Lucene search
K

2218 matches found

Talos
Talos
added 2022/11/22 12:0 a.m.37 views

Callback technologies CBFS Filter handle_ioctl_0x830a0_systembuffer null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2022-1649 Callback technologies CBFS Filter handleioctl0x830a0systembuffer null pointer dereference vulnerability November 22, 2022 CVE Number CVE-2022-43590 SUMMARY A null pointer dereference vulnerability exists in the handleioctl0x830a0systembuffer functionalit...

6.2CVSS5.7AI score0.00329EPSS
Exploits1
Talos
Talos
added 2022/11/22 12:0 a.m.38 views

Callback technologies CBFS Filter handle_ioctl_8314C null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2022-1648 Callback technologies CBFS Filter handleioctl8314C null pointer dereference vulnerability November 22, 2022 CVE Number CVE-2022-43589 SUMMARY A null pointer dereference vulnerability exists in the handleioctl8314C functionality of Callback technologies...

6.2CVSS5.8AI score0.00329EPSS
Exploits1
Talos
Talos
added 2022/11/15 12:0 a.m.30 views

Microsoft Office class attribute double-free vulnerability

Talos Vulnerability Report TALOS-2022-1591 Microsoft Office class attribute double-free vulnerability November 15, 2022 CVE Number CVE-2022-41106 SUMMARY A double-free vulnerability exists in the class attribute functionality of Microsoft Office Excel 2019 x86 - version 2207 build 15427.20210 and...

8.8CVSS8.2AI score0.02224EPSS
Exploits0
Talos
Talos
added 2022/11/10 12:0 a.m.36 views

Foxit Reader Optional Content Group use-after-free vulnerability

Talos Vulnerability Report TALOS-2022-1614 Foxit Reader Optional Content Group use-after-free vulnerability November 10, 2022 CVE Number CVE-2022-40129 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.0.1.12430. A specially-crafted...

8.8CVSS8.1AI score0.0098EPSS
Exploits1
Talos
Talos
added 2022/11/10 12:0 a.m.38 views

Foxit Reader deletePages Field Calculate use-after-free vulnerability

Talos Vulnerability Report TALOS-2022-1600 Foxit Reader deletePages Field Calculate use-after-free vulnerability November 10, 2022 CVE Number CVE-2022-32774 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.0.1.12430. By prematurely...

8.8CVSS8.1AI score0.0098EPSS
Exploits1
Talos
Talos
added 2022/11/10 12:0 a.m.36 views

Foxit Reader openPlayer use-after-free vulnerability

Talos Vulnerability Report TALOS-2022-1602 Foxit Reader openPlayer use-after-free vulnerability November 10, 2022 CVE Number CVE-2022-37332 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.0.1.12430. A specially-crafted PDF document...

8.8CVSS8.1AI score0.0135EPSS
Exploits1
Talos
Talos
added 2022/11/10 12:0 a.m.25 views

Foxit Reader annotation destroy use-after-free vulnerability

Talos Vulnerability Report TALOS-2022-1601 Foxit Reader annotation destroy use-after-free vulnerability November 10, 2022 CVE Number CVE-2022-38097 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.0.1.12430. By prematurely destroyin...

8.8CVSS8.1AI score0.00801EPSS
Exploits0
Talos
Talos
added 2022/10/27 12:0 a.m.87 views

InHand Networks InRouter302 console nvram leftover debug code vulnerability

Talos Vulnerability Report TALOS-2022-1518 InHand Networks InRouter302 console nvram leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-29481 SUMMARY A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A...

6.5CVSS6.2AI score0.00765EPSS
Exploits1
Talos
Talos
added 2022/10/27 12:0 a.m.58 views

InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability

Talos Vulnerability Report TALOS-2022-1522 InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-29888 SUMMARY A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks...

8.1CVSS7.4AI score0.01487EPSS
Exploits1
Talos
Talos
added 2022/10/27 12:0 a.m.49 views

InHand Networks InRouter302 console verify leftover debug code vulnerability

Talos Vulnerability Report TALOS-2022-1520 InHand Networks InRouter302 console verify leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-26023 SUMMARY A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. A...

6.5CVSS6.9AI score0.00771EPSS
Exploits1
Talos
Talos
added 2022/10/27 12:0 a.m.48 views

InHand Networks InRouter302 console infct leftover debug code vulnerability

Talos Vulnerability Report TALOS-2022-1519 InHand Networks InRouter302 console infct leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-30543 SUMMARY A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A...

8.8CVSS6.6AI score0.0085EPSS
Exploits1
Talos
Talos
added 2022/10/27 12:0 a.m.34 views

Accusoft ImageGear PICT parsing pctwread_14841 out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1544 Accusoft ImageGear PICT parsing pctwread14841 out-of-bounds write vulnerability October 27, 2022 CVE Number CVE-2022-32588 SUMMARY An out-of-bounds write vulnerability exists in the PICT parsing pctwread14841 functionality of Accusoft ImageGear 20.0. A...

9.8CVSS8.1AI score0.00601EPSS
Exploits1
Talos
Talos
added 2022/10/27 12:0 a.m.50 views

InHand Networks InRouter302 console support leftover debug code vulnerability

Talos Vulnerability Report TALOS-2022-1521 InHand Networks InRouter302 console support leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-28689 SUMMARY A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A...

8.8CVSS7.8AI score0.00905EPSS
Exploits0
Talos
Talos
added 2022/10/27 12:0 a.m.36 views

InHand Networks InRouter302 Incorrect fixes privilege escalation vulnerability

Talos Vulnerability Report TALOS-2022-1523 InHand Networks InRouter302 Incorrect fixes privilege escalation vulnerability October 27, 2022 CVE Number CVE-2022-25932 SUMMARY The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. The fixes are...

9.8CVSS8.7AI score0.00642EPSS
Exploits0
Talos
Talos
added 2022/10/20 12:0 a.m.23 views

Abode Systems, Inc. iota All-In-One Security Kit telnet hard-coded password vulnerability

Talos Vulnerability Report TALOS-2022-1569 Abode Systems, Inc. iota All-In-One Security Kit telnet hard-coded password vulnerability October 20, 2022 CVE Number CVE-2022-29889 SUMMARY A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One...

9.8CVSS9.8AI score0.01117EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.46 views

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2022-1568 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect OS command injection vulnerabilities October 20, 2022 CVE Number CVE-2022-33205,CVE-2022-33204,CVE-2022-33206,CVE-2022-33207 SUMMARY Four OS command injection...

10CVSS9.5AI score0.04222EPSS
Exploits4
Talos
Talos
added 2022/10/20 12:0 a.m.44 views

Abode Systems, Inc. iota All-In-One Security Kit console_main_loop :sys OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1561 Abode Systems, Inc. iota All-In-One Security Kit consolemainloop :sys OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-29520 SUMMARY An OS command injection vulnerability exists in the consolemainloop :sys functionality of Abode...

9.8CVSS9.3AI score0.02803EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.34 views

Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_serial_mac OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1566 Abode Systems, Inc. iota All-In-One Security Kit web interface utilsetserialmac OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-29472 SUMMARY An OS command injection vulnerability exists in the web interface utilsetserialmac...

10CVSS9.8AI score0.04433EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.39 views

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory* authentication bypass vulnerability

Talos Vulnerability Report TALOS-2022-1554 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory authentication bypass vulnerability October 20, 2022 CVE Number CVE-2022-29477 SUMMARY An authentication bypass vulnerability exists in the web interface /action/factory...

9.8CVSS9.2AI score0.01218EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.32 views

Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1558 Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-33189 SUMMARY An OS command injection vulnerability exists in the XCMD setAlexa functionality of Abode Systems, Inc. io...

10CVSS9.8AI score0.03244EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.68 views

Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP format string injection vulnerabilities

Talos Vulnerability Report TALOS-2022-1581 Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP format string injection vulnerabilities October 20, 2022 CVE Number CVE-2022-35877,CVE-2022-35874,CVE-2022-35875,CVE-2022-35876 SUMMARY Four format string injection vulnerabilities exist in...

9.8CVSS9.6AI score0.00869EPSS
Exploits4
Talos
Talos
added 2022/10/20 12:0 a.m.36 views

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/iperf OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1562 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/iperf OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-30603 SUMMARY An OS command injection vulnerability exists in the web interface /action/iperf functionali...

10CVSS9.5AI score0.05332EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.35 views

Abode Systems, Inc. iota All-In-One Security Kit ghome_process_control_packet format string injection vulnerability

Talos Vulnerability Report TALOS-2022-1584 Abode Systems, Inc. iota All-In-One Security Kit ghomeprocesscontrolpacket format string injection vulnerability October 20, 2022 CVE Number CVE-2022-33938 SUMMARY A format string injection vulnerability exists in the ghomeprocesscontrolpacket...

9.8CVSS9.2AI score0.00898EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.32 views

Abode Systems, Inc. iota All-In-One Security Kit XCMD setUPnP OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1557 Abode Systems, Inc. iota All-In-One Security Kit XCMD setUPnP OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-30541 SUMMARY An OS command injection vulnerability exists in the XCMD setUPnP functionality of Abode Systems, Inc. iota...

