2218 matches found
Callback technologies CBFS Filter handle_ioctl_0x830a0_systembuffer null pointer dereference vulnerability
Talos Vulnerability Report TALOS-2022-1649 Callback technologies CBFS Filter handleioctl0x830a0systembuffer null pointer dereference vulnerability November 22, 2022 CVE Number CVE-2022-43590 SUMMARY A null pointer dereference vulnerability exists in the handleioctl0x830a0systembuffer functionalit...
Callback technologies CBFS Filter handle_ioctl_8314C null pointer dereference vulnerability
Talos Vulnerability Report TALOS-2022-1648 Callback technologies CBFS Filter handleioctl8314C null pointer dereference vulnerability November 22, 2022 CVE Number CVE-2022-43589 SUMMARY A null pointer dereference vulnerability exists in the handleioctl8314C functionality of Callback technologies...
Microsoft Office class attribute double-free vulnerability
Talos Vulnerability Report TALOS-2022-1591 Microsoft Office class attribute double-free vulnerability November 15, 2022 CVE Number CVE-2022-41106 SUMMARY A double-free vulnerability exists in the class attribute functionality of Microsoft Office Excel 2019 x86 - version 2207 build 15427.20210 and...
Foxit Reader Optional Content Group use-after-free vulnerability
Talos Vulnerability Report TALOS-2022-1614 Foxit Reader Optional Content Group use-after-free vulnerability November 10, 2022 CVE Number CVE-2022-40129 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.0.1.12430. A specially-crafted...
Foxit Reader deletePages Field Calculate use-after-free vulnerability
Talos Vulnerability Report TALOS-2022-1600 Foxit Reader deletePages Field Calculate use-after-free vulnerability November 10, 2022 CVE Number CVE-2022-32774 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.0.1.12430. By prematurely...
Foxit Reader openPlayer use-after-free vulnerability
Talos Vulnerability Report TALOS-2022-1602 Foxit Reader openPlayer use-after-free vulnerability November 10, 2022 CVE Number CVE-2022-37332 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.0.1.12430. A specially-crafted PDF document...
Foxit Reader annotation destroy use-after-free vulnerability
Talos Vulnerability Report TALOS-2022-1601 Foxit Reader annotation destroy use-after-free vulnerability November 10, 2022 CVE Number CVE-2022-38097 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.0.1.12430. By prematurely destroyin...
InHand Networks InRouter302 console nvram leftover debug code vulnerability
Talos Vulnerability Report TALOS-2022-1518 InHand Networks InRouter302 console nvram leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-29481 SUMMARY A leftover debug code vulnerability exists in the console nvram functionality of InHand Networks InRouter302 V3.5.45. A...
InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability
Talos Vulnerability Report TALOS-2022-1522 InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-29888 SUMMARY A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks...
InHand Networks InRouter302 console verify leftover debug code vulnerability
Talos Vulnerability Report TALOS-2022-1520 InHand Networks InRouter302 console verify leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-26023 SUMMARY A leftover debug code vulnerability exists in the console verify functionality of InHand Networks InRouter302 V3.5.45. A...
InHand Networks InRouter302 console infct leftover debug code vulnerability
Talos Vulnerability Report TALOS-2022-1519 InHand Networks InRouter302 console infct leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-30543 SUMMARY A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A...
Accusoft ImageGear PICT parsing pctwread_14841 out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2022-1544 Accusoft ImageGear PICT parsing pctwread14841 out-of-bounds write vulnerability October 27, 2022 CVE Number CVE-2022-32588 SUMMARY An out-of-bounds write vulnerability exists in the PICT parsing pctwread14841 functionality of Accusoft ImageGear 20.0. A...
InHand Networks InRouter302 console support leftover debug code vulnerability
Talos Vulnerability Report TALOS-2022-1521 InHand Networks InRouter302 console support leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-28689 SUMMARY A leftover debug code vulnerability exists in the console support functionality of InHand Networks InRouter302 V3.5.45. A...
InHand Networks InRouter302 Incorrect fixes privilege escalation vulnerability
Talos Vulnerability Report TALOS-2022-1523 InHand Networks InRouter302 Incorrect fixes privilege escalation vulnerability October 27, 2022 CVE Number CVE-2022-25932 SUMMARY The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and TALOS-2022-1474. The fixes are...
Abode Systems, Inc. iota All-In-One Security Kit telnet hard-coded password vulnerability
Talos Vulnerability Report TALOS-2022-1569 Abode Systems, Inc. iota All-In-One Security Kit telnet hard-coded password vulnerability October 20, 2022 CVE Number CVE-2022-29889 SUMMARY A hard-coded password vulnerability exists in the telnet functionality of Abode Systems, Inc. iota All-In-One...
