Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2019/05/13 12:0 a.m.150 views

Anker Roav A1 Dashcam WifiCmd 9999 Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability. Tested Versions Anker Roav A1...

9.8CVSS8.8AI score0.02234EPSS
Exploits0
Talos
Talos
added 2019/05/13 12:0 a.m.149 views

Novatek NT9665X XML_GetScreen Strncmp denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the XMLGetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9.” A specially crafted set of packets can cause an invalid memory dereference, resulting in a device reboot...

7.8CVSS7.5AI score0.01469EPSS
Exploits1
Talos
Talos
added 2023/12/23 12:0 a.m.146 views

instipod DuoUniversalKeycloakAuthenticator challenge information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1907 instipod DuoUniversalKeycloakAuthenticator challenge information disclosure vulnerability December 23, 2023 CVE Number CVE-2023-49594 SUMMARY An information disclosure vulnerability exists in the challenge functionality of instipod...

6.5CVSS6AI score0.01243EPSS
Exploits1
Talos
Talos
added 2021/06/22 12:0 a.m.146 views

Moodle spellchecker plugin command execution vulnerability

Summary A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities. Tested Versions Moodle 3.10 Product...

9.1CVSS9.7AI score0.24173EPSS
Exploits7
Talos
Talos
added 2019/04/15 12:0 a.m.146 views

Shimo VPN helper tool configureRoutingWithCommand privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the configureRoutingWithCommand function. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine for a...

9.3CVSS8.1AI score0.0068EPSS
Exploits1
Talos
Talos
added 2017/10/31 12:0 a.m.146 views

Cesanta Mongoose HTTP Server CGI Remote Code Execcution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta Mongoose 6.8. An ordinary HTTP POST request with a CGI target can cause a reuse of previously freed pointer potentially resulting in remote code execution. An attacker needs to send this HTTP...

9.8CVSS9.9AI score0.0276EPSS
Exploits2
Talos
Talos
added 2017/04/21 12:0 a.m.146 views

Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability

Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...

10CVSS9.4AI score0.0233EPSS
Exploits1
Talos
Talos
added 2019/05/13 12:0 a.m.143 views

Novatek NT9665X XML_GetThumbNail denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the thumbnail display functionality of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9”. A specially crafted packet can cause a null pointer dereference, resulting in a device reboot. Tested...

7.8CVSS7.5AI score0.0164EPSS
Exploits1
Talos
Talos
added 2019/05/06 12:0 a.m.143 views

Jenkins GitLab Plugin Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the testConnection functionality of the Jenkins GitLab Plugin 1.5.11. A specially crafted HTTP request from a user with Overall/Read permissions - such as an anonymous user, if enabled - can cause affected versions of this plug...

8CVSS7.5AI score0.01355EPSS
Exploits0
Talos
Talos
added 2016/06/08 12:0 a.m.143 views

Google Chrome PDFium jpeg2000 SIZ Code Execution Vulnerability

SUMMARY An exploitable heap buffer overflow vulnerability exists in the Pdfium PDF reader included in the Google Chrome web browser. A specially crafted PDF document with embedded jpeg2000 image can cause a heap buffer overflow potentially resulting in an arbitrary code execution. An attacker can...

8.8CVSS8.6AI score0.01532EPSS
Exploits1
Talos
Talos
added 2022/10/10 12:0 a.m.142 views

VMware vCenter Server Platform Services Controller Unsafe Deserialization vulnerability

Talos Vulnerability Report TALOS-2022-1587 VMware vCenter Server Platform Services Controller Unsafe Deserialization vulnerability October 10, 2022 CVE Number CVE-2022-31680 SUMMARY An unsafe deserialization vulnerability exists in the Platform Services Controller functionality of VMware vCenter...

9.1CVSS9.6AI score0.33064EPSS
Exploits1
Talos
Talos
added 2021/08/16 12:0 a.m.142 views

GPAC Project on Advanced Content library MPEG-4 Decoding multiple multiplication integer overflow vulnerabilities

Summary Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow...

9AI score
Exploits0
Talos
Talos
added 2019/05/13 12:0 a.m.142 views

Novatek NT9665X HFS Recv buffer overflow code execution vulnerability

Summary An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9.” A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code executio...

