2224 matches found
Milesight UR32L uhttpd login buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1697 Milesight UR32L uhttpd login buffer overflow vulnerability July 6, 2023 CVE Number CVE-2023-23902 SUMMARY A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead ...
Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability
Talos Vulnerability Report TALOS-2023-1701 Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability July 6, 2023 CVE Number CVE-2023-22319 SUMMARY A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A...
Milesight UR32L vtysh_ubus tcpdump_start_cb OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1714 Milesight UR32L vtyshubus tcpdumpstartcb OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22653 SUMMARY An OS command injection vulnerability exists in the vtyshubus tcpdumpstartcb functionality of Milesight UR32L v32.3.0.5. A speciall...
Milesight MilesightVPN server.js start directory traversal vulnerability
Talos Vulnerability Report TALOS-2023-1702 Milesight MilesightVPN server.js start directory traversal vulnerability July 6, 2023 CVE Number CVE-2023-23907 SUMMARY A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network...
Milesight UR32L urvpn_client cmd_name_action OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2023-1710 Milesight UR32L urvpnclient cmdnameaction OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-24583,CVE-2023-24582 SUMMARY Two OS command injection vulnerabilities exist in the urvpnclient cmdnameaction functionality of Milesight UR32L...
Milesight MilesightVPN requestHandlers.js verifyToken authentication bypass vulnerability
Talos Vulnerability Report TALOS-2023-1700 Milesight MilesightVPN requestHandlers.js verifyToken authentication bypass vulnerability July 6, 2023 CVE Number CVE-2023-22844 SUMMARY An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN...
Milesight UR32L zebra vlan_name OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2023-1723 Milesight UR32L zebra vlanname OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-25582,CVE-2023-25583 SUMMARY Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially...
Milesight UR32L vtysh_ubus _get_fw_logs OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1712 Milesight UR32L vtyshubus getfwlogs OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22299 SUMMARY An OS command injection vulnerability exists in the vtyshubus getfwlogs functionality of Milesight UR32L v32.3.0.5. A specially crafted...
Milesight UR32L libzebra.so change_hostname OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1699 Milesight UR32L libzebra.so changehostname OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22659 SUMMARY An os command injection vulnerability exists in the libzebra.so changehostname functionality of Milesight UR32L v32.3.0.5. A...
Milesight UR32L libzebra.so bridge_group OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1698 Milesight UR32L libzebra.so bridgegroup OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22306 SUMMARY An OS command injection vulnerability exists in the libzebra.so bridgegroup functionality of Milesight UR32L v32.3.0.5. A specially...
Milesight MilesightVPN liburvpn.so create_private_key OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1703 Milesight MilesightVPN liburvpn.so createprivatekey OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22371 SUMMARY An os command injection vulnerability exists in the liburvpn.so createprivatekey functionality of Milesight VPN v2.0.2. ...
Diagon Sequence::DrawText heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1744 Diagon Sequence::DrawText heap-based buffer overflow vulnerability July 5, 2023 CVE Number CVE-2023-27390 SUMMARY A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown...
Diagon GraphPlanar::Write improper array index validation vulnerability
Talos Vulnerability Report TALOS-2023-1745 Diagon GraphPlanar::Write improper array index validation vulnerability July 5, 2023 CVE Number CVE-2023-31194 SUMMARY An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted...
Google Chrome WebGL rx::Image11::disassociateStorage use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1724 Google Chrome WebGL rx::Image11::disassociateStorage use-after-free vulnerability June 26, 2023 CVE Number CVE-2023-1531 SUMMARY A use-after-free vulnerability exists in the WebGL rx::Image11::disassociateStorage functionality of Google Chrome Stable...
Microsoft Office Excel WebCharts out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1734 Microsoft Office Excel WebCharts out-of-bounds write vulnerability June 13, 2023 CVE Number CVE-2023-33133 SUMMARY An access violation vulnerability exists in the WebCharts functionality of Microsoft Office Excel 2019 Plus version 2302 build 16130.20332....
Microsoft Office Excel FreePhisxdb arbitrary free vulnerability
Talos Vulnerability Report TALOS-2023-1730 Microsoft Office Excel FreePhisxdb arbitrary free vulnerability June 13, 2023 CVE Number CVE-2023-32029 SUMMARY An arbitrary free vulnerability exists in the FreePhisxdb functionality of Microsoft Office Excel 2019 Plus 16.0.16130.20218. A...
Mitsubishi Electric Corporation MELSEC iQ-F FX5U MELSOFT Direct memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1727 Mitsubishi Electric Corporation MELSEC iQ-F FX5U MELSOFT Direct memory corruption vulnerability May 26, 2023 CVE Number CVE-2023-1424 SUMMARY A memory corruption vulnerability exists in the MELSOFT Direct functionality of Mitsubishi Electric Corporation...
Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2022-1681 Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability May 10, 2023 CVE Number CVE-2022-46377,CVE-2022-46378 SUMMARY An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of...
Weston Embedded uC-FTPs Authentication authentication bypass vulnerability
Talos Vulnerability Report TALOS-2022-1680 Weston Embedded uC-FTPs Authentication authentication bypass vulnerability May 10, 2023 CVE Number CVE-2022-41985 SUMMARY An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially...