10CVSS9.9AI score0.03174EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.60 views

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect format string injection vulnerabilities

Talos Vulnerability Report TALOS-2022-1585 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect format string injection vulnerabilities October 20, 2022 CVE Number CVE-2022-35885,CVE-2022-35886,CVE-2022-35884,CVE-2022-35887 SUMMARY Four format string injection...

8.8CVSS8.8AI score0.01252EPSS
Exploits4
Talos
Talos
added 2022/10/20 12:0 a.m.39 views

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost integer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1564 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost integer overflow vulnerability October 20, 2022 CVE Number CVE-2022-32775 SUMMARY An integer overflow vulnerability exists in the web interface /action/ipcamRecordPost...

9CVSS8.8AI score0.01441EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.31 views

Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1555 Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug denial of service vulnerability October 20, 2022 CVE Number CVE-2022-32760 SUMMARY A denial of service vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota...

8.6CVSS8AI score0.00879EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.42 views

Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_abode_code OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1567 Abode Systems, Inc. iota All-In-One Security Kit web interface utilsetabodecode OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-27804 SUMMARY An os command injection vulnerability exists in the web interface utilsetabodecode...

9.8CVSS9.1AI score0.03635EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.41 views

Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug OS Command Injection vulnerability

Talos Vulnerability Report TALOS-2022-1556 Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug OS Command Injection vulnerability October 20, 2022 CVE Number CVE-2022-32773 SUMMARY An OS command injection vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota...

10CVSS9.8AI score0.03244EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.39 views

Abode Systems, Inc. iota All-In-One Security Kit XCMD getVarHA memory corruption vulnerability

Talos Vulnerability Report TALOS-2022-1582 Abode Systems, Inc. iota All-In-One Security Kit XCMD getVarHA memory corruption vulnerability October 20, 2022 CVE Number CVE-2022-35244 SUMMARY A format string injection vulnerability exists in the XCMD getVarHA functionality of abode systems, inc. iot...

9.8CVSS10AI score0.01261EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.35 views

Abode Systems, Inc. iota All-In-One Security Kit GHOME control authentication bypass vulnerability

Talos Vulnerability Report TALOS-2022-1552 Abode Systems, Inc. iota All-In-One Security Kit GHOME control authentication bypass vulnerability October 20, 2022 CVE Number CVE-2022-27805 SUMMARY An authentication bypass vulnerability exists in the GHOME control functionality of Abode Systems, Inc...

9.8CVSS9.9AI score0.01291EPSS
Exploits0
Talos
Talos
added 2022/10/20 12:0 a.m.46 views

Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2022-1559 Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP OS command injection vulnerabilities October 20, 2022 CVE Number CVE-2022-33194,CVE-2022-33195,CVE-2022-33193,CVE-2022-33192 SUMMARY Four OS command injection vulnerabilities exist in the...

10CVSS10AI score0.03244EPSS
Exploits4
Talos
Talos
added 2022/10/20 12:0 a.m.41 views

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamSetParamPost double-free vulnerability

Talos Vulnerability Report TALOS-2022-1565 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamSetParamPost double-free vulnerability October 20, 2022 CVE Number CVE-2022-32574 SUMMARY A double-free vulnerability exists in the web interface /action/ipcamSetParamPost...

7.5CVSS7AI score0.01487EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.36 views

Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1563 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-32586 SUMMARY An OS command injection vulnerability exists in the web interface...

8.8CVSS8.7AI score0.03787EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.32 views

Abode Systems, Inc. iota All-In-One Security Kit XCMD setIPCam stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1560 Abode Systems, Inc. iota All-In-One Security Kit XCMD setIPCam stack-based buffer overflow vulnerability October 20, 2022 CVE Number CVE-2022-32454 SUMMARY A stack-based buffer overflow vulnerability exists in the XCMD setIPCam functionality of Abode...

10CVSS10AI score0.01559EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.36 views

Abode Systems, Inc. iota All-In-One Security Kit XFINDER information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1553 Abode Systems, Inc. iota All-In-One Security Kit XFINDER information disclosure vulnerability October 20, 2022 CVE Number CVE-2022-29475 SUMMARY An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc. iota...

8.1CVSS5.9AI score0.00562EPSS
Exploits1
Talos
Talos
added 2022/10/20 12:0 a.m.42 views

Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities

Talos Vulnerability Report TALOS-2022-1583 Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities October 20, 2022 CVE Number CVE-2022-35879,CVE-2022-35878,CVE-2022-35881,CVE-2022-35880 SUMMARY Four format string injection vulnerabilities exist in th...

8.8CVSS8.4AI score0.00792EPSS
Exploits4
Talos
Talos
added 2022/10/14 12:0 a.m.54 views

Robustel R1510 sysupgrade firmware update vulnerability

Talos Vulnerability Report TALOS-2022-1580 Robustel R1510 sysupgrade firmware update vulnerability October 14, 2022 CVE Number CVE-2022-34845 SUMMARY A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packet can...

