Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2024/01/08 12:0 a.m.29 views

GTKWave FST fstReaderIterBlocks2 fstWritex len heap-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1793 GTKWave FST fstReaderIterBlocks2 fstWritex len heap-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-36747,CVE-2023-36746 SUMMARY Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len...

7.8CVSS7.5AI score0.00382EPSS
Exploits2
Talos
Talos
added 2023/10/19 12:0 a.m.29 views

JustSystems Corporation Ichitaro 2023 DocumentViewStyles and DocumentEditStyles stream relative write vulnerabilities

Talos Vulnerability Report TALOS-2023-1825 JustSystems Corporation Ichitaro 2023 DocumentViewStyles and DocumentEditStyles stream relative write vulnerabilities October 19, 2023 CVE Number CVE-2023-35126 SUMMARY An out-of-bounds write vulnerability exists within the parsers for both the...

7.8CVSS8AI score0.00484EPSS
Exploits1
Talos
Talos
added 2023/10/11 12:0 a.m.29 views

Yifan YF325 httpd next_page buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1761 Yifan YF325 httpd nextpage buffer overflow vulnerability October 11, 2023 CVE Number CVE-2023-35055,CVE-2023-35056 SUMMARY A buffer overflow vulnerability exists in the httpd nextpage functionality of Yifan YF325 v1.020221108. A specially crafted network...

9.8CVSS9.4AI score0.01018EPSS
Exploits0
Talos
Talos
added 2023/10/11 12:0 a.m.29 views

Yifan YF325 validate.so diag_ping_start command execution vulnerability

Talos Vulnerability Report TALOS-2023-1767 Yifan YF325 validate.so diagpingstart command execution vulnerability October 11, 2023 CVE Number CVE-2023-32632 SUMMARY A command execution vulnerability exists in the validate.so diagpingstart functionality of Yifan YF325 v1.020221108. A specially...

9.8CVSS9.5AI score0.01212EPSS
Exploits0
Talos
Talos
added 2023/09/25 12:0 a.m.29 views

Accusoft ImageGear create_png_object heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1749 Accusoft ImageGear createpngobject heap-based buffer overflow vulnerability September 25, 2023 CVE Number CVE-2023-32614 SUMMARY A heap-based buffer overflow vulnerability exists in the createpngobject functionality of Accusoft ImageGear 20.1. A speciall...

9.8CVSS8.1AI score0.00707EPSS
Exploits1
Talos
Talos
added 2023/07/19 12:0 a.m.29 views

Foxit Reader Field Calculate event use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1756 Foxit Reader Field Calculate event use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-27379 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting...

8.8CVSS8.5AI score0.01026EPSS
Exploits1
Talos
Talos
added 2023/07/13 12:0 a.m.29 views

VMware DCERPC call request uninitialized memory heap overflow vulnerability

Talos Vulnerability Report TALOS-2023-1801 VMware DCERPC call request uninitialized memory heap overflow vulnerability July 13, 2023 CVE Number CVE-2023-20892 SUMMARY A heap overflow vulnerability exists in the request processing functionality of DCERPC library as used in VMware vCenter Server...

9.8CVSS9.1AI score0.01849EPSS
Exploits0
Talos
Talos
added 2023/06/26 12:0 a.m.29 views

Google Chrome WebGL rx::Image11::disassociateStorage use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1724 Google Chrome WebGL rx::Image11::disassociateStorage use-after-free vulnerability June 26, 2023 CVE Number CVE-2023-1531 SUMMARY A use-after-free vulnerability exists in the WebGL rx::Image11::disassociateStorage functionality of Google Chrome Stable...

8.8CVSS9.2AI score0.02925EPSS
Exploits0
Talos
Talos
added 2023/01/26 12:0 a.m.29 views

Siretta QUARTZ-GOLD httpd SNMP OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1615 Siretta QUARTZ-GOLD httpd SNMP OS command injection vulnerability January 26, 2023 CVE Number CVE-2022-38066 SUMMARY An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A...