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2022-1568 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect OS command injection vulnerabilities October 20, 2022 CVE Number CVE-2022-33205,CVE-2022-33204,CVE-2022-33206,CVE-2022-33207 SUMMARY Four OS command injection...
Abode Systems, Inc. iota All-In-One Security Kit console_main_loop :sys OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1561 Abode Systems, Inc. iota All-In-One Security Kit consolemainloop :sys OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-29520 SUMMARY An OS command injection vulnerability exists in the consolemainloop :sys functionality of Abode...
Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_serial_mac OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1566 Abode Systems, Inc. iota All-In-One Security Kit web interface utilsetserialmac OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-29472 SUMMARY An OS command injection vulnerability exists in the web interface utilsetserialmac...
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory* authentication bypass vulnerability
Talos Vulnerability Report TALOS-2022-1554 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory authentication bypass vulnerability October 20, 2022 CVE Number CVE-2022-29477 SUMMARY An authentication bypass vulnerability exists in the web interface /action/factory...
Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1558 Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-33189 SUMMARY An OS command injection vulnerability exists in the XCMD setAlexa functionality of Abode Systems, Inc. io...
Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP format string injection vulnerabilities
Talos Vulnerability Report TALOS-2022-1581 Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP format string injection vulnerabilities October 20, 2022 CVE Number CVE-2022-35877,CVE-2022-35874,CVE-2022-35875,CVE-2022-35876 SUMMARY Four format string injection vulnerabilities exist in...
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/iperf OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1562 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/iperf OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-30603 SUMMARY An OS command injection vulnerability exists in the web interface /action/iperf functionali...
Abode Systems, Inc. iota All-In-One Security Kit ghome_process_control_packet format string injection vulnerability
Talos Vulnerability Report TALOS-2022-1584 Abode Systems, Inc. iota All-In-One Security Kit ghomeprocesscontrolpacket format string injection vulnerability October 20, 2022 CVE Number CVE-2022-33938 SUMMARY A format string injection vulnerability exists in the ghomeprocesscontrolpacket...
Abode Systems, Inc. iota All-In-One Security Kit XCMD setUPnP OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1557 Abode Systems, Inc. iota All-In-One Security Kit XCMD setUPnP OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-30541 SUMMARY An OS command injection vulnerability exists in the XCMD setUPnP functionality of Abode Systems, Inc. iota...
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect format string injection vulnerabilities
Talos Vulnerability Report TALOS-2022-1585 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect format string injection vulnerabilities October 20, 2022 CVE Number CVE-2022-35885,CVE-2022-35886,CVE-2022-35884,CVE-2022-35887 SUMMARY Four format string injection...
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost integer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1564 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost integer overflow vulnerability October 20, 2022 CVE Number CVE-2022-32775 SUMMARY An integer overflow vulnerability exists in the web interface /action/ipcamRecordPost...
Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug denial of service vulnerability
Talos Vulnerability Report TALOS-2022-1555 Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug denial of service vulnerability October 20, 2022 CVE Number CVE-2022-32760 SUMMARY A denial of service vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota...
Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_abode_code OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1567 Abode Systems, Inc. iota All-In-One Security Kit web interface utilsetabodecode OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-27804 SUMMARY An os command injection vulnerability exists in the web interface utilsetabodecode...
Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug OS Command Injection vulnerability
Talos Vulnerability Report TALOS-2022-1556 Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug OS Command Injection vulnerability October 20, 2022 CVE Number CVE-2022-32773 SUMMARY An OS command injection vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota...
Abode Systems, Inc. iota All-In-One Security Kit XCMD getVarHA memory corruption vulnerability
Talos Vulnerability Report TALOS-2022-1582 Abode Systems, Inc. iota All-In-One Security Kit XCMD getVarHA memory corruption vulnerability October 20, 2022 CVE Number CVE-2022-35244 SUMMARY A format string injection vulnerability exists in the XCMD getVarHA functionality of abode systems, inc. iot...
Abode Systems, Inc. iota All-In-One Security Kit GHOME control authentication bypass vulnerability
Talos Vulnerability Report TALOS-2022-1552 Abode Systems, Inc. iota All-In-One Security Kit GHOME control authentication bypass vulnerability October 20, 2022 CVE Number CVE-2022-27805 SUMMARY An authentication bypass vulnerability exists in the GHOME control functionality of Abode Systems, Inc...
Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2022-1559 Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP OS command injection vulnerabilities October 20, 2022 CVE Number CVE-2022-33194,CVE-2022-33195,CVE-2022-33193,CVE-2022-33192 SUMMARY Four OS command injection vulnerabilities exist in the...