6.7CVSS4.8AI score0.00348EPSS
Exploits1
Talos
Talos
added 2022/10/14 12:0 a.m.101 views

Robustel R1510 web_server hashFirst denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1575 Robustel R1510 webserver hashFirst denial of service vulnerability October 14, 2022 CVE Number...

7.5CVSS6AI score0.01084EPSS
Exploits11
Talos
Talos
added 2022/10/14 12:0 a.m.46 views

Robustel R1510 js_package install OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1577 Robustel R1510 jspackage install OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-33150 SUMMARY An OS command injection vulnerability exists in the jspackage install functionality of Robustel R1510 3.1.16. A specially-crafted netwo...

9.8CVSS9.8AI score0.03359EPSS
Exploits1
Talos
Talos
added 2022/10/14 12:0 a.m.55 views

Robustel R1510 web_server /ajax/remove/ directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1579 Robustel R1510 webserver /ajax/remove/ directory traversal vulnerability October 14, 2022 CVE Number CVE-2022-33897 SUMMARY A directory traversal vulnerability exists in the webserver /ajax/remove/ functionality of Robustel R1510 3.1.16. A...

9.1CVSS7.7AI score0.01393EPSS
Exploits1
Talos
Talos
added 2022/10/14 12:0 a.m.47 views

Robustel R1510 sysupgrade command injection OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1576 Robustel R1510 sysupgrade command injection OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-32765 SUMMARY An OS command injection vulnerability exists in the sysupgrade command injection functionality of Robustel R1510 3.1.16 and...

9.8CVSS9.8AI score0.03455EPSS
Exploits1
Talos
Talos
added 2022/10/14 12:0 a.m.51 views

Robustel R1510 web_server /action/import_authorized_keys/ OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1578 Robustel R1510 webserver /action/importauthorizedkeys/ OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-34850 SUMMARY An OS command injection vulnerability exists in the webserver /action/importauthorizedkeys/ functionality of...

9.1CVSS8AI score0.0338EPSS
Exploits1
Talos
Talos
added 2022/10/10 12:0 a.m.139 views

VMware vCenter Server Platform Services Controller Unsafe Deserialization vulnerability

Talos Vulnerability Report TALOS-2022-1587 VMware vCenter Server Platform Services Controller Unsafe Deserialization vulnerability October 10, 2022 CVE Number CVE-2022-31680 SUMMARY An unsafe deserialization vulnerability exists in the Platform Services Controller functionality of VMware vCenter...

9.1CVSS9.6AI score0.33064EPSS
Exploits1
Talos
Talos
added 2022/10/04 12:0 a.m.30 views

Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability

Talos Vulnerability Report TALOS-2022-1574 Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability October 4, 2022 CVE Number CVE-2022-33896 SUMMARY A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A...

7.8CVSS8AI score0.00499EPSS
Exploits1
Talos
Talos
added 2022/09/22 12:0 a.m.58 views

uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities

Talos Vulnerability Report TALOS-2022-1517 uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities September 22, 2022 CVE Number CVE-2022-29503 SUMMARY A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng...

9.8CVSS9.1AI score0.01178EPSS
Exploits1
Talos
Talos
added 2022/08/17 12:0 a.m.33 views

Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1497 Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability August 17, 2022 CVE Number CVE-2022-35821 SUMMARY An out-of-bounds read vulnerability exists in the /proc/fdt mmap operation functionality of Microsoft Azure Sphere 22.02. A...

4.4CVSS5.1AI score0.01004EPSS
Exploits0
Talos
Talos
added 2022/08/16 12:0 a.m.55 views

WWBN AVideo videoAddNew cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2022-1540 WWBN AVideo videoAddNew cross-site scripting XSS vulnerability August 16, 2022 CVE Number CVE-2022-28712 SUMMARY A cross-site scripting xss vulnerability exists in the videoAddNew functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A...

9CVSS8.7AI score0.02438EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.38 views

WWBN AVideo image403 cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2022-1539 WWBN AVideo image403 cross-site scripting XSS vulnerability August 16, 2022 CVE Number CVE-2022-30690 SUMMARY A cross-site scripting xss vulnerability exists in the image403 functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A...

9.6CVSS6.4AI score0.83583EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.27 views

WWBN AVideo session id privilege escalation vulnerability

Talos Vulnerability Report TALOS-2022-1535 WWBN AVideo session id privilege escalation vulnerability August 16, 2022 CVE Number CVE-2022-30605 SUMMARY A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafte...

8.8CVSS8.7AI score0.04125EPSS
Exploits1
Total number of security vulnerabilities2218