8.8CVSS8.2AI score0.07085EPSS
Exploits1
Talos
Talos
added 2022/01/31 12:0 a.m.29 views

Foxit Reader getPageNthWordQuads mishandled exception vulnerability

Summary A memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 11.1.0.52543. A specially-crafted PDF document can trigger an exception which is improperly handled, leaving the engine in an invalid state, which can lead to memory corruption and...

8.8CVSS8.9AI score0.01795EPSS
Exploits1
Talos
Talos
added 2021/06/01 12:0 a.m.29 views

Accusoft ImageGear JPG Handle_JPEG420 out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the JPG HandleJPEG420 functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.9...

9.8CVSS8.9AI score0.01215EPSS
Exploits1
Talos
Talos
added 2021/03/30 12:0 a.m.29 views

Accusoft ImageGear SGI Format Buffer Size Processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the SGI Format Buffer Size Processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft...

9.8CVSS9AI score0.01325EPSS
Exploits1
Talos
Talos
added 2020/03/03 12:0 a.m.29 views

Webkit AudioSourceProviderGStreamer use-after-free vulnerability

Summary A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. Tested Versions Webkit WebKitGTK 2.30.1 Product URLs https://webkit.org/ CVSSv3 Score 8.8 -...

8.8CVSS9AI score0.01792EPSS
Exploits1
Talos
Talos
added 2018/07/26 12:0 a.m.29 views

Samsung SmartThings Hub video-core samsungWifiScan Callback Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core’s HTTP server of Samsung SmartThings Hub. The video-core process incorrectly handles the answer received from a smart camera, leading to a buffer overflow on the stac...

9.9CVSS9.8AI score0.02014EPSS
Exploits2
Talos
Talos
added 2017/10/31 12:0 a.m.29 views

Circle with Disney Startup WiFi Channel Parsing Command Injection Vulnerability

Summary An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the device to execute arbitrary sed commands. An attacker needs to setup an access point reachable by the device to trigger this vulnerability...

7.4CVSS7.1AI score0.00873EPSS
Exploits2
Talos
Talos
added 2017/05/04 12:0 a.m.29 views

AntennaHouse DMC HTMLFilter Txo Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the Txo functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigge...

8.6CVSS9AI score0.01335EPSS
Exploits2
Talos
Talos
added 2017/04/10 12:0 a.m.29 views

Moxa AWK-3131A Web Application onekey Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker. Tested Versions Moxa...

8.8CVSS8.5AI score0.018EPSS
Exploits1
Talos
Talos
added 2016/12/12 12:0 a.m.29 views

Joyent SmartOS Hyprlofs FS IOCTL 32-bit File System path Buffer Overflow Privilege Escalation Vulnerability

Summary An exploitable buffer overflow exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer...

7CVSS7.3AI score0.00528EPSS
Exploits3
Talos
Talos
added 2016/08/04 12:0 a.m.30 views

BlueStacks App Player Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2016-0124 BlueStacks App Player Privilege Escalation Vulnerability August 4, 2016 CVE Number CVE-2016-4288 Description A local privilege escalation vulnerability exists in BlueStacks App Player. The BlueStacks App Player installer creates a registry key with weak...

8.4CVSS1.4AI score0.00605EPSS
Exploits1
Talos
Talos
added 2016/06/08 12:0 a.m.29 views

IBM Domino KeyView PDF Filter Trailer ID Code Execution Vulnerability

SUMMARY A heap based buffer overflow vulnerability present in KeyView PDF filter as used by Domino can lead to remote arbitrary code execution. TESTED VERSIONS KeyView 10.16 as used by IBM Domino 9.0.1 PRODUCT URLs http://www-03.ibm.com/software/products/en/ibmdomino DETAILS While parsing an ID...

7.8CVSS8AI score0.0282EPSS
Exploits1
Talos
Talos
added 2016/06/08 12:0 a.m.29 views

IBM Domino KeyView PDF Filter Stream Length Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0090 IBM Domino KeyView PDF Filter Stream Length Code Execution Vulnerability June 8, 2016 CVE Number CVE-2016-0278 Description An integer overflow vulnerability present in the PDF filter of KeyView as used by Domino can lead to process crash and possible...