10CVSS9.3AI score0.02853EPSS
Exploits1
Talos
Talos
added 2016/12/03 12:0 a.m.142 views

ImageMagick Convert Tiff Adobe Deflate Code Execution Vulnerability

Summary An exploitable out of bounds write exists in the handling of compressed TIFF images in ImageMagicks’s convert utility. A crafted TIFF document can lead to an out of bounds write which in particular circumstances could be leveraged into remote code execution.. The vulnerability can be...

7.8CVSS0.1AI score0.03653EPSS
Exploits2
Talos
Talos
added 2019/08/20 12:0 a.m.141 views

Aspose Aspose.Cells for C++ Number Code Execution Vulnerability

Summary An exploitable out-of-bounds read vulnerability exists in the Number record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigge...

9.8CVSS8.9AI score0.0314EPSS
Exploits0
Talos
Talos
added 2019/05/13 12:0 a.m.141 views

Novatek NT9665X XML_UploadFile path overflow code execution vulnerability

Summary An exploitable code execution vulnerability exists in the XMLUploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9”. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. Tested...

10CVSS9.4AI score0.02825EPSS
Exploits1
Talos
Talos
added 2022/01/26 12:0 a.m.140 views

Reolink RLC-410W cgiserver.cgi Login authentication bypass vulnerability

Summary An authentication bypass vulnerability exists in the cgiserver.cgi Login functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to authentication bypass. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Reolink...

6.5CVSS6.3AI score0.01229EPSS
Exploits1
Talos
Talos
added 2021/02/03 12:0 a.m.140 views

SoftMaker Office PlanMaker Document Record 0x800d memory corruption vulnerability

Summary An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is...

8.8CVSS7.9AI score0.01032EPSS
Exploits1
Talos
Talos
added 2020/08/18 12:0 a.m.140 views

ERPNext frappe.desk.reportview.get SQL injection vulnerability

Talos Vulnerability Report TALOS-2020-1091 ERPNext frappe.desk.reportview.get SQL injection vulnerability August 18, 2020 CVE Number CVE-2020-6145 SUMMARY An SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.1.38. A specially crafted HTTP request can...

8.8CVSS7.9AI score0.01803EPSS
Exploits1
Talos
Talos
added 2019/12/11 12:0 a.m.140 views

Linux kernel CAM table denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different...

7.4CVSS6.9AI score0.10114EPSS
Exploits1
Talos
Talos
added 2019/05/13 12:0 a.m.140 views

Novatek NT9665X XML_UploadFile WifiCmd denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the XMLUploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9.” A specially crafted packet can cause a semaphore deadlock, which prevents the device from receiving any...

7.8CVSS6.2AI score0.01735EPSS
Exploits1
Talos
Talos
added 2021/02/03 12:0 a.m.139 views

SoftMaker Office PlanMaker Document Records 0x8011 and 0x820a integer overflow vulnerability

Summary An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap...

8.8CVSS7.9AI score0.72559EPSS
Exploits1
Talos
Talos
added 2019/10/30 12:0 a.m.138 views

YouPHPTube /objects/video.php getVideo videoName code execution vulnerability

Summary An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. A specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration of the database and local file inclusion, which could potentially further lead to code...

10CVSS9.9AI score0.02265EPSS
Exploits1
Talos
Talos
added 2019/05/08 12:0 a.m.138 views

Alpine Linux Docker Image root User Hard-Coded Credential Vulnerability

Summary Versions of the Official Alpine Linux Docker images since v3.3 contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December t2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux...

10CVSS9.7AI score0.06263EPSS
Exploits2
Talos
Talos
added 2019/06/10 12:0 a.m.137 views

Schneider Electric Modicon M580 UnityPro reliance on untrusted inputs vulnerability

Summary An exploitable reliance on untrusted inputs vulnerability exists in the strategy transfer function of the Schneider Electric Unity Pro L Programming Software. When a specially crafted strategy is programmed to a Modicon M580 Programmable Automation Controller, and UnityProL is used to rea...

5.3CVSS5.6AI score0.01509EPSS
Exploits0
Talos
Talos
added 2019/05/13 12:0 a.m.137 views

Novatek NT9665X XML_GetRawEncJpg denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the XMLGetRawEncJpg Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9”. A specially crafted packet can cause an invalid memory dereference, resulting in a device reboot. Teste...

7.8CVSS7.5AI score0.0164EPSS
Exploits1
Talos
Talos
added 2019/03/19 12:0 a.m.137 views

CUJO Smart Firewall threatd hostname reputation check code execution vulnerability

Summary An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua statement...

