Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2019/10/17 12:0 a.m.96 views

YouPHPTube /objects/pluginSwitch.json.php Multiple SQL Injection Vulnerabilities

Summary Exploitable SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.6AI score0.01064EPSS
Exploits3
Talos
Talos
added 2018/07/03 12:0 a.m.96 views

IBM AIX rmsock SetUID Binary Information Leak

Summary An exploitable kernel memory leak vulnerability is exposed by the rmsock setUID functionality of IBM AIX 6.1 and IBM AIX 7.1. A specially crafted command line can cause a kernel memory leak, resulting in uninitialized kernel memory being exposed. An attacker can execute rmuser with an...

5.5CVSS4.7AI score0.00425EPSS
Exploits0
Talos
Talos
added 2018/06/05 12:0 a.m.96 views

Ocularis Recorder VMS_VA Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the Ocularis Recorder functionality of Ocularis 5.5.0.242. A specially crafted TCP packet can cause a process to terminate resulting in denial of service. An attacker can send a crafted TCP packet to trigger this vulnerability. Test...

7.5CVSS7.7AI score0.01938EPSS
Exploits1
Talos
Talos
added 2018/03/28 12:0 a.m.96 views

Allen Bradley Micrologix 1400 Series B Unauthenticated Data/Program/Function File Improper Access Control Vulnerability

Summary An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive...

10CVSS9.6AI score0.38208EPSS
Exploits12
Talos
Talos
added 2020/09/30 12:0 a.m.95 views

NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV code execution vulnerability

Summary An exploitable code execution vulnerability exists in the nvwg MOV functionality of the NVIDIA D3D10 driver, version 442.50 - 26.21.14.4250. A specially crafted shader can cause remote code execution. An attacker can use this vulnerability to guest-to-host escape through Hyper-V RemoteFX...

7.8CVSS8AI score0.00359EPSS
Exploits0
Talos
Talos
added 2020/05/18 12:0 a.m.95 views

Nitro Pro PDF Pattern Object Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary code execution. In order to trigger this vulnerability, victim must open a malicious file...

8.8CVSS8.5AI score0.42268EPSS
Exploits1
Talos
Talos
added 2020/03/09 12:0 a.m.95 views

WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Command Injection Vulnerabilities

Summary An exploitable command injection vulnerability exists in the iocheckd service “I/O-Check” function of the WAGO PFC 200. A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to...

7.8CVSS8.1AI score0.01358EPSS
Exploits4
Talos
Talos
added 2019/09/09 12:0 a.m.95 views

NETGEAR N300 WNR2000v5 unauthenticated HTTP denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 WNR2000v5 HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null pointer dereference, resulting in the HTTP servic...

7.5CVSS7.6AI score0.0313EPSS
Exploits1
Talos
Talos
added 2019/07/30 12:0 a.m.95 views

Yara Object Lookup Denial of Service Vulnerability

Summary An exploitable Denial of Service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this...

6.5CVSS5.5AI score0.01079EPSS
Exploits1
Talos
Talos
added 2019/04/25 12:0 a.m.95 views

Sierra Wireless AirLink ES450 ACEManager template_load.cgi Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the ACEManager templateload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can ma...

6.5CVSS7AI score0.04132EPSS
Exploits3
Talos
Talos
added 2019/03/19 12:0 a.m.95 views

CUJO Smart Firewall mdnscap mDNS label compression denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the...

7.8CVSS6.2AI score0.01569EPSS
Exploits1
Talos
Talos
added 2018/05/15 12:0 a.m.95 views

Adobe Acrobat Reader DC ANFancyAlertImpl Remote Code Execution Vulnerability

Summary A specific Javascript script embedded in a PDF file can lead to a pointer to previously freed object to be reused when opening a PDF document in Adobe Acrobat Reader DC 2018.009.20044. With careful memory manipulation, this can potentially lead to sensitive memory disclosure or arbitrary...

10CVSS9.7AI score0.15976EPSS
Exploits1
Talos
Talos
added 2017/07/07 12:0 a.m.95 views

Poppler PDF library JPEG 2000 levels Code Execution Vulnerability

Summary An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code...

8.8CVSS8.8AI score0.04415EPSS
Exploits2
Talos
Talos
added 2022/02/01 12:0 a.m.94 views

Sealevel Systems, Inc. SeaConnect 370W LLMNR/NBNS stack-based buffer overflow vulnerabilities

Summary A stack-based buffer overflow vulnerability exists in both the LLMNR and NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger either of the...

10CVSS9.6AI score0.02639EPSS
Exploits2
Talos
Talos
added 2020/08/31 12:0 a.m.94 views

OS4Ed openSIS login SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exists in the login functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.3 Product URLs...