7.8CVSS8AI score0.02894EPSS
Exploits1
Talos
Talos
added 2016/02/05 12:0 a.m.29 views

Libgraphite Context Item Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0059 Libgraphite Context Item Code Execution Vulnerability February 5, 2016 CVE Number CVE-2016-1523 Description An exploitable heap-based buffer overflow exists in the context item handling functionality of Libgraphite. A specially crafted font can cause a...

6.5CVSS8.1AI score0.02318EPSS
Exploits0
Talos
Talos
added 2016/01/08 12:0 a.m.29 views

Apple Quicktime dref Atom Null Data Reference Entry Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0023 Apple Quicktime dref Atom Null Data Reference Entry Denial of Service Vulnerability January 8, 2016 CVE Number CVE-2015-7090 Description There is a denial of service vulnerability in Apple Quicktime. An attacker who can control the size and type of a dat...

6.8CVSS6.5AI score0.01648EPSS
Exploits0
Talos
Talos
added 2025/03/12 12:0 a.m.28 views

Adobe Acrobat Reader Font hMetric Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2134 Adobe Acrobat Reader Font hMetric Out-Of-Bounds Read Vulnerability March 12, 2025 CVE Number CVE-2025-27163 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2024.005.20320. A specially crafted font file...

5.5CVSS6.4AI score0.004EPSS
Exploits0
Talos
Talos
added 2025/01/14 12:0 a.m.28 views

Wavlink AC3000 nas.cgi add_dir() command injection vulnerabilities

Talos Vulnerability Report TALOS-2024-2058 Wavlink AC3000 nas.cgi adddir command injection vulnerabilities January 14, 2025 CVE Number CVE-2024-39784,CVE-2024-39785 SUMMARY Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A...

9.1CVSS8.2AI score0.06193EPSS
Exploits2
Talos
Talos
added 2024/10/30 12:0 a.m.28 views

LevelOne WBR-6012 Web Application improper resource allocation vulnerability

Talos Vulnerability Report TALOS-2024-1982 LevelOne WBR-6012 Web Application improper resource allocation vulnerability October 30, 2024 CVE Number CVE-2024-31152 SUMMARY The LevelOne WBR-6012 router with firmware R0.40e6 is vulnerable to improper resource allocation within its web application,...

7.5CVSS5.4AI score0.17156EPSS
Exploits1
Talos
Talos
added 2024/10/03 12:0 a.m.28 views

GNOME Project G Structured File Library (libgsf) Compound Document Binary File Sector Allocation Table integer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2069 GNOME Project G Structured File Library libgsf Compound Document Binary File Sector Allocation Table integer overflow vulnerability October 3, 2024 CVE Number CVE-2024-42415 SUMMARY An integer overflow vulnerability exists in the Compound Document Binary...

8.4CVSS8.4AI score0.00457EPSS
Exploits0
Talos
Talos
added 2024/04/09 12:0 a.m.28 views

tddpd enable_test_mode command execution vulnerability

Talos Vulnerability Report TALOS-2023-1862 tddpd enabletestmode command execution vulnerability April 9, 2024 CVE Number CVE-2023-49133,CVE-2023-49134 SUMMARY A command execution vulnerability exists in the tddpd enabletestmode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point...

9.8CVSS8.3AI score0.01749EPSS
Exploits2
Talos
Talos
added 2024/02/15 12:0 a.m.28 views

Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2023-1910 Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20749 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader...

5.5CVSS6.4AI score0.02336EPSS
Exploits0
Talos
Talos
added 2024/02/06 12:0 a.m.28 views

TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP global config Command injection Vulnerability

Talos Vulnerability Report TALOS-2023-1856 TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP global config Command injection Vulnerability February 6, 2024 CVE Number CVE-2023-42664 SUMMARY A post authentication command injection vulnerability exists when setting up the PPTP global configuratio...

7.2CVSS7.9AI score0.03442EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.28 views

GTKWave VCD parse_valuechange portdump out-of-bounds write vulnerabilities

Talos Vulnerability Report TALOS-2023-1804 GTKWave VCD parsevaluechange portdump out-of-bounds write vulnerabilities January 8, 2024 CVE Number CVE-2023-37416,CVE-2023-37419,CVE-2023-37420,CVE-2023-37418,CVE-2023-37417 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the VCD...

7.8CVSS8.1AI score0.00436EPSS
Exploits5
Talos
Talos
added 2024/01/08 12:0 a.m.28 views

GTKWave LXT2 lxt2_rd_expand_integer_to_bits stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1827 GTKWave LXT2 lxt2rdexpandintegertobits stack-based buffer overflow vulnerability January 8, 2024 CVE Number CVE-2023-38583 SUMMARY A stack-based buffer overflow vulnerability exists in the LXT2 lxt2rdexpandintegertobits function of GTKWave 3.3.115. A...

7.8CVSS7.9AI score0.00435EPSS
Exploits1
Talos
Talos
added 2023/07/13 12:0 a.m.28 views

Apple DCERPC array marshaling uninitialized memory disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1688 Apple DCERPC array marshaling uninitialized memory disclosure vulnerability July 13, 2023 CVE Number CVE-2023-27953 SUMMARY There exists a vulnerability in the array marshaling code of DCERPC library as used in Apple macOS 12.6.1 that can lead to use of...

9.8CVSS9AI score0.01604EPSS
Exploits0
Talos
Talos
added 2023/07/06 12:0 a.m.28 views

Milesight UR32L ys_thirdparty check_system_user OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1711 Milesight UR32L ysthirdparty checksystemuser OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22365 SUMMARY An OS command injection vulnerability exists in the ysthirdparty checksystemuser functionality of Milesight UR32L v32.3.0.5. A...

7.2CVSS7.5AI score0.02184EPSS
Exploits0
Talos
Talos
added 2023/01/26 12:0 a.m.28 views

Siretta QUARTZ-GOLD m2m DELETE_FILE cmd heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1639 Siretta QUARTZ-GOLD m2m DELETEFILE cmd heap-based buffer overflow vulnerability January 26, 2023 CVE Number CVE-2022-41991 SUMMARY A heap-based buffer overflow vulnerability exists in the m2m DELETEFILE cmd functionality of Siretta QUARTZ-GOLD...

9.8CVSS9.7AI score0.01468EPSS
Exploits1
Talos
Talos
added 2022/12/22 12:0 a.m.28 views

OpenImageIO TIFF tile pels decoding heap-based buffer overflow

Talos Vulnerability Report TALOS-2022-1633 OpenImageIO TIFF tile pels decoding heap-based buffer overflow December 22, 2022 CVE Number CVE-2022-41639 SUMMARY A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and...

9.8CVSS9.6AI score0.01813EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.28 views

WWBN AVideo session id privilege escalation vulnerability

Talos Vulnerability Report TALOS-2022-1535 WWBN AVideo session id privilege escalation vulnerability August 16, 2022 CVE Number CVE-2022-30605 SUMMARY A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafte...

8.8CVSS8.7AI score0.04125EPSS
Exploits1
Talos
Talos
added 2022/07/13 12:0 a.m.28 views

Adobe Acrobat Reader DC event value use-after-free

Summary A use-after-free vulnerability exists in the way Adobe Acrobat Reader DC 2022.001.20117 deals with event objects across different event types. A specially-crafted PDF document can trigger this vulnerability, which can lead to arbitrary code execution. A victim needs to open the malicious...

7.8CVSS7.8AI score0.03363EPSS
Exploits0
Talos
Talos
added 2022/01/26 12:0 a.m.28 views

Reolink RLC-410W netserver recv_command denial of service vulnerability

Summary A denial of service vulnerability exists in the netserver recvcommand functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted network request can lead to a reboot. An attacker can send a malicious packet to trigger this vulnerability. Tested Versions Reolink RLC-410W...