10CVSS9.2AI score0.02669EPSS
Exploits1
Talos
Talos
added 2017/08/10 12:0 a.m.137 views

GNOME libsoup HTTP Chunked Encoding Remote Code Execution Vulnerability

Summary An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability...

9.8CVSS9.8AI score0.24337EPSS
Exploits4
Talos
Talos
added 2017/03/07 12:0 a.m.137 views

Pharos PopUp Printer Client DecodeBinary Code Execution Vulnerability

Summary An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is always...

10CVSS9.8AI score0.07834EPSS
Exploits1
Talos
Talos
added 2017/07/19 12:0 a.m.136 views

Information Builders WebFOCUS Business Intelligence Portal Command Execution Vulnerability

Summary An exploitable command execution vulnerability exists in Information Builders WebFOCUS Business Intelligence Portal 8.1 . A specially crafted web parameter can cause a command injection. An authenticated attacker can send a crafted web request to trigger this vulnerability. Tested Version...

9CVSS9.1AI score0.03842EPSS
Exploits0
Talos
Talos
added 2020/09/30 12:0 a.m.133 views

NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MUL code execution vulnerability

Summary An exploitable code execution vulnerability exists in the nvwg MUL functionality of NVIDIA D3D10 Driver Version 442.50 - 26.21.14.4250. A specially crafted shader can cause remote code execution. An attacker can use this vulnerability to guest-to-host escape through Hyper-V RemoteFX. Test...

7.8CVSS8AI score0.00359EPSS
Exploits0
Talos
Talos
added 2018/12/21 12:0 a.m.132 views

Telegram Android Secret Chats Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the “Secret Chats” functionality of the Telegram Android messaging application version 4.9.0. The “Secret Chats” functionality allows a user to delete all traces of a chat, either by using a time trigger or by direct request...

5.5CVSS4.8AI score0.00428EPSS
Exploits1
Talos
Talos
added 2021/02/09 12:0 a.m.131 views

Accusoft ImageGear TIFF index record out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.8 Product URLs...

9.8CVSS9AI score0.01855EPSS
Exploits1
Talos
Talos
added 2019/05/29 12:0 a.m.131 views

PaX read_kmem denial of service vulnerability

Summary An exploitable vulnerability exists in the grsecurity PaX patch for the function readkmem, in PaX from version pax-linux-4.9.8-test1 to 4.9.24-test7, grsecurity official from version grsecurity-3.1-4.9.8-201702060653 to grsecurity-3.1-4.9.24-201704252333, grsecurity unofficial from versio...

5.9CVSS5.7AI score0.00745EPSS
Exploits1
Talos
Talos
added 2018/05/07 12:0 a.m.130 views

Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities

Summary Multiple exploitable remote command injection vulnerabilities exist in the MySQL Master-Master Replication Manager MMM mmmagentd daemon 2.2.1. mmmagentd commonly runs with root privileges and does not require authentication by default. A specially crafted MMM protocol message can cause a...

10CVSS10AI score0.06164EPSS
Exploits4
Talos
Talos
added 2017/06/19 12:0 a.m.130 views

Foscam IP Video Camera CGIProxy.fcgi FTP Startup Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters resulting in command injection...

8.8CVSS8.2AI score0.04815EPSS
Exploits2
Talos
Talos
added 2022/08/01 12:0 a.m.129 views

TCL LinkHub Mesh Wifi GetValue buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1463 TCL LinkHub Mesh Wifi GetValue buffer overflow vulnerability August 1, 2022 CVE Number...

9.8CVSS9.5AI score0.01088EPSS
Exploits25
Talos
Talos
added 2020/02/11 12:0 a.m.129 views

Windows 10 win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability

Summary A use after free vulnerability exists in Windows 10, Version 10.0.19033.1, when a Win32k component fails to properly handle objects in memory. Successful exploitation of this vulnerability can lead to arbitrary code execution in the kernel context and elevation of privileges. This...

7.8CVSS8.5AI score0.01055EPSS
Exploits0
Talos
Talos
added 2019/07/29 12:0 a.m.129 views

SDL_image XPM image colorhash parsing Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the XPM image rendering function of SDL2image 2.0.4. A specially crafted XPM image can cause an integer overflow in the colorhash function, allocating too small of a buffer. This buffer can then be written out of bounds, resulting in a...