Google Chrome WebRTC RTCStatsCollector out of bounds memory access vulnerability
Talos Vulnerability Report TALOS-2023-1693 Google Chrome WebRTC RTCStatsCollector out of bounds memory access vulnerability May 4, 2023 CVE Number CVE-2023-0698 SUMMARY An out-of-bounds memory access vulnerability exists in stats reporting functionality of the WebRTC implementation in Google Chro...
IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability
Talos Vulnerability Report TALOS-2023-1691 IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability April 24, 2023 CVE Number CVE-2023-28528 SUMMARY An OS command injection vulnerability exists in the invscout setUID binary functionality of IBM Corporation AIX 7.2. A...
IBM Corporation AIX errlog() Log Injection Vulnerability
Talos Vulnerability Report TALOS-2023-1690 IBM Corporation AIX errlog Log Injection Vulnerability April 24, 2023 CVE Number None,CVE-2023-26286 SUMMARY An OS command injection vulnerability exists in the errlog syscall functionality of IBM Corporation AIX 7.2. A specially crafted syscall can lead...
Slic3r libslic3r TriangleMesh clone heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1593 Slic3r libslic3r TriangleMesh clone heap-based buffer overflow vulnerability April 20, 2023 CVE Number CVE-2022-36788 SUMMARY A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master...
Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability
Talos Vulnerability Report TALOS-2023-1692 Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability April 13, 2023 CVE Number CVE-2023-0896 SUMMARY A hard-coded password vulnerability exists in the SSH, telnet functionality of Lenovo Group Ltd. Smart Clock Essential 4.9.113. ...
JustSystems Corporation Ichitaro Attribute Arena buffer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1684 JustSystems Corporation Ichitaro Attribute Arena buffer overflow vulnerability April 5, 2023 CVE Number CVE-2022-45115 SUMMARY A buffer overflow vulnerability exists in the Attribute Arena functionality of Ichitaro 2022 1.0.1.57600. A specially crafted...
Justsystem Ichitaro Protected Attribute Identifier Use-After-Free Vulnerablity
Talos Vulnerability Report TALOS-2022-1673 Justsystem Ichitaro Protected Attribute Identifier Use-After-Free Vulnerablity April 5, 2023 CVE Number CVE-2022-43664 SUMMARY A use-after-free vulnerability exists within the way Ichitaro Word Processor 2022, version 1.0.1.57600, processes protected...
JustSystems Corporation Ichitaro "LayoutBox" stream heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1722 JustSystems Corporation Ichitaro "LayoutBox" stream heap-based buffer overflow vulnerability April 5, 2023 CVE Number CVE-2023-22660 SUMMARY A heap-based buffer overflow vulnerability exists in the way Ichitaro version 2022 1.0.1.57600 processes certain...
JustSystems Corporation Ichitaro Frame stream parser invalid free vulnerability
Talos Vulnerability Report TALOS-2022-1687 JustSystems Corporation Ichitaro Frame stream parser invalid free vulnerability April 5, 2023 CVE Number CVE-2023-22291 SUMMARY An invalid free vulnerability exists in the Frame stream parser functionality of Ichitaro 2022 1.0.1.57600. A specially crafte...
ADMesh stl_fix_normal_directions improper array index validation vulnerability
Talos Vulnerability Report TALOS-2022-1594 ADMesh stlfixnormaldirections improper array index validation vulnerability April 3, 2023 CVE Number CVE-2022-38072 SUMMARY An improper array index validation vulnerability exists in the stlfixnormaldirections functionality of ADMesh Master Commit 767a10...
ManageEngine OpManager Add UCS Device blind XXE vulnerability
Talos Vulnerability Report TALOS-2022-1685 ManageEngine OpManager Add UCS Device blind XXE vulnerability March 30, 2023 CVE Number CVE-2022-43473 SUMMARY A blind XML External Entity XXE vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafte...
SNIProxy wildcard backend hosts buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1731 SNIProxy wildcard backend hosts buffer overflow vulnerability March 30, 2023 CVE Number CVE-2023-25076 SUMMARY A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch commit:...
OpenImageIO Project OpenImageIO FitsOutput::close() denial of service vulnerability
Talos Vulnerability Report TALOS-2023-1709 OpenImageIO Project OpenImageIO FitsOutput::close denial of service vulnerability March 30, 2023 CVE Number CVE-2023-24472 SUMMARY A denial of service vulnerability exists in the FitsOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.7.1...
OpenImageIO Project OpenImageIO TGAInput::read_tga2_header information disclosure vulnerability
Talos Vulnerability Report TALOS-2023-1707 OpenImageIO Project OpenImageIO TGAInput::readtga2header information disclosure vulnerability March 30, 2023 CVE Number CVE-2023-24473 SUMMARY An information disclosure vulnerability exists in the TGAInput::readtga2header functionality of OpenImageIO...
OpenImageIO Project OpenImageIO TGAInput::decode_pixel() out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1708 OpenImageIO Project OpenImageIO TGAInput::decodepixel out-of-bounds read vulnerability March 30, 2023 CVE Number CVE-2023-22845 SUMMARY An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImage...
