Lucene search
K

2224 matches found

Talos
Talos
added 2023/07/06 12:0 a.m.33 views

Milesight UR32L uhttpd login buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1697 Milesight UR32L uhttpd login buffer overflow vulnerability July 6, 2023 CVE Number CVE-2023-23902 SUMMARY A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead ...

9.8CVSS9.9AI score0.02212EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.40 views

Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability

Talos Vulnerability Report TALOS-2023-1701 Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability July 6, 2023 CVE Number CVE-2023-22319 SUMMARY A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A...

9.8CVSS9AI score0.00903EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.57 views

Milesight UR32L vtysh_ubus tcpdump_start_cb OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1714 Milesight UR32L vtyshubus tcpdumpstartcb OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22653 SUMMARY An OS command injection vulnerability exists in the vtyshubus tcpdumpstartcb functionality of Milesight UR32L v32.3.0.5. A speciall...

8.8CVSS8.8AI score0.05776EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.31 views

Milesight MilesightVPN server.js start directory traversal vulnerability

Talos Vulnerability Report TALOS-2023-1702 Milesight MilesightVPN server.js start directory traversal vulnerability July 6, 2023 CVE Number CVE-2023-23907 SUMMARY A directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network...

7.5CVSS7.7AI score0.01242EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.47 views

Milesight UR32L urvpn_client cmd_name_action OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2023-1710 Milesight UR32L urvpnclient cmdnameaction OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-24583,CVE-2023-24582 SUMMARY Two OS command injection vulnerabilities exist in the urvpnclient cmdnameaction functionality of Milesight UR32L...

8.8CVSS9.2AI score0.03003EPSS
Exploits2
Talos
Talos
added 2023/07/06 12:0 a.m.35 views

Milesight MilesightVPN requestHandlers.js verifyToken authentication bypass vulnerability

Talos Vulnerability Report TALOS-2023-1700 Milesight MilesightVPN requestHandlers.js verifyToken authentication bypass vulnerability July 6, 2023 CVE Number CVE-2023-22844 SUMMARY An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality of Milesight VPN...

9.8CVSS8.6AI score0.00759EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.60 views

Milesight UR32L zebra vlan_name OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2023-1723 Milesight UR32L zebra vlanname OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-25582,CVE-2023-25583 SUMMARY Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially...

7.2CVSS7.6AI score0.03543EPSS
Exploits2
Talos
Talos
added 2023/07/06 12:0 a.m.40 views

Milesight UR32L vtysh_ubus _get_fw_logs OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1712 Milesight UR32L vtyshubus getfwlogs OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22299 SUMMARY An OS command injection vulnerability exists in the vtyshubus getfwlogs functionality of Milesight UR32L v32.3.0.5. A specially crafted...

8.8CVSS8.9AI score0.03634EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.41 views

Milesight UR32L libzebra.so change_hostname OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1699 Milesight UR32L libzebra.so changehostname OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22659 SUMMARY An os command injection vulnerability exists in the libzebra.so changehostname functionality of Milesight UR32L v32.3.0.5. A...

7.2CVSS7.2AI score0.0373EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.36 views

Milesight UR32L libzebra.so bridge_group OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1698 Milesight UR32L libzebra.so bridgegroup OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22306 SUMMARY An OS command injection vulnerability exists in the libzebra.so bridgegroup functionality of Milesight UR32L v32.3.0.5. A specially...

7.2CVSS7.3AI score0.03577EPSS
Exploits1
Talos
Talos
added 2023/07/06 12:0 a.m.36 views

Milesight MilesightVPN liburvpn.so create_private_key OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1703 Milesight MilesightVPN liburvpn.so createprivatekey OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22371 SUMMARY An os command injection vulnerability exists in the liburvpn.so createprivatekey functionality of Milesight VPN v2.0.2. ...

8.1CVSS8.6AI score0.03444EPSS
Exploits1
Talos
Talos
added 2023/07/05 12:0 a.m.37 views

Diagon Sequence::DrawText heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1744 Diagon Sequence::DrawText heap-based buffer overflow vulnerability July 5, 2023 CVE Number CVE-2023-27390 SUMMARY A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown...

7.8CVSS7.8AI score0.00522EPSS
Exploits1
Talos
Talos
added 2023/07/05 12:0 a.m.36 views

Diagon GraphPlanar::Write improper array index validation vulnerability

Talos Vulnerability Report TALOS-2023-1745 Diagon GraphPlanar::Write improper array index validation vulnerability July 5, 2023 CVE Number CVE-2023-31194 SUMMARY An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted...

7.8CVSS6.3AI score0.00445EPSS
Exploits1
Talos
Talos
added 2023/06/26 12:0 a.m.30 views

Google Chrome WebGL rx::Image11::disassociateStorage use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1724 Google Chrome WebGL rx::Image11::disassociateStorage use-after-free vulnerability June 26, 2023 CVE Number CVE-2023-1531 SUMMARY A use-after-free vulnerability exists in the WebGL rx::Image11::disassociateStorage functionality of Google Chrome Stable...

8.8CVSS9.2AI score0.02925EPSS
Exploits0
Talos
Talos
added 2023/06/13 12:0 a.m.48 views

Microsoft Office Excel WebCharts out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1734 Microsoft Office Excel WebCharts out-of-bounds write vulnerability June 13, 2023 CVE Number CVE-2023-33133 SUMMARY An access violation vulnerability exists in the WebCharts functionality of Microsoft Office Excel 2019 Plus version 2302 build 16130.20332....

7.8CVSS7.9AI score0.44048EPSS
Exploits0
Talos
Talos
added 2023/06/13 12:0 a.m.33 views

Microsoft Office Excel FreePhisxdb arbitrary free vulnerability

Talos Vulnerability Report TALOS-2023-1730 Microsoft Office Excel FreePhisxdb arbitrary free vulnerability June 13, 2023 CVE Number CVE-2023-32029 SUMMARY An arbitrary free vulnerability exists in the FreePhisxdb functionality of Microsoft Office Excel 2019 Plus 16.0.16130.20218. A...

7.8CVSS7.5AI score0.53513EPSS
Exploits0
Talos
Talos
added 2023/05/26 12:0 a.m.38 views

Mitsubishi Electric Corporation MELSEC iQ-F FX5U MELSOFT Direct memory corruption vulnerability

Talos Vulnerability Report TALOS-2023-1727 Mitsubishi Electric Corporation MELSEC iQ-F FX5U MELSOFT Direct memory corruption vulnerability May 26, 2023 CVE Number CVE-2023-1424 SUMMARY A memory corruption vulnerability exists in the MELSOFT Direct functionality of Mitsubishi Electric Corporation...

10CVSS9.2AI score0.0344EPSS
Exploits0
Talos
Talos
added 2023/05/10 12:0 a.m.43 views

Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1681 Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability May 10, 2023 CVE Number CVE-2022-46377,CVE-2022-46378 SUMMARY An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of...

7.5CVSS7AI score0.0148EPSS
Exploits2
Talos
Talos
added 2023/05/10 12:0 a.m.39 views

Weston Embedded uC-FTPs Authentication authentication bypass vulnerability

Talos Vulnerability Report TALOS-2022-1680 Weston Embedded uC-FTPs Authentication authentication bypass vulnerability May 10, 2023 CVE Number CVE-2022-41985 SUMMARY An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially...

8.6CVSS8.1AI score0.01488EPSS
Exploits1
Talos
Talos
added 2023/05/04 12:0 a.m.54 views

Google Chrome WebRTC RTCStatsCollector out of bounds memory access vulnerability

Talos Vulnerability Report TALOS-2023-1693 Google Chrome WebRTC RTCStatsCollector out of bounds memory access vulnerability May 4, 2023 CVE Number CVE-2023-0698 SUMMARY An out-of-bounds memory access vulnerability exists in stats reporting functionality of the WebRTC implementation in Google Chro...

8.8CVSS8.1AI score0.00649EPSS
Exploits0
Talos
Talos
added 2023/04/24 12:0 a.m.33 views

IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability

Talos Vulnerability Report TALOS-2023-1691 IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability April 24, 2023 CVE Number CVE-2023-28528 SUMMARY An OS command injection vulnerability exists in the invscout setUID binary functionality of IBM Corporation AIX 7.2. A...

8.4CVSS8.4AI score0.01457EPSS
Exploits3
Talos
Talos
added 2023/04/24 12:0 a.m.58 views

IBM Corporation AIX errlog() Log Injection Vulnerability

Talos Vulnerability Report TALOS-2023-1690 IBM Corporation AIX errlog Log Injection Vulnerability April 24, 2023 CVE Number None,CVE-2023-26286 SUMMARY An OS command injection vulnerability exists in the errlog syscall functionality of IBM Corporation AIX 7.2. A specially crafted syscall can lead...

