2204 matches found
Foxit Reader Field Calculate event use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1756 Foxit Reader Field Calculate event use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-27379 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting...
Foxit Reader checkThisBox type confusion vulnerability
Talos Vulnerability Report TALOS-2023-1795 Foxit Reader checkThisBox type confusion vulnerability July 19, 2023 CVE Number CVE-2023-32664 SUMMARY A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. Specially crafted Javascript...
Foxit Reader Field OnBlur event use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1757 Foxit Reader Field OnBlur event use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-33866 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting...
Microsoft Edge MSDCPDF Javascript addIcon type confusion vulnerability
Talos Vulnerability Report TALOS-2023-1747 Microsoft Edge MSDCPDF Javascript addIcon type confusion vulnerability July 17, 2023 CVE Number CVE-2023-36887 SUMMARY A memory corruption vulnerability exists in the Javascript implementation of the Acrobat-based PDF engine in Microsoft Edge 112.0.1722....
Apple DCERPC allocation hint uninitialized memory disclosure vulnerability
Talos Vulnerability Report TALOS-2022-1675 Apple DCERPC allocation hint uninitialized memory disclosure vulnerability July 13, 2023 CVE Number None SUMMARY An information disclosure vulnerability exists in the call fault reporting functionality of DCERPC library as used in Apple macOS 12.6.1 that...
VMWare vCenter Server DCERPC presentation result list out of bounds memory access
Talos Vulnerability Report TALOS-2023-1800 VMWare vCenter Server DCERPC presentation result list out of bounds memory access July 13, 2023 CVE Number CVE-2023-20896 SUMMARY An out of bounds memory access vulnerability exists in the processing of packets containing presentation result lists in...
Apple DCERPC array marshaling uninitialized memory disclosure vulnerability
Talos Vulnerability Report TALOS-2022-1688 Apple DCERPC array marshaling uninitialized memory disclosure vulnerability July 13, 2023 CVE Number CVE-2023-27953 SUMMARY There exists a vulnerability in the array marshaling code of DCERPC library as used in Apple macOS 12.6.1 that can lead to use of...
Apple DCERPC association groups heap overflow
Talos Vulnerability Report TALOS-2022-1676 Apple DCERPC association groups heap overflow July 13, 2023 CVE Number CVE-2023-27935 SUMMARY A heap overflow vulnerability exists in the way DCERPC library as used in Apple macOS 12.6.1 keeps track of association groups related to BIND requests. A...
Apple DCERPC packet stats buffer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1660 Apple DCERPC packet stats buffer overflow vulnerability July 13, 2023 CVE Number CVE-2023-23513 SUMMARY A buffer overflow vulnerability exists in the stats logging functionality of DCERPC library as used in Apple macOS 12.6.1 A specially-crafted network...
Apple DCERPC presentation result list out of bounds memory access
Talos Vulnerability Report TALOS-2022-1659 Apple DCERPC presentation result list out of bounds memory access July 13, 2023 CVE Number CVE-2023-23539 SUMMARY An out of bounds memory access vulnerability exists in the processing of packets containing presentation result lists in DCERPC library as...
VMware DCERPC call request uninitialized memory heap overflow vulnerability
Talos Vulnerability Report TALOS-2023-1801 VMware DCERPC call request uninitialized memory heap overflow vulnerability July 13, 2023 CVE Number CVE-2023-20892 SUMMARY A heap overflow vulnerability exists in the request processing functionality of DCERPC library as used in VMware vCenter Server...
Apple DCERPC call request uninitialized memory heap overflow vulnerability
Talos Vulnerability Report TALOS-2022-1677 Apple DCERPC call request uninitialized memory heap overflow vulnerability July 13, 2023 CVE Number CVE-2023-27934 SUMMARY A heap overflow vulnerability exists in the request processing functionality of DCERPC library as used in Apple macOS 12.6.1 that c...
VMWare vCenter Server DCERPC association groups use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1799 VMWare vCenter Server DCERPC association groups use-after-free vulnerability July 13, 2023 CVE Number CVE-2023-20893 SUMMARY A use-after-free vulnerability exists in the library supporting DCERPC functionality in VMWare vCenter Server 7.0.3.01000. A seri...
Apple DCERPC zero length BIND packet infinite loop
Talos Vulnerability Report TALOS-2022-1679 Apple DCERPC zero length BIND packet infinite loop July 13, 2023 CVE Number None SUMMARY An infinite loop vulnerability exists in the way DCERPC library as used in Apple macOS 12.6.1 deals with fragment sizes. A specially-crafted network packet can cause...
Apple DCERPC association groups use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1717 Apple DCERPC association groups use-after-free vulnerability July 13, 2023 CVE Number CVE-2023-32387 SUMMARY A use-after-free vulnerability exists in the library supporting DCERPC functionality in Apple macOS 13.1. A series of specially crafted network...
VMware vCenter DCERPC Improper calculation of authentication trailer pointer
Talos Vulnerability Report TALOS-2022-1658 VMware vCenter DCERPC Improper calculation of authentication trailer pointer July 13, 2023 CVE Number CVE-2023-20894 SUMMARY A memory corruption vulnerability exists in the DCERPC functionality of VMware vCenter Server 7.0.3.01000. A specially crafted...