8.8CVSS8.9AI score0.04043EPSS
Exploits1
Talos
Talos
added 2023/03/21 12:0 a.m.128 views

Netgear Orbi Router RBR750 access control command execution vulnerability

Talos Vulnerability Report TALOS-2022-1596 Netgear Orbi Router RBR750 access control command execution vulnerability March 21, 2023 CVE Number CVE-2022-37337 SUMMARY A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A...

9.1CVSS8.8AI score0.02828EPSS
Exploits1
Talos
Talos
added 2021/01/26 12:0 a.m.128 views

Micrium uC-HTTP HTTP Server null pointer dereference denial-of-service vulnerability

Summary A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Micrium uC-HTTP 3.01.00 Product URLs...

8.6CVSS7.6AI score0.01881EPSS
Exploits1
Talos
Talos
added 2019/12/16 12:0 a.m.128 views

WAGO PFC200 iocheckd service "I/O-Check" factory restore denial-of-service vulnerability

WAGO PFC200 iocheckd service “I/O-Check” factory restore denial-of-service vulnerability Summary An exploitable denial-of-service vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A single packet can cause a denial of service and weaken credentials resulting ...

9.1CVSS9.2AI score0.016EPSS
Exploits0
Talos
Talos
added 2019/04/23 12:0 a.m.128 views

Symantec Endpoint Protection Small Business Edition ccSetx86.sys 0x224844 kernel memory information disclosure vulnerability

Summary An exploitable kernel memory disclosure vulnerability exists in the 0x224844 IOCTL handler function of Symantec Endpoint Protection Small Business Edition ccSetx86.sys, version 16.0.0.77. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in...

6.5CVSS6AI score0.00386EPSS
Exploits0
Talos
Talos
added 2020/03/24 12:0 a.m.127 views

Intel Raid Web Console 3 DISCOVERY Denial of Service

Summary An exploitable denial of service vulnerability exists in the web API functionality of Intel Raid Web Console 3. A specially crafted request can cause the LSA.exe service to exit, resulting in a denial of service. A remote unauthenticated attacker can send a malicious POST request to trigg...

7.5CVSS7.6AI score0.01524EPSS
Exploits0
Talos
Talos
added 2020/09/23 12:0 a.m.126 views

Aveva eDNA Enterprise Data Historian Alias.asmx SQL injection Vulnerability

Talos Vulnerability Report TALOS-2020-1109 Aveva eDNA Enterprise Data Historian Alias.asmx SQL injection Vulnerability September 23, 2020 CVE Number CVE-2020-13507, CVE-2020-13508 Summary Multiple SQL injection vulnerabilities exist in the Alias.asmx Web Service functionality of eDNA Enterprise...

7.5AI score
Exploits0
Talos
Talos
added 2021/02/05 12:0 a.m.125 views

Accusoft ImageGear GIF LZW decoder heap overflow vulnerability

Summary A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this...

9.8CVSS9.1AI score0.01917EPSS
Exploits1
Talos
Talos
added 2023/02/02 12:0 a.m.124 views

Moxa SDS-3008 Series Industrial Ethernet Switch web server denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1618 Moxa SDS-3008 Series Industrial Ethernet Switch web server denial of service vulnerability February 2, 2023 CVE Number CVE-2022-40224 SUMMARY A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial...

7.5CVSS6.3AI score0.64686EPSS
Exploits1
Talos
Talos
added 2020/11/12 12:0 a.m.124 views

Pixar OpenUSD SDF layer path remote code execution

Summary A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08 processes reference paths textual USD files. A specially crafted file can trigger the reuse of a freed memory which can result in further memory corruption and arbitrary code execution. To trigger this vulnerability, the...

8.8CVSS8.5AI score0.02682EPSS
Exploits1
Talos
Talos
added 2020/11/12 12:0 a.m.124 views

Pixar OpenUSD Binary File Format Decompressed Path Rebuilding Memory corruption

Summary An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files. A specially crafted malformed file can trigger an out of bounds memory modification which can result in remote code execution. To trigger this vulnerability,...

8.8CVSS8AI score0.02023EPSS
Exploits1
Talos
Talos
added 2021/08/16 12:0 a.m.121 views

GPAC Project Advanced Content MPEG-4 Decoding multiple integer truncation vulnerabilities

Summary Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes...

8.9AI score
Exploits0
Total number of security vulnerabilities2224