2218 matches found
NVIDIA D3D10 Driver Shader Functionality dcl_input index memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1720 NVIDIA D3D10 Driver Shader Functionality dclinput index memory corruption vulnerability August 10, 2023 CVE Number CVE-2022-34671 SUMMARY A memory corruption vulnerability exists in the Shader Functionality of NVIDIA D3D10 Driver NVIDIA D3D10 Driver,...
NVIDIA D3D10 Driver Shader Functionality undeclared dcl_output memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1719 NVIDIA D3D10 Driver Shader Functionality undeclared dcloutput memory corruption vulnerability August 10, 2023 CVE Number CVE-2022-34671 SUMMARY A memory corruption vulnerability exists in the Shader functionality of NVIDIA D3D10 Driver NVIDIA D3D10 Drive...
NVIDIA D3D10 Driver Shader Functionality dcl_resource_structured index memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1721 NVIDIA D3D10 Driver Shader Functionality dclresourcestructured index memory corruption vulnerability August 10, 2023 CVE Number CVE-2022-34671 SUMMARY A memory corruption vulnerability exists in the Shader Functionality of NVIDIA D3D10 Driver NVIDIA D3D1...
Open Babel ORCA format nAtoms out-of-bounds write vulnerabilities
Talos Vulnerability Report TALOS-2022-1665 Open Babel ORCA format nAtoms out-of-bounds write vulnerabilities July 21, 2023 CVE Number CVE-2022-46289,CVE-2022-46290 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the ORCA format nAtoms functionality of Open Babel 3.1.1 and master...
Open Babel MOL2 format attribute and value out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2022-1664 Open Babel MOL2 format attribute and value out-of-bounds write vulnerability July 21, 2023 CVE Number CVE-2022-43607 SUMMARY An out-of-bounds write vulnerability exists in the MOL2 format attribute and value functionality of Open Babel 3.1.1 and master...
Open Babel PQS format coord_file out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2022-1671 Open Babel PQS format coordfile out-of-bounds write vulnerability July 21, 2023 CVE Number CVE-2022-43467 SUMMARY An out-of-bounds write vulnerability exists in the PQS format coordfile functionality of Open Babel 3.1.1 and master commit 530dbfa3. A...
Open Babel Gaussian format orientation out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2022-1672 Open Babel Gaussian format orientation out-of-bounds write vulnerability July 21, 2023 CVE Number CVE-2022-37331 SUMMARY An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit...
Open Babel CSR format title out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2022-1667 Open Babel CSR format title out-of-bounds write vulnerability July 21, 2023 CVE Number CVE-2022-41793 SUMMARY An out-of-bounds write vulnerability exists in the CSR format title functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially...
Open Babel GRO format res uninitialized pointer dereference vulnerability
Talos Vulnerability Report TALOS-2022-1668 Open Babel GRO format res uninitialized pointer dereference vulnerability July 21, 2023 CVE Number CVE-2022-42885 SUMMARY A use of uninitialized pointer vulnerability exists in the GRO format res functionality of Open Babel 3.1.1 and master commit...
Open Babel translationVectors parsing out-of-bounds write vulnerabilities
Talos Vulnerability Report TALOS-2022-1666 Open Babel translationVectors parsing out-of-bounds write vulnerabilities July 21, 2023 CVE Number CVE-2022-46292,CVE-2022-46295,CVE-2022-46294,CVE-2022-46293,CVE-2022-46291 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the...
Open Babel MSI format atom uninitialized pointer dereference vulnerability
Talos Vulnerability Report TALOS-2022-1669 Open Babel MSI format atom uninitialized pointer dereference vulnerability July 21, 2023 CVE Number CVE-2022-44451 SUMMARY A use of uninitialized pointer vulnerability exists in the MSI format atom functionality of Open Babel 3.1.1 and master commit...
Open Babel PQS format pFormat uninitialized pointer dereference vulnerability
Talos Vulnerability Report TALOS-2022-1670 Open Babel PQS format pFormat uninitialized pointer dereference vulnerability July 21, 2023 CVE Number CVE-2022-46280 SUMMARY A use of uninitialized pointer vulnerability exists in the PQS format pFormat functionality of Open Babel 3.1.1 and master commi...
Foxit Reader checkThisBox type confusion vulnerability
Talos Vulnerability Report TALOS-2023-1795 Foxit Reader checkThisBox type confusion vulnerability July 19, 2023 CVE Number CVE-2023-32664 SUMMARY A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. Specially crafted Javascript...
Foxit Reader Javascript annotation destruction use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1796 Foxit Reader Javascript annotation destruction use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-33876 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. Specially crafted...
Foxit Reader Choice Field use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1739 Foxit Reader Choice Field use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-28744 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.1.15289. A specially crafted PDF document c...
Foxit Reader Field Calculate event use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1756 Foxit Reader Field Calculate event use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-27379 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting...
Foxit Reader Field OnBlur event use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1757 Foxit Reader Field OnBlur event use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-33866 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting...