8.6CVSS7.9AI score0.01088EPSS
Exploits0
Talos
Talos
added 2021/12/06 12:0 a.m.28 views

Gerbv RS-274X aperture macro outline primitive integer overflow vulnerability

Summary An integer overflow vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev commit b5f1eacd and the forked version of Gerbv commit 71493260. A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious fi...

10CVSS9.5AI score0.02916EPSS
Exploits1
Talos
Talos
added 2021/11/22 12:0 a.m.28 views

Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'group_list' page

Summary Multiple exploitable SQL injection vulnerabilities exist in the ‘grouplist’ page of the Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as...

8.8CVSS8.6AI score0.0138EPSS
Exploits2
Talos
Talos
added 2021/11/15 12:0 a.m.28 views

Lantronix PremierWave 2050 Web Manager Diagnostics: Traceroute OS command injection vulnerability

Summary An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...

9.9CVSS9.9AI score0.06061EPSS
Exploits1
Talos
Talos
added 2019/11/20 12:0 a.m.28 views

xcftools flattenIncrementally rows allocation code execution vulnerability

Summary An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row’s allocation size, that could be exploited to corrupt memory and eventually execute...

8.8CVSS8.8AI score0.03637EPSS
Exploits1
Talos
Talos
added 2019/01/02 12:0 a.m.28 views

Clean My Mac X enableLaunchdAgentAtPath privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...

7.1CVSS6AI score0.00309EPSS
Exploits0
Talos
Talos
added 2018/07/26 12:0 a.m.28 views

Samsung SmartThings Hub video-core credentials Code Execution Vulnerability

Summary Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core’s HTTP server of Samsung SmartThings Hub. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can...

9.6AI score
Exploits0
Talos
Talos
added 2017/11/09 12:0 a.m.28 views

libxls xls_addCell MulBlank Code Execution Vulnerability

Summary An exploitable Out-of-bounds Write vulnerability exists in the xlsaddCell function of libxls 1.4. A specially crafted xls file can cause a memory corruption resulting in remote code execution. An attacker can send malicious xls file to trigger this vulnerability. Tested Versions libxls 1....

8.8CVSS9AI score0.02088EPSS
Exploits1
Talos
Talos
added 2017/10/31 12:0 a.m.28 views

Circle with Disney Apid Server Fork Denial of Service Vulnerability

Summary An exploitable Denial of Service vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A large amount of simultaneous TCP connections causes the APID daemon to repeatedly fork, causing the daemon to run out of memory and trigger a device reboot. An attacker...

7.8CVSS7.5AI score0.01482EPSS
Exploits2
Talos
Talos
added 2017/05/05 12:0 a.m.28 views

PowerIso Parsing Code Execution Vulnerability

Summary An stack buffer overflow vulnerability exists in the ISO parsing functionality of Power Software Ltd PowerISO. A specially crafted ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific ISO file to trigger this vulnerability. Tested...

8.8CVSS8.4AI score0.01664EPSS
Exploits2
Talos
Talos
added 2017/02/24 12:0 a.m.28 views

Ichitaro Word Processor PersistDirectory Code Execution Vulnerability

Summary Ichitaro Office contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function’s result, the application will use this result in a pointer calculation for reading file data into. Due t...

7.8CVSS7.6AI score0.01153EPSS
Exploits1
Talos
Talos
added 2016/07/19 12:0 a.m.28 views

Oracle OIT IX SDK libvs_pdf Tj Operator Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0098 Oracle OIT IX SDK libvspdf Tj Operator Denial of Service Vulnerability July 19, 2016 CVE Number CVE-2016-3576 DESCRIPTION When parsing a specialy crafted PDF document, a NULL pointer dereference leading to a process termination. A pointer value from a...

9CVSS1.1AI score0.0393EPSS
Exploits1
Total number of security vulnerabilities2224