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamSetParamPost double-free vulnerability
Talos Vulnerability Report TALOS-2022-1565 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamSetParamPost double-free vulnerability October 20, 2022 CVE Number CVE-2022-32574 SUMMARY A double-free vulnerability exists in the web interface /action/ipcamSetParamPost...
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1563 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-32586 SUMMARY An OS command injection vulnerability exists in the web interface...
Abode Systems, Inc. iota All-In-One Security Kit XCMD setIPCam stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1560 Abode Systems, Inc. iota All-In-One Security Kit XCMD setIPCam stack-based buffer overflow vulnerability October 20, 2022 CVE Number CVE-2022-32454 SUMMARY A stack-based buffer overflow vulnerability exists in the XCMD setIPCam functionality of Abode...
Abode Systems, Inc. iota All-In-One Security Kit XFINDER information disclosure vulnerability
Talos Vulnerability Report TALOS-2022-1553 Abode Systems, Inc. iota All-In-One Security Kit XFINDER information disclosure vulnerability October 20, 2022 CVE Number CVE-2022-29475 SUMMARY An information disclosure vulnerability exists in the XFINDER functionality of Abode Systems, Inc. iota...
Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities
Talos Vulnerability Report TALOS-2022-1583 Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities October 20, 2022 CVE Number CVE-2022-35879,CVE-2022-35878,CVE-2022-35881,CVE-2022-35880 SUMMARY Four format string injection vulnerabilities exist in th...
Robustel R1510 sysupgrade firmware update vulnerability
Talos Vulnerability Report TALOS-2022-1580 Robustel R1510 sysupgrade firmware update vulnerability October 14, 2022 CVE Number CVE-2022-34845 SUMMARY A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network packet can...
Robustel R1510 web_server hashFirst denial of service vulnerability
Talos Vulnerability Report TALOS-2022-1575 Robustel R1510 webserver hashFirst denial of service vulnerability October 14, 2022 CVE Number...
Robustel R1510 js_package install OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1577 Robustel R1510 jspackage install OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-33150 SUMMARY An OS command injection vulnerability exists in the jspackage install functionality of Robustel R1510 3.1.16. A specially-crafted netwo...
Robustel R1510 web_server /ajax/remove/ directory traversal vulnerability
Talos Vulnerability Report TALOS-2022-1579 Robustel R1510 webserver /ajax/remove/ directory traversal vulnerability October 14, 2022 CVE Number CVE-2022-33897 SUMMARY A directory traversal vulnerability exists in the webserver /ajax/remove/ functionality of Robustel R1510 3.1.16. A...
Robustel R1510 sysupgrade command injection OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1576 Robustel R1510 sysupgrade command injection OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-32765 SUMMARY An OS command injection vulnerability exists in the sysupgrade command injection functionality of Robustel R1510 3.1.16 and...
Robustel R1510 web_server /action/import_authorized_keys/ OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1578 Robustel R1510 webserver /action/importauthorizedkeys/ OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-34850 SUMMARY An OS command injection vulnerability exists in the webserver /action/importauthorizedkeys/ functionality of...
VMware vCenter Server Platform Services Controller Unsafe Deserialization vulnerability
Talos Vulnerability Report TALOS-2022-1587 VMware vCenter Server Platform Services Controller Unsafe Deserialization vulnerability October 10, 2022 CVE Number CVE-2022-31680 SUMMARY An unsafe deserialization vulnerability exists in the Platform Services Controller functionality of VMware vCenter...
Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability
Talos Vulnerability Report TALOS-2022-1574 Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability October 4, 2022 CVE Number CVE-2022-33896 SUMMARY A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A...
uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities
Talos Vulnerability Report TALOS-2022-1517 uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities September 22, 2022 CVE Number CVE-2022-29503 SUMMARY A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng...
Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2022-1497 Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability August 17, 2022 CVE Number CVE-2022-35821 SUMMARY An out-of-bounds read vulnerability exists in the /proc/fdt mmap operation functionality of Microsoft Azure Sphere 22.02. A...
WWBN AVideo videoAddNew cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2022-1540 WWBN AVideo videoAddNew cross-site scripting XSS vulnerability August 16, 2022 CVE Number CVE-2022-28712 SUMMARY A cross-site scripting xss vulnerability exists in the videoAddNew functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A...
WWBN AVideo image403 cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2022-1539 WWBN AVideo image403 cross-site scripting XSS vulnerability August 16, 2022 CVE Number CVE-2022-30690 SUMMARY A cross-site scripting xss vulnerability exists in the image403 functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A...
WWBN AVideo session id privilege escalation vulnerability
Talos Vulnerability Report TALOS-2022-1535 WWBN AVideo session id privilege escalation vulnerability August 16, 2022 CVE Number CVE-2022-30605 SUMMARY A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafte...