SoftEther VPN vpnserver EnSafeHttpHeaderValueStr denial of service vulnerability

Talos Vulnerability Report TALOS-2023-1741 SoftEther VPN vpnserver EnSafeHttpHeaderValueStr denial of service vulnerability October 12, 2023 CVE Number CVE-2023-23581 SUMMARY A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.967...

7.5CVSS7.5AI score0.00834EPSS
Exploits1
Talos
Talos
added 2023/07/21 12:0 a.m.33 views

Open Babel Gaussian format orientation out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1672 Open Babel Gaussian format orientation out-of-bounds write vulnerability July 21, 2023 CVE Number CVE-2022-37331 SUMMARY An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit...

7.8CVSS8AI score0.00704EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.33 views

Milesight UR32L ys_thirdparty user_delete OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1694 Milesight UR32L ysthirdparty userdelete OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-23550 SUMMARY An OS command injection vulnerability exists in the ysthirdparty userdelete functionality of Milesight UR32L v32.3.0.5. A specially...

7.2CVSS7.2AI score0.03607EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.33 views

Milesight UR32L uhttpd login buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1697 Milesight UR32L uhttpd login buffer overflow vulnerability July 6, 2023 CVE Number CVE-2023-23902 SUMMARY A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead ...

9.8CVSS9.9AI score0.02212EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.33 views

Milesight UR32L luci2-io file-export mib directory traversal vulnerability

Talos Vulnerability Report TALOS-2023-1695 Milesight UR32L luci2-io file-export mib directory traversal vulnerability July 6, 2023 CVE Number CVE-2023-23547 SUMMARY A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially...

6.5CVSS6.8AI score0.01256EPSS
Exploits1
Talos
Talos
added 2023/06/13 12:0 a.m.33 views

Microsoft Office Excel FreePhisxdb arbitrary free vulnerability

Talos Vulnerability Report TALOS-2023-1730 Microsoft Office Excel FreePhisxdb arbitrary free vulnerability June 13, 2023 CVE Number CVE-2023-32029 SUMMARY An arbitrary free vulnerability exists in the FreePhisxdb functionality of Microsoft Office Excel 2019 Plus 16.0.16130.20218. A...

7.8CVSS7.5AI score0.53513EPSS
Exploits0
Talos
Talos
added 2023/04/24 12:0 a.m.33 views

IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability

Talos Vulnerability Report TALOS-2023-1691 IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability April 24, 2023 CVE Number CVE-2023-28528 SUMMARY An OS command injection vulnerability exists in the invscout setUID binary functionality of IBM Corporation AIX 7.2. A...

8.4CVSS8.4AI score0.01457EPSS
Exploits3
Talos
Talos
added 2023/04/03 12:0 a.m.33 views

ADMesh stl_fix_normal_directions improper array index validation vulnerability

Talos Vulnerability Report TALOS-2022-1594 ADMesh stlfixnormaldirections improper array index validation vulnerability April 3, 2023 CVE Number CVE-2022-38072 SUMMARY An improper array index validation vulnerability exists in the stlfixnormaldirections functionality of ADMesh Master Commit 767a10...

8.8CVSS7.6AI score0.01061EPSS
Exploits1
Talos
Talos
added 2023/03/21 12:0 a.m.33 views

Netgear Orbi Router RBR750 Remote Management cleartext transmission vulnerability

Talos Vulnerability Report TALOS-2022-1598 Netgear Orbi Router RBR750 Remote Management cleartext transmission vulnerability March 21, 2023 CVE Number CVE-2022-38458 SUMMARY A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5....

6.5CVSS6.1AI score0.00614EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.33 views

Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1558 Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-33189 SUMMARY An OS command injection vulnerability exists in the XCMD setAlexa functionality of Abode Systems, Inc. io...

10CVSS9.8AI score0.03244EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.33 views

HDF5 Group libhdf5 gif2h5 out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1486 HDF5 Group libhdf5 gif2h5 out-of-bounds read vulnerability August 16, 2022 CVE Number CVE-2022-25942 SUMMARY An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to cod...

7.8CVSS7.5AI score0.00577EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.33 views

TCL LinkHub Mesh Wifi confsrv ucloud_add_node_new OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1457 TCL LinkHub Mesh Wifi confsrv ucloudaddnodenew OS command injection vulnerability August 1, 2022 CVE Number CVE-2022-21178 SUMMARY An os command injection vulnerability exists in the confsrv ucloudaddnewnode functionality of TCL LinkHub Mesh Wifi...

9.8CVSS9.8AI score0.03565EPSS
Exploits1
Talos
Talos
added 2022/01/26 12:0 a.m.33 views

Reolink RLC-410W hardcoded TLS key information disclosure vulnerability

Summary An information disclosure vulnerability exists due to the hardcoded TLS key of Reolink RLC-410W v3.0.0.13620121102. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this...

7.5CVSS5.9AI score0.0089EPSS
Exploits0
Talos
Talos
added 2021/11/15 12:0 a.m.33 views

Lantronix PremierWave 2050 Web Manager FsMove directory traversal vulnerability

Summary A directory traversal vulnerability exists in the Web Manager FsMove functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially crafted HTTP request can lead to local file inclusion. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions...

7.2CVSS6.8AI score0.02386EPSS
Exploits1
Talos
Talos
added 2021/11/15 12:0 a.m.33 views

Lantronix PremierWave 2050 Web Manager FsBrowseClean stack-based buffer overflow vulnerability

Summary A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this...