8.4CVSS8.4AI score0.00296EPSS
Exploits0
Talos
Talos
added 2023/04/20 12:0 a.m.24 views

Slic3r libslic3r TriangleMesh clone heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1593 Slic3r libslic3r TriangleMesh clone heap-based buffer overflow vulnerability April 20, 2023 CVE Number CVE-2022-36788 SUMMARY A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master...

8.1CVSS8.1AI score0.00617EPSS
Exploits1
Talos
Talos
added 2023/04/13 12:0 a.m.40 views

Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability

Talos Vulnerability Report TALOS-2023-1692 Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability April 13, 2023 CVE Number CVE-2023-0896 SUMMARY A hard-coded password vulnerability exists in the SSH, telnet functionality of Lenovo Group Ltd. Smart Clock Essential 4.9.113. ...

8.8CVSS8.9AI score0.00405EPSS
Exploits0
Talos
Talos
added 2023/04/05 12:0 a.m.20 views

JustSystems Corporation Ichitaro Attribute Arena buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1684 JustSystems Corporation Ichitaro Attribute Arena buffer overflow vulnerability April 5, 2023 CVE Number CVE-2022-45115 SUMMARY A buffer overflow vulnerability exists in the Attribute Arena functionality of Ichitaro 2022 1.0.1.57600. A specially crafted...

7.8CVSS7.7AI score0.00518EPSS
Exploits1
Talos
Talos
added 2023/04/05 12:0 a.m.23 views

Justsystem Ichitaro Protected Attribute Identifier Use-After-Free Vulnerablity

Talos Vulnerability Report TALOS-2022-1673 Justsystem Ichitaro Protected Attribute Identifier Use-After-Free Vulnerablity April 5, 2023 CVE Number CVE-2022-43664 SUMMARY A use-after-free vulnerability exists within the way Ichitaro Word Processor 2022, version 1.0.1.57600, processes protected...

7.8CVSS7.9AI score0.00526EPSS
Exploits1
Talos
Talos
added 2023/04/05 12:0 a.m.24 views

JustSystems Corporation Ichitaro "LayoutBox" stream heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1722 JustSystems Corporation Ichitaro "LayoutBox" stream heap-based buffer overflow vulnerability April 5, 2023 CVE Number CVE-2023-22660 SUMMARY A heap-based buffer overflow vulnerability exists in the way Ichitaro version 2022 1.0.1.57600 processes certain...

7.8CVSS7.7AI score0.00537EPSS
Exploits1
Talos
Talos
added 2023/04/05 12:0 a.m.25 views

JustSystems Corporation Ichitaro Frame stream parser invalid free vulnerability

Talos Vulnerability Report TALOS-2022-1687 JustSystems Corporation Ichitaro Frame stream parser invalid free vulnerability April 5, 2023 CVE Number CVE-2023-22291 SUMMARY An invalid free vulnerability exists in the Frame stream parser functionality of Ichitaro 2022 1.0.1.57600. A specially crafte...

7.8CVSS7.3AI score0.00452EPSS
Exploits1
Talos
Talos
added 2023/04/03 12:0 a.m.33 views

ADMesh stl_fix_normal_directions improper array index validation vulnerability

Talos Vulnerability Report TALOS-2022-1594 ADMesh stlfixnormaldirections improper array index validation vulnerability April 3, 2023 CVE Number CVE-2022-38072 SUMMARY An improper array index validation vulnerability exists in the stlfixnormaldirections functionality of ADMesh Master Commit 767a10...

8.8CVSS7.6AI score0.01061EPSS
Exploits1
Talos
Talos
added 2023/03/30 12:0 a.m.36 views

ManageEngine OpManager Add UCS Device blind XXE vulnerability

Talos Vulnerability Report TALOS-2022-1685 ManageEngine OpManager Add UCS Device blind XXE vulnerability March 30, 2023 CVE Number CVE-2022-43473 SUMMARY A blind XML External Entity XXE vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafte...

5.8CVSS5.5AI score0.19807EPSS
Exploits1
Talos
Talos
added 2023/03/30 12:0 a.m.23 views

SNIProxy wildcard backend hosts buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1731 SNIProxy wildcard backend hosts buffer overflow vulnerability March 30, 2023 CVE Number CVE-2023-25076 SUMMARY A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch commit:...

9.8CVSS9.8AI score0.65515EPSS
Exploits1
Talos
Talos
added 2023/03/30 12:0 a.m.39 views

OpenImageIO Project OpenImageIO FitsOutput::close() denial of service vulnerability

Talos Vulnerability Report TALOS-2023-1709 OpenImageIO Project OpenImageIO FitsOutput::close denial of service vulnerability March 30, 2023 CVE Number CVE-2023-24472 SUMMARY A denial of service vulnerability exists in the FitsOutput::close functionality of OpenImageIO Project OpenImageIO v2.4.7.1...

7.5CVSS6.2AI score0.01344EPSS
Exploits1
Talos
Talos
added 2023/03/30 12:0 a.m.38 views

OpenImageIO Project OpenImageIO TGAInput::read_tga2_header information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1707 OpenImageIO Project OpenImageIO TGAInput::readtga2header information disclosure vulnerability March 30, 2023 CVE Number CVE-2023-24473 SUMMARY An information disclosure vulnerability exists in the TGAInput::readtga2header functionality of OpenImageIO...

7.5CVSS6.2AI score0.00859EPSS
Exploits1
Talos
Talos
added 2023/03/30 12:0 a.m.25 views

OpenImageIO Project OpenImageIO TGAInput::decode_pixel() out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2023-1708 OpenImageIO Project OpenImageIO TGAInput::decodepixel out-of-bounds read vulnerability March 30, 2023 CVE Number CVE-2023-22845 SUMMARY An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImage...

7.5CVSS7.3AI score0.00943EPSS
Exploits1
Talos
Talos
added 2023/03/21 12:0 a.m.334 views

Netgear Orbi Router RBR750 hidden telnet service command execution vulnerability

Talos Vulnerability Report TALOS-2022-1595 Netgear Orbi Router RBR750 hidden telnet service command execution vulnerability March 21, 2023 CVE Number CVE-2022-38452 SUMMARY A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A...

8.8CVSS8.1AI score0.02089EPSS
Exploits1
Talos
Talos
added 2023/03/21 12:0 a.m.129 views

Netgear Orbi Router RBR750 access control command execution vulnerability

Talos Vulnerability Report TALOS-2022-1596 Netgear Orbi Router RBR750 access control command execution vulnerability March 21, 2023 CVE Number CVE-2022-37337 SUMMARY A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A...

9.1CVSS8.8AI score0.02828EPSS
Exploits1
Talos
Talos
added 2023/03/21 12:0 a.m.56 views

Netgear Orbi Satellite RBS750 ubus backend communications command execution vulnerability

Talos Vulnerability Report TALOS-2022-1597 Netgear Orbi Satellite RBS750 ubus backend communications command execution vulnerability March 21, 2023 CVE Number CVE-2022-36429 SUMMARY A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite...

7.2CVSS7.4AI score0.01987EPSS
Exploits1
Talos
Talos
added 2023/03/21 12:0 a.m.33 views

Netgear Orbi Router RBR750 Remote Management cleartext transmission vulnerability

Talos Vulnerability Report TALOS-2022-1598 Netgear Orbi Router RBR750 Remote Management cleartext transmission vulnerability March 21, 2023 CVE Number CVE-2022-38458 SUMMARY A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5....

6.5CVSS6.1AI score0.00614EPSS
Exploits1
Talos
Talos
added 2023/03/20 12:0 a.m.30 views

WellinTech KingHistorian User authentication information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1683 WellinTech KingHistorian User authentication information disclosure vulnerability March 20, 2023 CVE Number CVE-2022-45124 SUMMARY An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian...

7.5CVSS7.4AI score0.14503EPSS
Exploits1
Talos
Talos
added 2023/03/20 12:0 a.m.58 views

WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability

Talos Vulnerability Report TALOS-2022-1674 WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability March 20, 2023 CVE Number CVE-2022-43663 SUMMARY An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian...

9.8CVSS9AI score0.14039EPSS
Exploits1
Talos
Talos
added 2023/03/16 12:0 a.m.226 views

Ghost Foundation node-sqlite3 code execution vulnerability

Talos Vulnerability Report TALOS-2022-1645 Ghost Foundation node-sqlite3 code execution vulnerability March 16, 2023 CVE Number CVE-2022-43441 SUMMARY A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascri...

9.8CVSS9.2AI score0.02356EPSS
Exploits1
Talos
Talos
added 2023/02/23 12:0 a.m.31 views

EIP Stack Group OpENer Forward Open connection_management_entry use of uninitialized pointer vulnerability

Talos Vulnerability Report TALOS-2022-1663 EIP Stack Group OpENer Forward Open connectionmanagemententry use of uninitialized pointer vulnerability February 23, 2023 CVE Number CVE-2022-43606 SUMMARY A use-of-uninitialized-pointer vulnerability exists in the Forward Open connectionmanagemententry...

7.5CVSS7.5AI score0.08047EPSS
Exploits1
Talos
Talos
added 2023/02/23 12:0 a.m.50 views

EIP Stack Group OpENer SetAttributeList attribute_count_request out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1662 EIP Stack Group OpENer SetAttributeList attributecountrequest out-of-bounds write vulnerability February 23, 2023 CVE Number CVE-2022-43605 SUMMARY An out-of-bounds write vulnerability exists in the SetAttributeList attributecountrequest functionality of...

10CVSS9.8AI score0.14372EPSS
Exploits1
Talos
Talos
added 2023/02/23 12:0 a.m.77 views

EIP Stack Group OpENer GetAttributeList attribute_count_request out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1661 EIP Stack Group OpENer GetAttributeList attributecountrequest out-of-bounds write vulnerability February 23, 2023 CVE Number CVE-2022-43604 SUMMARY An out-of-bounds write vulnerability exists in the GetAttributeList attributecountrequest functionality of...

10CVSS9.8AI score0.14372EPSS
Exploits1
Talos
Talos
added 2023/02/02 12:0 a.m.28 views

Moxa SDS-3008 Series Industrial Ethernet Switch web application information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1621 Moxa SDS-3008 Series Industrial Ethernet Switch web application information disclosure vulnerability February 2, 2023 CVE Number CVE-2022-40691 SUMMARY An information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008...

5.3CVSS5.2AI score0.01458EPSS
Exploits1
Talos
Talos
added 2023/02/02 12:0 a.m.125 views

Moxa SDS-3008 Series Industrial Ethernet Switch web server denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1618 Moxa SDS-3008 Series Industrial Ethernet Switch web server denial of service vulnerability February 2, 2023 CVE Number CVE-2022-40224 SUMMARY A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial...

7.5CVSS6.3AI score0.64686EPSS
Exploits1
Talos
Talos
added 2023/02/02 12:0 a.m.24 views

Moxa SDS-3008 Series Industrial Ethernet Switch web application cleartext transmission vulnerability

Talos Vulnerability Report TALOS-2022-1616 Moxa SDS-3008 Series Industrial Ethernet Switch web application cleartext transmission vulnerability February 2, 2023 CVE Number CVE-2022-40693 SUMMARY A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008...

7.5CVSS6.4AI score0.00646EPSS
Exploits1
Talos
Talos
added 2023/02/02 12:0 a.m.41 views

ESTsoft Alyac NT header out of bounds read

Talos Vulnerability Report TALOS-2022-1682 ESTsoft Alyac NT header out of bounds read February 2, 2023 CVE Number CVE-2022-43665 SUMMARY A denial of service vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.8.645. A specially-crafted PE file can lead to killing target...

5.5CVSS5.2AI score0.00327EPSS
Exploits1
Talos
Talos
added 2023/02/02 12:0 a.m.53 views

Moxa SDS-3008 Series Industrial Ethernet Switch web application stored cross-site scripting vulnerability

Talos Vulnerability Report TALOS-2022-1619 Moxa SDS-3008 Series Industrial Ethernet Switch web application stored cross-site scripting vulnerability February 2, 2023 CVE Number CVE-2022-41313,CVE-2022-41311,CVE-2022-41312 SUMMARY A stored cross-site scripting vulnerability exists in the web...

5.4CVSS5.3AI score0.01084EPSS
Exploits3
Talos
Talos
added 2023/01/26 12:0 a.m.46 views

Siretta QUARTZ-GOLD httpd downfile.cgi directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1609 Siretta QUARTZ-GOLD httpd downfile.cgi directory traversal vulnerability January 26, 2023 CVE Number CVE-2022-38088 SUMMARY A directory traversal vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. ...

6.5CVSS5.8AI score0.02283EPSS
Exploits1
Total number of security vulnerabilities2224