Netgear Orbi Router RBR750 hidden telnet service command execution vulnerability
Talos Vulnerability Report TALOS-2022-1595 Netgear Orbi Router RBR750 hidden telnet service command execution vulnerability March 21, 2023 CVE Number CVE-2022-38452 SUMMARY A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A...
Netgear Orbi Router RBR750 access control command execution vulnerability
Talos Vulnerability Report TALOS-2022-1596 Netgear Orbi Router RBR750 access control command execution vulnerability March 21, 2023 CVE Number CVE-2022-37337 SUMMARY A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A...
Netgear Orbi Satellite RBS750 ubus backend communications command execution vulnerability
Talos Vulnerability Report TALOS-2022-1597 Netgear Orbi Satellite RBS750 ubus backend communications command execution vulnerability March 21, 2023 CVE Number CVE-2022-36429 SUMMARY A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite...
Netgear Orbi Router RBR750 Remote Management cleartext transmission vulnerability
Talos Vulnerability Report TALOS-2022-1598 Netgear Orbi Router RBR750 Remote Management cleartext transmission vulnerability March 21, 2023 CVE Number CVE-2022-38458 SUMMARY A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5....
WellinTech KingHistorian User authentication information disclosure vulnerability
Talos Vulnerability Report TALOS-2022-1683 WellinTech KingHistorian User authentication information disclosure vulnerability March 20, 2023 CVE Number CVE-2022-45124 SUMMARY An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian...
WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability
Talos Vulnerability Report TALOS-2022-1674 WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability March 20, 2023 CVE Number CVE-2022-43663 SUMMARY An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian...
Ghost Foundation node-sqlite3 code execution vulnerability
Talos Vulnerability Report TALOS-2022-1645 Ghost Foundation node-sqlite3 code execution vulnerability March 16, 2023 CVE Number CVE-2022-43441 SUMMARY A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascri...
EIP Stack Group OpENer Forward Open connection_management_entry use of uninitialized pointer vulnerability
Talos Vulnerability Report TALOS-2022-1663 EIP Stack Group OpENer Forward Open connectionmanagemententry use of uninitialized pointer vulnerability February 23, 2023 CVE Number CVE-2022-43606 SUMMARY A use-of-uninitialized-pointer vulnerability exists in the Forward Open connectionmanagemententry...
EIP Stack Group OpENer SetAttributeList attribute_count_request out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2022-1662 EIP Stack Group OpENer SetAttributeList attributecountrequest out-of-bounds write vulnerability February 23, 2023 CVE Number CVE-2022-43605 SUMMARY An out-of-bounds write vulnerability exists in the SetAttributeList attributecountrequest functionality of...
EIP Stack Group OpENer GetAttributeList attribute_count_request out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2022-1661 EIP Stack Group OpENer GetAttributeList attributecountrequest out-of-bounds write vulnerability February 23, 2023 CVE Number CVE-2022-43604 SUMMARY An out-of-bounds write vulnerability exists in the GetAttributeList attributecountrequest functionality of...
Moxa SDS-3008 Series Industrial Ethernet Switch web application information disclosure vulnerability
Talos Vulnerability Report TALOS-2022-1621 Moxa SDS-3008 Series Industrial Ethernet Switch web application information disclosure vulnerability February 2, 2023 CVE Number CVE-2022-40691 SUMMARY An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008...
Moxa SDS-3008 Series Industrial Ethernet Switch web server denial of service vulnerability
Talos Vulnerability Report TALOS-2022-1618 Moxa SDS-3008 Series Industrial Ethernet Switch web server denial of service vulnerability February 2, 2023 CVE Number CVE-2022-40224 SUMMARY A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial...
Moxa SDS-3008 Series Industrial Ethernet Switch web application cleartext transmission vulnerability
Talos Vulnerability Report TALOS-2022-1616 Moxa SDS-3008 Series Industrial Ethernet Switch web application cleartext transmission vulnerability February 2, 2023 CVE Number CVE-2022-40693 SUMMARY A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008...
ESTsoft Alyac NT header out of bounds read
Talos Vulnerability Report TALOS-2022-1682 ESTsoft Alyac NT header out of bounds read February 2, 2023 CVE Number CVE-2022-43665 SUMMARY A denial of service vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.8.645. A specially-crafted PE file can lead to killing target...
Moxa SDS-3008 Series Industrial Ethernet Switch web application stored cross-site scripting vulnerability
Talos Vulnerability Report TALOS-2022-1619 Moxa SDS-3008 Series Industrial Ethernet Switch web application stored cross-site scripting vulnerability February 2, 2023 CVE Number CVE-2022-41313,CVE-2022-41311,CVE-2022-41312 SUMMARY A stored cross-site scripting vulnerability exists in the web...
Siretta QUARTZ-GOLD httpd downfile.cgi directory traversal vulnerability
Talos Vulnerability Report TALOS-2022-1609 Siretta QUARTZ-GOLD httpd downfile.cgi directory traversal vulnerability January 26, 2023 CVE Number CVE-2022-38088 SUMMARY A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. ...