9.3AI score
Exploits0
Talos
Talos
added 2021/03/16 12:0 a.m.33 views

Accusoft ImageGear PSD read_icc_icCurve_data heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the PSD readiccicCurvedata functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an integer overflow that, in turn, leads to a heap buffer overflow. An attacker can provide a malicious file to trigger...

9.8CVSS9.5AI score0.01407EPSS
Exploits1
Talos
Talos
added 2020/12/09 12:0 a.m.33 views

Foxit Reader JavaScript choice field format event use-after-free vulnerability

Summary A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open t...

8.8CVSS9.2AI score0.02929EPSS
Exploits1
Talos
Talos
added 2020/10/22 12:0 a.m.33 views

Google Chrome DrawElementsInstanced information leak vulnerability

Talos Vulnerability Report TALOS-2020-1123 Google Chrome DrawElementsInstanced information leak vulnerability October 22, 2020 CVE Number CVE-2020-6555 SUMMARY An information disclosure vulnerability exists in the WebGL functionality of Google Chrome 83.0.4103.116 Stable 64-bit and 86.0.4198.0...

7.6CVSS7.6AI score0.02157EPSS
Exploits1
Talos
Talos
added 2020/07/14 12:0 a.m.33 views

Intel IGC64.DLL Shader Functionality hull shader denial of service vulnerability

Summary An exploitable denial of service vulnerability exists in Intel IGC64.DLL graphics driver. A specially crafted hull shader can cause a NULL pointer dereference. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability could potentially be...

9CVSS8.6AI score0.05466EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.33 views

LEADTOOLS libltdic.so LDicomAssociate::SetBinary denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability. Tested...

7.5CVSS7.7AI score0.01942EPSS
Exploits0
Talos
Talos
added 2019/08/19 12:0 a.m.33 views

Nest Labs Openweave Weave DecodeMessageWithLength Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the Weave MessageLayer parsing of Openweave-core version 4.0.2 and Nest Cam IQ Indoor version 4620002. A specially crafted weave packet can cause an integer overflow to occur, resulting in PacketBuffer data reuse. An attacker c...

8.2CVSS7.6AI score0.00775EPSS
Exploits1
Talos
Talos
added 2019/01/02 12:0 a.m.34 views

CleanMyMac X removeItemAtPath Privilege Escalation Vulnerability

Summary The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product URLs...

7.1CVSS6AI score0.00309EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.33 views

Clean My Mac X pleaseTerminate denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. A user with local access can use this vulnerability to terminate a privileged helper application. An attacker would need local access to the machi...

7.1CVSS5.8AI score0.00309EPSS
Exploits0
Talos
Talos
added 2018/07/26 12:0 a.m.33 views

Samsung SmartThings Hub video-core Camera URL Replace Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the camera “replace” feature of video-core’s HTTP server of Samsung SmartThings Hub. The video-core process incorrectly extracts the URL field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker...

9.9CVSS9.7AI score0.01753EPSS
Exploits2
Talos
Talos
added 2018/07/26 12:0 a.m.33 views

Samsung SmartThings Hub video-core credentials videoHostUrl Code Execution Vulnerability

Summary An exploitable buffer overflow vulnerability exists in the credentials handler of video-core’s HTTP server of Samsung SmartThings Hub. The video-core process incorrectly extracts the videoHostUrl field from a user-controlled JSON payload, leading to a buffer overflow on the stack. An...

9.9CVSS9.7AI score0.01753EPSS
Exploits2
Talos
Talos
added 2018/04/26 12:0 a.m.33 views

Hyland Perceptive Document Filters Microsoft Word CDATA Code Execution Vulnerability

Summary An exploitable heap corruption exists in the Microsoft Word to many types conversion functionality of the Hyland Perspective Document Filters version 11.4.0.2647. A crafted Microsoft Word XML document can lead to heap corruption resulting in remote code execution. An attacker can provide ...

8.8CVSS9.4AI score0.02794EPSS
Exploits1
Talos
Talos
added 2018/03/01 12:0 a.m.33 views

Simple DirectMedia Layer SDL2_image ICO Pitch Handling Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigg...

8.8CVSS8.9AI score0.02677EPSS
Exploits0
Talos
Talos
added 2018/01/11 12:0 a.m.33 views

Blender Sequencer dpxOpen Buffer Overflow Code Execution Vulnerability

Summary An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .cin file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...

8.8CVSS7.8AI score0.01866EPSS
Exploits1
Talos
Talos
added 2017/10/31 12:0 a.m.33 views

Circle with Disney Apid Use-Between-Reallocs Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the apid daemon of the Circle with Disney running firmware 2.0.1. A specially crafted set of packets can make the Disney Circle dump strings from an internal database into an HTTP response. An attacker needs network connectivit...

5.8CVSS5.5AI score0.01144EPSS
Exploits2
Talos
Talos
added 2017/07/24 12:0 a.m.33 views

FreeRDP Rdp Client License Read Product Info Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use ma...

6.5CVSS6.5AI score0.01569EPSS
Exploits1
Talos
Talos
added 2017/06/19 12:0 a.m.33 views

Foscam IP Video Camera CGIProxy.fcgi SMTP Test User Parameter Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary data in the “msmtprc” configuration file resulting...

8.8CVSS9AI score0.03439EPSS
Exploits1
Talos
Talos
added 2017/05/04 12:0 a.m.33 views

AntennaHouse DMC HTMLFilter Doc_SetSummary Code Execution Vulnerability

AntennaHouse DMC HTMLFilter DocSetSummary Code Execution Vulnerability Summary An exploitable heap corruption vulnerability exists in the DocSetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An...

8.8CVSS9.2AI score0.02124EPSS
Exploits2
Total number of security vulnerabilities2224