Apple DCERPC alter context response use-after-free vulnerability
Talos Vulnerability Report TALOS-2022-1678 Apple DCERPC alter context response use-after-free vulnerability July 13, 2023 CVE Number CVE-2023-28180 SUMMARY A use-after-free vulnerability exists in the state machine of DCERPC library as used in Apple macOS 12.6.1 that can lead to a use-after-free...
Apple DCERPC fixed array use after free vulnerability
Talos Vulnerability Report TALOS-2022-1689 Apple DCERPC fixed array use after free vulnerability July 13, 2023 CVE Number CVE-2023-27958 SUMMARY There exists a vulnerability in the fixed size array marshaling code of DCERPC library as used in Apple macOS 12.6.1 that can result in arbitrary code...
VMware vCenter Server DCERPC save_sec_fragment out-of-bounds pointer vulnerability
Talos Vulnerability Report TALOS-2023-1740 VMware vCenter Server DCERPC savesecfragment out-of-bounds pointer vulnerability July 13, 2023 CVE Number CVE-2023-20895 SUMMARY A memory corruption vulnerability with a potential for authentication bypass exists in the DCERPC service as used by VMware...
Milesight UR32L zebra vlan_name OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2023-1723 Milesight UR32L zebra vlanname OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-25582,CVE-2023-25583 SUMMARY Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially...
Milesight UR32L libzebra.so security_decrypt_password buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1715 Milesight UR32L libzebra.so securitydecryptpassword buffer overflow vulnerability July 6, 2023 CVE Number CVE-2023-24018 SUMMARY A stack-based buffer overflow vulnerability exists in the libzebra.so.0.0.0 securitydecryptpassword functionality of Milesigh...
Milesight UR32L urvpn_client http_connection_readcb stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1718 Milesight UR32L urvpnclient httpconnectionreadcb stack-based buffer overflow vulnerability July 6, 2023 CVE Number CVE-2023-24019 SUMMARY A stack-based buffer overflow vulnerability exists in the urvpnclient httpconnectionreadcb functionality of Milesigh...
Milesight UR32L libzebra.so bridge_group OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1698 Milesight UR32L libzebra.so bridgegroup OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22306 SUMMARY An OS command injection vulnerability exists in the libzebra.so bridgegroup functionality of Milesight UR32L v32.3.0.5. A specially...
Milesight UR32L uhttpd login buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1697 Milesight UR32L uhttpd login buffer overflow vulnerability July 6, 2023 CVE Number CVE-2023-23902 SUMMARY A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead ...
Milesight UR32L luci2-io file-export mib directory traversal vulnerability
Talos Vulnerability Report TALOS-2023-1695 Milesight UR32L luci2-io file-export mib directory traversal vulnerability July 6, 2023 CVE Number CVE-2023-23547 SUMMARY A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially...
Milesight MilesightVPN requestHandlers.js verifyToken authentication bypass vulnerability
Talos Vulnerability Report TALOS-2023-1700 Milesight MilesightVPN requestHandlers.js verifyToken authentication bypass vulnerability July 6, 2023 CVE Number CVE-2023-22844 SUMMARY An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN...
Milesight UR32L urvpn_client cmd_name_action OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2023-1710 Milesight UR32L urvpnclient cmdnameaction OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-24583,CVE-2023-24582 SUMMARY Two OS command injection vulnerabilities exist in the urvpnclient cmdnameaction functionality of Milesight UR32L...
Milesight UR32L vtysh_ubus toolsh_excute.constprop.1 OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2023-1706 Milesight UR32L vtyshubus toolshexcute.constprop.1 OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-24519,CVE-2023-24520 SUMMARY Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of...
Milesight MilesightVPN requestHandlers.js detail_device cross-site scripting (XSS) vulnerabilities
Talos Vulnerability Report TALOS-2023-1704 Milesight MilesightVPN requestHandlers.js detaildevice cross-site scripting XSS vulnerabilities July 6, 2023 CVE Number CVE-2023-24497,CVE-2023-24496 SUMMARY Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice...
Milesight UR32L vtysh_ubus tcpdump_start_cb OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1714 Milesight UR32L vtyshubus tcpdumpstartcb OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22653 SUMMARY An OS command injection vulnerability exists in the vtyshubus tcpdumpstartcb functionality of Milesight UR32L v32.3.0.5. A speciall...
Milesight UR32L urvpn_client Certificate Validation vulnerability
Talos Vulnerability Report TALOS-2023-1705 Milesight UR32L urvpnclient Certificate Validation vulnerability July 6, 2023 CVE Number CVE-2023-23546 SUMMARY A misconfiguration vulnerability exists in the urvpnclient functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle...
Milesight MilesightVPN liburvpn.so create_private_key OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1703 Milesight MilesightVPN liburvpn.so createprivatekey OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22371 SUMMARY An os command injection vulnerability exists in the liburvpn.so createprivatekey functionality of Milesight VPN v2.0.2. ...
Milesight UR32L ys_thirdparty user_delete OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1694 Milesight UR32L ysthirdparty userdelete OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-23550 SUMMARY An OS command injection vulnerability exists in the ysthirdparty userdelete functionality of Milesight UR32L v32.3.0.5. A specially...
Milesight UR32L ys_thirdparty system_user_script OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1713 Milesight UR32L ysthirdparty systemuserscript OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-24595 SUMMARY An OS command injection vulnerability exists in the ysthirdparty systemuserscript functionality of Milesight UR32L v32.3.0.5. ...
Milesight UR32L vtysh_ubus _get_fw_logs OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1712 Milesight UR32L vtyshubus getfwlogs OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22299 SUMMARY An OS command injection vulnerability exists in the vtyshubus getfwlogs functionality of Milesight UR32L v32.3.0.5. A specially crafted...
Milesight UR32L ys_thirdparty check_system_user OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1711 Milesight UR32L ysthirdparty checksystemuser OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22365 SUMMARY An OS command injection vulnerability exists in the ysthirdparty checksystemuser functionality of Milesight UR32L v32.3.0.5. A...
Milesight UR32L vtysh_ubus sprintf pattern buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1716 Milesight UR32L vtyshubus sprintf pattern buffer overflow vulnerabilities July 6, 2023 CVE Number...
Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability
Talos Vulnerability Report TALOS-2023-1701 Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability July 6, 2023 CVE Number CVE-2023-22319 SUMMARY A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A...
Milesight MilesightVPN server.js start directory traversal vulnerability
Talos Vulnerability Report TALOS-2023-1702 Milesight MilesightVPN server.js start directory traversal vulnerability July 6, 2023 CVE Number CVE-2023-23907 SUMMARY A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network...
Milesight UR32L eventcore access violation vulnerability
Talos Vulnerability Report TALOS-2023-1696 Milesight UR32L eventcore access violation vulnerability July 6, 2023 CVE Number CVE-2023-23571 SUMMARY An access violation vulnerability exists in the eventcore functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to...
Milesight UR32L libzebra.so change_hostname OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1699 Milesight UR32L libzebra.so changehostname OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22659 SUMMARY An os command injection vulnerability exists in the libzebra.so changehostname functionality of Milesight UR32L v32.3.0.5. A...
Diagon Sequence::DrawText heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1744 Diagon Sequence::DrawText heap-based buffer overflow vulnerability July 5, 2023 CVE Number CVE-2023-27390 SUMMARY A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown...
Diagon GraphPlanar::Write improper array index validation vulnerability
Talos Vulnerability Report TALOS-2023-1745 Diagon GraphPlanar::Write improper array index validation vulnerability July 5, 2023 CVE Number CVE-2023-31194 SUMMARY An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted...
Google Chrome WebGL rx::Image11::disassociateStorage use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1724 Google Chrome WebGL rx::Image11::disassociateStorage use-after-free vulnerability June 26, 2023 CVE Number CVE-2023-1531 SUMMARY A use-after-free vulnerability exists in the WebGL rx::Image11::disassociateStorage functionality of Google Chrome Stable...
Microsoft Office Excel WebCharts out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1734 Microsoft Office Excel WebCharts out-of-bounds write vulnerability June 13, 2023 CVE Number CVE-2023-33133 SUMMARY An access violation vulnerability exists in the WebCharts functionality of Microsoft Office Excel 2019 Plus version 2302 build 16130.20332....
Microsoft Office Excel FreePhisxdb arbitrary free vulnerability
Talos Vulnerability Report TALOS-2023-1730 Microsoft Office Excel FreePhisxdb arbitrary free vulnerability June 13, 2023 CVE Number CVE-2023-32029 SUMMARY An arbitrary free vulnerability exists in the FreePhisxdb functionality of Microsoft Office Excel 2019 Plus 16.0.16130.20218. A...
Mitsubishi Electric Corporation MELSEC iQ-F FX5U MELSOFT Direct memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1727 Mitsubishi Electric Corporation MELSEC iQ-F FX5U MELSOFT Direct memory corruption vulnerability May 26, 2023 CVE Number CVE-2023-1424 SUMMARY A memory corruption vulnerability exists in the MELSOFT Direct functionality of Mitsubishi Electric Corporation...
Weston Embedded uC-FTPs Authentication authentication bypass vulnerability
Talos Vulnerability Report TALOS-2022-1680 Weston Embedded uC-FTPs Authentication authentication bypass vulnerability May 10, 2023 CVE Number CVE-2022-41985 SUMMARY An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially...
Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2022-1681 Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability May 10, 2023 CVE Number CVE-2022-46377,CVE-2022-46378 SUMMARY An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of...
Google Chrome WebRTC RTCStatsCollector out of bounds memory access vulnerability
Talos Vulnerability Report TALOS-2023-1693 Google Chrome WebRTC RTCStatsCollector out of bounds memory access vulnerability May 4, 2023 CVE Number CVE-2023-0698 SUMMARY An out-of-bounds memory access vulnerability exists in stats reporting functionality of the WebRTC implementation in Google Chro...