Microsoft Edge MSDCPDF Javascript addIcon type confusion vulnerability
Talos Vulnerability Report TALOS-2023-1747 Microsoft Edge MSDCPDF Javascript addIcon type confusion vulnerability July 17, 2023 CVE Number CVE-2023-36887 SUMMARY A memory corruption vulnerability exists in the Javascript implementation of the Acrobat-based PDF engine in Microsoft Edge 112.0.1722....
Apple DCERPC association groups use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1717 Apple DCERPC association groups use-after-free vulnerability July 13, 2023 CVE Number CVE-2023-32387 SUMMARY A use-after-free vulnerability exists in the library supporting DCERPC functionality in Apple macOS 13.1. A series of specially crafted network...
VMware DCERPC call request uninitialized memory heap overflow vulnerability
Talos Vulnerability Report TALOS-2023-1801 VMware DCERPC call request uninitialized memory heap overflow vulnerability July 13, 2023 CVE Number CVE-2023-20892 SUMMARY A heap overflow vulnerability exists in the request processing functionality of DCERPC library as used in VMware vCenter Server...
Apple DCERPC fixed array use after free vulnerability
Talos Vulnerability Report TALOS-2022-1689 Apple DCERPC fixed array use after free vulnerability July 13, 2023 CVE Number CVE-2023-27958 SUMMARY There exists a vulnerability in the fixed size array marshaling code of DCERPC library as used in Apple macOS 12.6.1 that can result in arbitrary code...
VMWare vCenter Server DCERPC association groups use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1799 VMWare vCenter Server DCERPC association groups use-after-free vulnerability July 13, 2023 CVE Number CVE-2023-20893 SUMMARY A use-after-free vulnerability exists in the library supporting DCERPC functionality in VMWare vCenter Server 7.0.3.01000. A seri...
Apple DCERPC zero length BIND packet infinite loop
Talos Vulnerability Report TALOS-2022-1679 Apple DCERPC zero length BIND packet infinite loop July 13, 2023 CVE Number None SUMMARY An infinite loop vulnerability exists in the way DCERPC library as used in Apple macOS 12.6.1 deals with fragment sizes. A specially-crafted network packet can cause...
Apple DCERPC allocation hint uninitialized memory disclosure vulnerability
Talos Vulnerability Report TALOS-2022-1675 Apple DCERPC allocation hint uninitialized memory disclosure vulnerability July 13, 2023 CVE Number None SUMMARY An information disclosure vulnerability exists in the call fault reporting functionality of DCERPC library as used in Apple macOS 12.6.1 that...
Apple DCERPC alter context response use-after-free vulnerability
Talos Vulnerability Report TALOS-2022-1678 Apple DCERPC alter context response use-after-free vulnerability July 13, 2023 CVE Number CVE-2023-28180 SUMMARY A use-after-free vulnerability exists in the state machine of DCERPC library as used in Apple macOS 12.6.1 that can lead to a use-after-free...
Apple DCERPC presentation result list out of bounds memory access
Talos Vulnerability Report TALOS-2022-1659 Apple DCERPC presentation result list out of bounds memory access July 13, 2023 CVE Number CVE-2023-23539 SUMMARY An out of bounds memory access vulnerability exists in the processing of packets containing presentation result lists in DCERPC library as...
Apple DCERPC call request uninitialized memory heap overflow vulnerability
Talos Vulnerability Report TALOS-2022-1677 Apple DCERPC call request uninitialized memory heap overflow vulnerability July 13, 2023 CVE Number CVE-2023-27934 SUMMARY A heap overflow vulnerability exists in the request processing functionality of DCERPC library as used in Apple macOS 12.6.1 that c...
VMWare vCenter Server DCERPC presentation result list out of bounds memory access
Talos Vulnerability Report TALOS-2023-1800 VMWare vCenter Server DCERPC presentation result list out of bounds memory access July 13, 2023 CVE Number CVE-2023-20896 SUMMARY An out of bounds memory access vulnerability exists in the processing of packets containing presentation result lists in...
Apple DCERPC association groups heap overflow
Talos Vulnerability Report TALOS-2022-1676 Apple DCERPC association groups heap overflow July 13, 2023 CVE Number CVE-2023-27935 SUMMARY A heap overflow vulnerability exists in the way DCERPC library as used in Apple macOS 12.6.1 keeps track of association groups related to BIND requests. A...
VMware vCenter Server DCERPC save_sec_fragment out-of-bounds pointer vulnerability
Talos Vulnerability Report TALOS-2023-1740 VMware vCenter Server DCERPC savesecfragment out-of-bounds pointer vulnerability July 13, 2023 CVE Number CVE-2023-20895 SUMMARY A memory corruption vulnerability with a potential for authentication bypass exists in the DCERPC service as used by VMware...
VMware vCenter DCERPC Improper calculation of authentication trailer pointer
Talos Vulnerability Report TALOS-2022-1658 VMware vCenter DCERPC Improper calculation of authentication trailer pointer July 13, 2023 CVE Number CVE-2023-20894 SUMMARY A memory corruption vulnerability exists in the DCERPC functionality of VMware vCenter Server 7.0.3.01000. A specially crafted...