9.8CVSS9.9AI score0.03938EPSS
Exploits1
Talos
Talos
added 2020/02/10 12:0 a.m.94 views

Accusoft ImageGear JPEG jpegread precision code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG jpegread precision parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a...

9.8CVSS9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2018/05/31 12:0 a.m.94 views

Natus Xltek EEG NeuroWorks Invalid KeyTree Entry Denial-of-Service Vulnerability

Summary An exploitable denial-of-service vulnerability exists in the lookup entry functionality of KeyTrees in Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this...

7.5CVSS7.5AI score0.01388EPSS
Exploits0
Talos
Talos
added 2017/02/03 12:0 a.m.94 views

Nitro Pro 10 PDF Handling Code Execution Vulnerability

Summary A potential remote code execution vulnerability exists in the PDF parsing functionality of Nitro Pro 10. A specially crafted PDF file can cause a vulnerability resulting in potential code execution. An attacker can send the victim a specific PDF file to trigger this vulnerability. Tested...

8.8CVSS8AI score0.01958EPSS
Exploits1
Talos
Talos
added 2021/08/10 12:0 a.m.93 views

Microsoft Azure Sphere Security Monitor SECTION_ABIDepends denial of service vulnerability

Talos Vulnerability Report TALOS-2021-1311 Microsoft Azure Sphere Security Monitor SECTIONABIDepends denial of service vulnerability August 10, 2021 CVE Number None SUMMARY A denial of service vulnerability exists in the Security Monitor SECTIONABIDepends functionality of Microsoft Azure Sphere...

7.2AI score
Exploits0
Talos
Talos
added 2020/05/06 12:0 a.m.93 views

3S-Smart Software Solutions GmbH CODESYS Runtime PLC_Task Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the PLCTask functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability. Tested...

9.9CVSS9.3AI score0.01757EPSS
Exploits1
Talos
Talos
added 2019/12/11 12:0 a.m.93 views

Apple Safari SVG Marker Element baseVal Remote Code Execution Vulnerability

Summary A freed memory access vulnerability exists in the SVG Marker Element feature of Apple Safari’s WebKit version 13.0.2. A specially crafted HTML web page can cause a use after free, resulting in memory corruption and possibly arbitrary code execution. To trigger this vulnerability, a...

9.3CVSS8.8AI score0.02238EPSS
Exploits0
Talos
Talos
added 2019/11/12 12:0 a.m.93 views

Microsoft Office Excel WorksheetOptions Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the mso.dll of Microsoft Office. A specially crafted XLS file can cause a use after free, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. Tested Versions...

9.3CVSS8.4AI score0.28178EPSS
Exploits0
Talos
Talos
added 2019/03/19 12:0 a.m.93 views

CUJO Smart Firewall mdnscap mDNS record parsing code execution vulnerability

Summary An exploitable double free vulnerability exists in the mdnscap binary of the CUJO Smart Firewall. When parsing mDNS packets, a memory space is freed twice if an invalid query name is encountered, leading to arbitrary code execution in the context of the mdnscap process. An unauthenticated...

9.8CVSS9.2AI score0.01857EPSS
Exploits1
Talos
Talos
added 2020/09/23 12:0 a.m.92 views

Microsoft Azure Sphere Littlefs Quota denial of service vulnerability

Talos Vulnerability Report TALOS-2020-1129 Microsoft Azure Sphere Littlefs Quota denial of service vulnerability September 23, 2020 CVE Number CVE-2020-16986 SUMMARY A denial of service vulnerability exists in the Littlefs Quota functionality of Microsoft Azure Sphere 20.06. A specially crafted s...

6.2CVSS6.7AI score0.01249EPSS
Exploits1
Talos
Talos
added 2019/11/04 12:0 a.m.92 views

Investintech Able2Extract professional JPEG decoding code execution vulnerability

Summary An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional. A specially crafted JPEG file can cause an out-of-bounds memory write, allowing an attacker to execute arbitrary code on the victim machine. An attacker could exploit a vulnerability by...

8.8CVSS8.2AI score0.01955EPSS
Exploits1
Talos
Talos
added 2020/08/31 12:0 a.m.91 views

OS4Ed openSIS id parameter multiple SQL injection vulnerabilities

Summary Multiple exploitable SQL injection vulnerabilities exist in the ID parameters of OS4Ed openSIS 7.3 pages. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities. Tested Versions OS4Ed openSIS 7.3...

8.8CVSS8.1AI score0.01403EPSS
Exploits3
Talos
Talos
added 2019/09/03 12:0 a.m.91 views

Epignosis eFront LMS PHP deserialization code execution vulnerability

Summary A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker can send a crafted web parameter to trigger this vulnerability. Tested Versions Epignosis...

8.8CVSS9AI score0.0228EPSS
Exploits1
Talos
Talos
added 2018/03/28 12:0 a.m.91 views

Nvidia D3D10 Driver Pixel Shader Heap Memory Corruption Vulnerability

Summary An exploitable heap memory corruption vulnerability exists in the NVIDIA D3D10 Driver 22.21.13.8607. A specially crafted pixel shader can cause heap memory corruption, resulting in at least denial of service, and potential code execution. An attacker can provide a specially crafted shader...

7.8CVSS8.5AI score0.00396EPSS
Exploits0
Talos
Talos
added 2017/10/31 12:0 a.m.91 views

Cesanta Mongoose MQTT SUBSCRIBE Multiple Topics Remote Code Execution

Summary An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT...

9.8CVSS9.8AI score0.31045EPSS
Exploits2
Talos
Talos
added 2016/01/07 12:0 a.m.91 views

RTMPDump librtmp AMF3 MemberName Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0066 RTMPDump librtmp AMF3 MemberName Denial of Service Vulnerability January 7, 2016 CVE Number CVE-2015-8270 Description The vulnerability occurs within the AMF3ReadString function within amf.c. If an attacker sets up a malicious RTMP Media server that...

7.5CVSS8.4AI score0.03155EPSS
Exploits1
Talos
Talos
added 2021/07/07 12:0 a.m.90 views

IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c40a148 vulnerability

Summary An information disclosure vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to a disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerabilit...

6.5CVSS5.2AI score0.00336EPSS
Exploits1
Talos
Talos
added 2019/09/16 12:0 a.m.90 views

Atlassian Jira issueTable username information disclosure vulnerability

Summary An username information disclosure vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. Anonymous users can differentiate between valid usernames and invalid usernames via /rest/issueNav/1/issueTable API endpoint. Tested Versions Atlassian Jira 7.6.4 Atlassian Jira 8.1.0...

5.3CVSS5.3AI score0.1755EPSS
Exploits1
Talos
Talos
added 2018/07/10 12:0 a.m.90 views

Adobe Acrobat Reader DC Collab.drivers Remote Code Execution Vulnerability

Summary A specific JavaScript code embedded in a PDF file can lead to an object type confusion when opening a PDF document in Adobe Acrobat Reader DC 2018.011.20038. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim wou...

10CVSS9.7AI score0.08818EPSS
Exploits0
Talos
Talos
added 2023/01/26 12:0 a.m.89 views

Siretta QUARTZ-GOLD DetranCLI command parsing stack-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2022-1613 Siretta QUARTZ-GOLD DetranCLI command parsing stack-based buffer overflow vulnerabilities January 26, 2023 CVE Number...

9.8CVSS9.4AI score0.02692EPSS
Exploits31
Talos
Talos
added 2021/10/18 12:0 a.m.89 views

ZTE MF971R goform_get_cmd_process Config Control External config control vulnerability

Summary An exploitable Pre-Auth Configuration File Control vulnerability exists in ZTE MF971R LTE router version wainnerversion:BDPLKPLMF971R1V1.0.0B06. A specially-crafted HTTP request can cause a configuration file entry overwrite. An attacker needs to provide a URL to the victim to trigger the...

7.5CVSS7.9AI score0.00798EPSS
Exploits0
Talos
Talos
added 2021/07/27 12:0 a.m.89 views

Foxit Reader FileAttachment annotation use-after-free vulnerability redux

Summary A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.4.37651. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into openi...

8.8CVSS8.8AI score0.01765EPSS
Exploits1
Talos
Talos
added 2020/12/08 12:0 a.m.89 views

Microsoft Office ElementType code execution vulnerability

Summary An exploitable use-after-free vulnerability exists in Excel as part of Microsoft Office 365 ProPlus x86, version 2002, build 12527.20988. A specially crafted XLS file can cause a use-after-free condition, resulting in remote code execution. An attacker needs to provide a malformed file to...

9.3CVSS7.9AI score0.03568EPSS
Exploits0
Talos
Talos
added 2019/10/17 12:0 a.m.89 views

YouPHPTube /objects/videoAddNew.json.php SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause a SQL injection. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.5AI score0.01064EPSS
Exploits1
Talos
Talos
added 2019/10/17 12:0 a.m.89 views

YouPHPTube /objects/subscribeNotify.json.php user_id SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.4AI score0.00966EPSS
Exploits0
Talos
Talos
added 2019/09/16 12:0 a.m.89 views

Atlassian Jira CSRF Login Vulnerability

Summary An exploitable CSRF vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. The login form doesn’t require a CSRF token. As a result, an attacker can log a user into the system under an unexpected account. Tested Versions Atlassian Jira 7.6.4 Atlassian Jira 8.1.0 Product URL...

4.3CVSS7.2AI score0.00301EPSS
Exploits0
Talos
Talos
added 2019/08/05 12:0 a.m.89 views

NVIDIA NVWGF2UMX_CFG.DLL shader functionality code execution vulnerability

Summary An exploitable untrusted pointer dereference vulnerability exists in NVIDIA NVWGF2UMXCFG driver, versions 24.21.14.1216 and 412.16. A specially crafted pixel shader can cause an untrusted pointer dereference, potentially resulting in code execution. An attacker can provide a specially...

10CVSS8.2AI score0.05415EPSS
Exploits1
Talos
Talos
added 2019/08/05 12:0 a.m.89 views

NVIDIA NVWGF2UMX_CFG.DLL Shader functionality DCL_INDEXABLETEMP code execution vulnerability

Summary An exploitable memory corruption vulnerability exists in NVIDIA NVWGF2UMXCFG driver, versions 25.21.14.2531 and 425.31. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this vulnerability. This...

10CVSS8AI score0.05044EPSS
Exploits1
Talos
Talos
added 2016/02/08 12:0 a.m.89 views

Trane ComfortLink II SCC Service Hardcoded Credentials Vulnerability

Talos Vulnerability Report TALOS-2016-0028 Trane ComfortLink II SCC Service Hardcoded Credentials Vulnerability February 8, 2016 CVE Number CVE-2015-2867 Description A design flaw in the Trane ComfortLink II SCC service allows remote attackers to take complete control of the system. During system...

10CVSS9.3AI score0.04867EPSS
Exploits1
Talos
Talos
added 2020/09/30 12:0 a.m.88 views

Apple Safari/Webkit aboutBlankURL() code execution vulnerability

Talos Vulnerability Report TALOS-2020-1124 Apple Safari/Webkit aboutBlankURL code execution vulnerability September 30, 2020 CVE Number CVE-2020-9951 SUMMARY An exploitable use-after-free vulnerability exists in MacOSX Safari Version 13.0.2 15609.2.9.1.2, 610+ Webkit GIT...

8.8CVSS8.7AI score0.02236EPSS
Exploits0
Talos
Talos
added 2019/12/16 12:0 a.m.88 views

WAGO PFC200 iocheckd service "I/O-Check" get_coupler_details remote code execution vulnerability

Summary An exploitable stack buffer overflow vulnerability exists in the command line utility getcouplerdetails of the WAGO PFC 200. A specially crafted set of packets sent to the iocheckd service “I/O-Check” can cause a stack buffer overflow in the sub-process getcouplerdetails, resulting in cod...

10CVSS10AI score0.03866EPSS
Exploits1
Talos
Talos
added 2019/10/08 12:0 a.m.88 views

Schneider Electric Modicon M580 FTP cleartext authentication vulnerability

Summary An exploitable information disclosure vulnerability exists in the FTP functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. An attacker can sniff network traffic to exploit this vulnerability. Tested Versions Schneider Electric...

6.5CVSS6.5AI score0.00981EPSS
Exploits0
Talos
Talos
added 2019/07/02 12:0 a.m.88 views

Simple DirectMedia Layer SDL2_image IMG_LoadPCX_RW code execution vulnerability

Summary An exploitable heap-based buffer overflow vulnerability exists when loading a PCX file in SDL2image, version 2.0.4. A missing error handler can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability...

8.8CVSS8.8AI score0.04043EPSS
Exploits1
Talos
Talos
added 2019/03/19 12:0 a.m.88 views

CUJO Smart Firewall static DHCP hostname command injection vulnerability

Summary An exploitable command injection vulnerability exists in the DHCP daemon configuration of the CUJO Smart Firewall. When adding a new static DHCP address, its corresponding hostname is inserted into the dhcpd.conf file without prior sanitization, allowing for arbitrary execution of system...

9CVSS7.8AI score0.02612EPSS
Exploits1
Talos
Talos
added 2019/02/28 12:0 a.m.88 views

Antenna House Rainbow PDF Office server document converter getSummaryInformation NumProperties code execution vulnerability

Summary A heap overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 7,0,2018,1113. While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation...

9.8CVSS9.7AI score0.02301EPSS
Exploits1
Talos
Talos
added 2018/07/10 12:0 a.m.88 views

Adobe Acrobat Reader DC JSON Stringify Remote Code Execution Vulnerability

Summary A specific JavaScript code embedded in a PDF file can lead to a use-after-free condition when opening a PDF document in Adobe Acrobat Reader DC 2018.011.20038. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim...

10CVSS9.4AI score0.10486EPSS
Exploits0
Total number of security vulnerabilities2224