Apple DCERPC packet stats buffer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1660 Apple DCERPC packet stats buffer overflow vulnerability July 13, 2023 CVE Number CVE-2023-23513 SUMMARY A buffer overflow vulnerability exists in the stats logging functionality of DCERPC library as used in Apple macOS 12.6.1 A specially-crafted network...
Apple DCERPC array marshaling uninitialized memory disclosure vulnerability
Talos Vulnerability Report TALOS-2022-1688 Apple DCERPC array marshaling uninitialized memory disclosure vulnerability July 13, 2023 CVE Number CVE-2023-27953 SUMMARY There exists a vulnerability in the array marshaling code of DCERPC library as used in Apple macOS 12.6.1 that can lead to use of...
Milesight UR32L urvpn_client Certificate Validation vulnerability
Talos Vulnerability Report TALOS-2023-1705 Milesight UR32L urvpnclient Certificate Validation vulnerability July 6, 2023 CVE Number CVE-2023-23546 SUMMARY A misconfiguration vulnerability exists in the urvpnclient functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle...
Milesight MilesightVPN server.js start directory traversal vulnerability
Talos Vulnerability Report TALOS-2023-1702 Milesight MilesightVPN server.js start directory traversal vulnerability July 6, 2023 CVE Number CVE-2023-23907 SUMMARY A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network...
Milesight MilesightVPN liburvpn.so create_private_key OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1703 Milesight MilesightVPN liburvpn.so createprivatekey OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22371 SUMMARY An os command injection vulnerability exists in the liburvpn.so createprivatekey functionality of Milesight VPN v2.0.2. ...
Milesight UR32L uhttpd login buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1697 Milesight UR32L uhttpd login buffer overflow vulnerability July 6, 2023 CVE Number CVE-2023-23902 SUMMARY A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead ...
Milesight UR32L vtysh_ubus _get_fw_logs OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1712 Milesight UR32L vtyshubus getfwlogs OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22299 SUMMARY An OS command injection vulnerability exists in the vtyshubus getfwlogs functionality of Milesight UR32L v32.3.0.5. A specially crafted...
Milesight UR32L vtysh_ubus toolsh_excute.constprop.1 OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2023-1706 Milesight UR32L vtyshubus toolshexcute.constprop.1 OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-24519,CVE-2023-24520 SUMMARY Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of...
Milesight MilesightVPN requestHandlers.js detail_device cross-site scripting (XSS) vulnerabilities
Talos Vulnerability Report TALOS-2023-1704 Milesight MilesightVPN requestHandlers.js detaildevice cross-site scripting XSS vulnerabilities July 6, 2023 CVE Number CVE-2023-24497,CVE-2023-24496 SUMMARY Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice...
Milesight UR32L ys_thirdparty check_system_user OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1711 Milesight UR32L ysthirdparty checksystemuser OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22365 SUMMARY An OS command injection vulnerability exists in the ysthirdparty checksystemuser functionality of Milesight UR32L v32.3.0.5. A...
Milesight UR32L vtysh_ubus sprintf pattern buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1716 Milesight UR32L vtyshubus sprintf pattern buffer overflow vulnerabilities July 6, 2023 CVE Number...
Milesight MilesightVPN requestHandlers.js verifyToken authentication bypass vulnerability
Talos Vulnerability Report TALOS-2023-1700 Milesight MilesightVPN requestHandlers.js verifyToken authentication bypass vulnerability July 6, 2023 CVE Number CVE-2023-22844 SUMMARY An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN...
Milesight UR32L vtysh_ubus tcpdump_start_cb OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1714 Milesight UR32L vtyshubus tcpdumpstartcb OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22653 SUMMARY An OS command injection vulnerability exists in the vtyshubus tcpdumpstartcb functionality of Milesight UR32L v32.3.0.5. A speciall...
Milesight UR32L zebra vlan_name OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2023-1723 Milesight UR32L zebra vlanname OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-25582,CVE-2023-25583 SUMMARY Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially...
Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability
Talos Vulnerability Report TALOS-2023-1701 Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability July 6, 2023 CVE Number CVE-2023-22319 SUMMARY A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A...
Milesight UR32L ys_thirdparty system_user_script OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1713 Milesight UR32L ysthirdparty systemuserscript OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-24595 SUMMARY An OS command injection vulnerability exists in the ysthirdparty systemuserscript functionality of Milesight UR32L v32.3.0.5. ...
Milesight UR32L libzebra.so bridge_group OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1698 Milesight UR32L libzebra.so bridgegroup OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22306 SUMMARY An OS command injection vulnerability exists in the libzebra.so bridgegroup functionality of Milesight UR32L v32.3.0.5. A specially...
Milesight UR32L urvpn_client cmd_name_action OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2023-1710 Milesight UR32L urvpnclient cmdnameaction OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-24583,CVE-2023-24582 SUMMARY Two OS command injection vulnerabilities exist in the urvpnclient cmdnameaction functionality of Milesight UR32L...
Milesight UR32L luci2-io file-export mib directory traversal vulnerability
Talos Vulnerability Report TALOS-2023-1695 Milesight UR32L luci2-io file-export mib directory traversal vulnerability July 6, 2023 CVE Number CVE-2023-23547 SUMMARY A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially...