Lucene search
K

2224 matches found

Talos
Talos
added 2022/10/04 12:0 a.m.31 views

Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability

Talos Vulnerability Report TALOS-2022-1574 Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability October 4, 2022 CVE Number CVE-2022-33896 SUMMARY A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A...

7.8CVSS8AI score0.00499EPSS
Exploits1
Talos
Talos
added 2022/09/22 12:0 a.m.59 views

uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities

Talos Vulnerability Report TALOS-2022-1517 uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities September 22, 2022 CVE Number CVE-2022-29503 SUMMARY A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng...

9.8CVSS9.1AI score0.01178EPSS
Exploits1
Talos
Talos
added 2022/08/17 12:0 a.m.34 views

Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1497 Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability August 17, 2022 CVE Number CVE-2022-35821 SUMMARY An out-of-bounds read vulnerability exists in the /proc/fdt mmap operation functionality of Microsoft Azure Sphere 22.02. A...

4.4CVSS5.1AI score0.01004EPSS
Exploits0
Talos
Talos
added 2022/08/16 12:0 a.m.35 views

Microsoft DirectComposition CCompositionSurfaceBitmapMarshaler null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2022-1514 Microsoft DirectComposition CCompositionSurfaceBitmapMarshaler null pointer dereference vulnerability August 16, 2022 CVE Number CVE-2022-40732 SUMMARY An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver...

7.5CVSS5.3AI score0.0074EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.36 views

Microsoft DirectComposition GetWeakReferenceBase null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2022-1515 Microsoft DirectComposition GetWeakReferenceBase null pointer dereference vulnerability August 16, 2022 CVE Number CVE-2022-40733 SUMMARY An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version...

6.5CVSS5.2AI score0.00816EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.56 views

WWBN AVideo videoAddNew cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2022-1540 WWBN AVideo videoAddNew cross-site scripting XSS vulnerability August 16, 2022 CVE Number CVE-2022-28712 SUMMARY A cross-site scripting xss vulnerability exists in the videoAddNew functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A...

9CVSS8.7AI score0.02438EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.39 views

WWBN AVideo image403 cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2022-1539 WWBN AVideo image403 cross-site scripting XSS vulnerability August 16, 2022 CVE Number CVE-2022-30690 SUMMARY A cross-site scripting xss vulnerability exists in the image403 functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A...

9.6CVSS6.4AI score0.83583EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.49 views

WWBN AVideo aVideoEncoder wget OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1548 WWBN AVideo aVideoEncoder wget OS command injection vulnerability August 16, 2022 CVE Number CVE-2022-32572 SUMMARY An os command injection vulnerability exists in the aVideoEncoder wget functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A...

9.9CVSS9AI score0.22746EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.31 views

WWBN AVideo aVideoEncoderReceiveImage information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1549 WWBN AVideo aVideoEncoderReceiveImage information disclosure vulnerability August 16, 2022 CVE Number CVE-2022-32761 SUMMARY An information disclosure vulnerability exists in the aVideoEncoderReceiveImage functionality of WWBN AVideo 11.6 and dev master...

6.5CVSS6.8AI score0.02411EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.23 views

WWBN AVideo chunkFile information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1550 WWBN AVideo chunkFile information disclosure vulnerability August 16, 2022 CVE Number CVE-2022-28710 SUMMARY An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A...

6.5CVSS6.7AI score0.02296EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.57 views

WWBN AVideo cookie information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1542 WWBN AVideo cookie information disclosure vulnerability August 16, 2022 CVE Number CVE-2022-32777,CVE-2022-32778 SUMMARY An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The...

7.5CVSS7.3AI score0.01983EPSS
Exploits0
Talos
Talos
added 2022/08/16 12:0 a.m.52 views

WWBN AVideo objects id handling authentication bypass vulnerability

Talos Vulnerability Report TALOS-2022-1536 WWBN AVideo objects id handling authentication bypass vulnerability August 16, 2022 CVE Number CVE-2022-32768,CVE-2022-32769 SUMMARY Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev...

5CVSS5AI score0.00771EPSS
Exploits0
Talos
Talos
added 2022/08/16 12:0 a.m.33 views

HDF5 Group libhdf5 gif2h5 out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2022-1486 HDF5 Group libhdf5 gif2h5 out-of-bounds read vulnerability August 16, 2022 CVE Number CVE-2022-25942 SUMMARY An out-of-bounds read vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to cod...

7.8CVSS7.5AI score0.00577EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.34 views

HDF5 Group libhdf5 gif2h5 out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1485 HDF5 Group libhdf5 gif2h5 out-of-bounds write vulnerability August 16, 2022 CVE Number CVE-2022-25972 SUMMARY An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to...

7.8CVSS8.2AI score0.00589EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.40 views

WWBN AVideo all cross-site request forgery (csrf) vulnerability

Talos Vulnerability Report TALOS-2022-1534 WWBN AVideo all cross-site request forgery csrf vulnerability August 16, 2022 CVE Number CVE-2022-29468 SUMMARY A cross-site request forgery CSRF vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request ca...

8.8CVSS9AI score0.01439EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.81 views

WWBN AVideo ObjectYPT SQL injection vulnerability

Talos Vulnerability Report TALOS-2022-1551 WWBN AVideo ObjectYPT SQL injection vulnerability August 16, 2022 CVE Number CVE-2022-33147,CVE-2022-34652,CVE-2022-33149,CVE-2022-33148 SUMMARY A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit...

8.8CVSS9AI score0.01636EPSS
Exploits0
Talos
Talos
added 2022/08/16 12:0 a.m.31 views

WWBN AVideo charts tab selection cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2022-1537 WWBN AVideo charts tab selection cross-site scripting XSS vulnerability August 16, 2022 CVE Number CVE-2022-26842 SUMMARY A reflected cross-site scripting xss vulnerability exists in the charts tab selection functionality of WWBN AVideo 11.6 and dev mast...

9.6CVSS8.7AI score0.0293EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.30 views

HDF5 Group libhdf5 gif2h5 heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1487 HDF5 Group libhdf5 gif2h5 heap-based buffer overflow vulnerability August 16, 2022 CVE Number CVE-2022-26061 SUMMARY A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file...

7.8CVSS7.9AI score0.00618EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.60 views

WWBN AVideo footer alerts cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2022-1538 WWBN AVideo footer alerts cross-site scripting XSS vulnerability August 16, 2022 CVE Number CVE-2022-32770,CVE-2022-32772,CVE-2022-32771 SUMMARY A cross-site scripting xss vulnerability exists in the footer alerts functionality of WWBN AVideo 11.6 and de...

9.6CVSS6.2AI score0.03355EPSS
Exploits0
Talos
Talos
added 2022/08/16 12:0 a.m.34 views

WWBN AVideo aVideoEncoder unzipDirectory directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1547 WWBN AVideo aVideoEncoder unzipDirectory directory traversal vulnerability August 16, 2022 CVE Number CVE-2022-30547 SUMMARY A directory traversal vulnerability exists in the unzipDirectory functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364...

9.9CVSS9.7AI score0.63666EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.28 views

WWBN AVideo session id privilege escalation vulnerability

Talos Vulnerability Report TALOS-2022-1535 WWBN AVideo session id privilege escalation vulnerability August 16, 2022 CVE Number CVE-2022-30605 SUMMARY A privilege escalation vulnerability exists in the session id functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafte...

8.8CVSS8.7AI score0.04125EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.27 views

WWBN AVideo password hash improper authentication vulnerability

Talos Vulnerability Report TALOS-2022-1545 WWBN AVideo password hash improper authentication vulnerability August 16, 2022 CVE Number CVE-2022-32282 SUMMARY An improper password check exists in the login functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. An attacker that owns a...

8.8CVSS8.3AI score0.01587EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.40 views

WWBN AVideo aVideoEncoder chunkfile OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1546 WWBN AVideo aVideoEncoder chunkfile OS command injection vulnerability August 16, 2022 CVE Number CVE-2022-30534 SUMMARY An OS command injection vulnerability exists in the aVideoEncoder chunkfile functionality of WWBN AVideo 11.6 and dev master commit...

9.9CVSS9AI score0.74491EPSS
Exploits0
Talos
Talos
added 2022/08/03 12:0 a.m.44 views

ESTsoft Alyac OLE header parsing integer overflow

Talos Vulnerability Report TALOS-2022-1527 ESTsoft Alyac OLE header parsing integer overflow August 3, 2022 CVE Number CVE-2022-32543 SUMMARY An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overfl...

7.8CVSS6.9AI score0.00457EPSS
Exploits1
Talos
Talos
added 2022/08/03 12:0 a.m.49 views

ESTsoft Alyac OLE header Mini FAT sectors integer overflow

Talos Vulnerability Report TALOS-2022-1533 ESTsoft Alyac OLE header Mini FAT sectors integer overflow August 3, 2022 CVE Number CVE-2022-29886 SUMMARY An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buff...

7.8CVSS6.9AI score0.00455EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.55 views

TCL LinkHub Mesh Wifi confsrv ucloud_add_node OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1458 TCL LinkHub Mesh Wifi confsrv ucloudaddnode OS command injection vulnerability August 1, 2022 CVE Number CVE-2022-22140 SUMMARY An os command injection vulnerability exists in the confsrv ucloudaddnode functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.001...

9.8CVSS9.8AI score0.03589EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.34 views

TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1484 TCL LinkHub Mesh Wi-Fi confsrv ucloudsetnodelocation buffer overflow vulnerability August 1, 2022 CVE Number CVE-2022-26342 SUMMARY A buffer overflow vulnerability exists in the confsrv ucloudsetnodelocation functionality of TCL LinkHub Mesh Wi-Fi...

9.8CVSS9.6AI score0.0104EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.37 views

TCL LinkHub Mesh Wifi confctl_get_master_wlan information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1504 TCL LinkHub Mesh Wifi confctlgetmasterwlan information disclosure vulnerability August 1, 2022 CVE Number CVE-2022-27630 SUMMARY An information disclosure vulnerability exists in the confctlgetmasterwlan functionality of TCL LinkHub Mesh Wi-Fi...

7.5CVSS6.7AI score0.0077EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.33 views

TCL LinkHub Mesh Wifi confsrv ucloud_add_node_new OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1457 TCL LinkHub Mesh Wifi confsrv ucloudaddnodenew OS command injection vulnerability August 1, 2022 CVE Number CVE-2022-21178 SUMMARY An os command injection vulnerability exists in the confsrv ucloudaddnewnode functionality of TCL LinkHub Mesh Wifi...

9.8CVSS9.8AI score0.03565EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.36 views

TCL LinkHub Mesh Wifi confsrv set_mf_rule stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1455 TCL LinkHub Mesh Wifi confsrv setmfrule stack-based buffer overflow vulnerability August 1, 2022 CVE Number CVE-2022-23919,CVE-2022-23918 SUMMARY A stack-based buffer overflow vulnerability exists in the confsrv setmfrule functionality of TCL LinkHub Mes...

9.8CVSS9.5AI score0.01096EPSS
Exploits2
Talos
Talos
added 2022/08/01 12:0 a.m.38 views

TCL LinkHub Mesh Wifi confctl_set_master_wlan denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1505 TCL LinkHub Mesh Wifi confctlsetmasterwlan denial of service vulnerability August 1, 2022 CVE Number CVE-2022-27185 SUMMARY A denial of service vulnerability exists in the confctlsetmasterwlan functionality of TCL LinkHub Mesh Wifi MS1G0001.0014. A...

9.3CVSS7.6AI score0.00901EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.46 views

TCL LinkHub Mesh Wifi confctl_set_guest_wlan denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1502 TCL LinkHub Mesh Wifi confctlsetguestwlan denial of service vulnerability August 1, 2022 CVE Number CVE-2022-27660 SUMMARY A denial of service vulnerability exists in the confctlsetguestwlan functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A...

9.3CVSS7.8AI score0.00901EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.36 views

TCL LinkHub Mesh Wi-Fi confsrv addTimeGroup stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1482 TCL LinkHub Mesh Wi-Fi confsrv addTimeGroup stack-based buffer overflow vulnerability August 1, 2022 CVE Number CVE-2022-25996 SUMMARY A stack-based buffer overflow vulnerability exists in the confsrv addTimeGroup functionality of TCL LinkHub Mesh Wi-Fi...

9.8CVSS9.5AI score0.0104EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.40 views

TCL LinkHub Mesh Wifi libcommonprod.so prod_change_root_passwd hard-coded password vulnerability

Talos Vulnerability Report TALOS-2022-1459 TCL LinkHub Mesh Wifi libcommonprod.so prodchangerootpasswd hard-coded password vulnerability August 1, 2022 CVE Number CVE-2022-22144 SUMMARY A hard-coded password vulnerability exists in the libcommonprod.so prodchangerootpasswd functionality of TCL...

9.8CVSS8.8AI score0.00811EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.40 views

TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1483 TCL LinkHub Mesh Wi-Fi confsrv ucloudsetnodelocation stack-based buffer overflow vulnerability August 1, 2022 CVE Number CVE-2022-26009 SUMMARY A stack-based buffer overflow vulnerability exists in the confsrv ucloudsetnodelocation functionality of TCL...

9.8CVSS9.5AI score0.01088EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.49 views

TCL LinkHub Mesh Wifi ucloud_del_node denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1507 TCL LinkHub Mesh Wifi uclouddelnode denial of service vulnerability August 1, 2022 CVE Number CVE-2022-26346 SUMMARY A denial of service vulnerability exists in the uclouddelnode functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted...

9.8CVSS9.3AI score0.01043EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.37 views

TCL LinkHub Mesh Wifi confers ucloud_add_node_new stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1456 TCL LinkHub Mesh Wifi confers ucloudaddnodenew stack-based buffer overflow vulnerability August 1, 2022 CVE Number CVE-2022-21201 SUMMARY A stack-based buffer overflow vulnerability exists in the confers ucloudaddnodenew functionality of TCL LinkHub Mesh...

8.8CVSS9.1AI score0.00843EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.52 views

TCL LinkHub Mesh Wifi confctl_get_guest_wlan information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1503 TCL LinkHub Mesh Wifi confctlgetguestwlan information disclosure vulnerability August 1, 2022 CVE Number CVE-2022-27633 SUMMARY An information disclosure vulnerability exists in the confctlgetguestwlan functionality of TCL LinkHub Mesh Wifi MS1G0001.0014...

7.5CVSS6.7AI score0.0077EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.40 views

TCL LinkHub Mesh Wi-Fi confsrv confctl_set_app_language stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1462 TCL LinkHub Mesh Wi-Fi confsrv confctlsetapplanguage stack-based buffer overflow vulnerability August 1, 2022 CVE Number CVE-2022-23103 SUMMARY A stack-based buffer overflow vulnerability exists in the confsrv confctlsetapplanguage functionality of TCL...

9.8CVSS9.6AI score0.01096EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.129 views

TCL LinkHub Mesh Wifi GetValue buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1463 TCL LinkHub Mesh Wifi GetValue buffer overflow vulnerability August 1, 2022 CVE Number...

9.8CVSS9.5AI score0.01088EPSS
Exploits25
Talos
Talos
added 2022/08/01 12:0 a.m.38 views

TCL LinkHub Mesh Wifi confsrv set_port_fwd_rule stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1454 TCL LinkHub Mesh Wifi confsrv setportfwdrule stack-based buffer overflow vulnerability August 1, 2022 CVE Number CVE-2022-23399 SUMMARY A stack-based buffer overflow vulnerability exists in the confsrv setportfwdrule functionality of TCL LinkHub Mesh Wif...

9.8CVSS9.5AI score0.01088EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.47 views

TCL LinkHub Mesh Wi-Fi confctl_set_wan_cfg denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1506 TCL LinkHub Mesh Wi-Fi confctlsetwancfg denial of service vulnerability August 1, 2022 CVE Number CVE-2022-27178 SUMMARY A denial of service vulnerability exists in the confctlsetwancfg functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A...

9.8CVSS9.3AI score0.00999EPSS
Exploits1
Talos
Talos
added 2022/07/27 12:0 a.m.97 views

DD-WRT httpd unescape memory corruption vulnerability

Summary A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. Tested Versions DD-WRT Revision 322...

9.8CVSS7.4AI score0.00993EPSS
Exploits1
Talos
Talos
added 2022/07/27 12:0 a.m.75 views

FreshTomato httpd unescape memory corruption vulnerability

Summary A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. Tested Versions FreshTomato 2022.1 Product URLs...

9.8CVSS7.3AI score0.01372EPSS
Exploits2
Talos
Talos
added 2022/07/27 12:0 a.m.113 views

Asuswrt and Asuswrt-Merlin New Gen httpd unescape memory corruption vulnerability

Talos Vulnerability Report TALOS-2022-1511 Asuswrt and Asuswrt-Merlin New Gen httpd unescape memory corruption vulnerability July 27, 2022 CVE Number CVE-2022-26376 SUMMARY A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.38648706 and...

9.8CVSS7.5AI score0.01075EPSS
Exploits1
Talos
Talos
added 2022/07/18 12:0 a.m.36 views

Accusoft ImageGear PSD Header processing memory allocation out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions...

9.8CVSS9.1AI score0.01758EPSS
Exploits1
Talos
Talos
added 2022/07/14 12:0 a.m.37 views

Google Chrome WebGPU DoBufferDestroy kDirect allocation use-after-free vulnerability

Summary A use-after-free vulnerability exists in the WebGPU functionality of Google Chrome 102.0.4956.0 Build 64-bit and 99.0.4844.82 Build 64-bit. A specially-crafted web page can lead to a use-after-free. An attacker can provide a crafted URL to trigger this vulnerability. Tested Versions Googl...

8.8CVSS8.8AI score0.00617EPSS
Exploits1
Talos
Talos
added 2022/07/13 12:0 a.m.32 views

Adobe Acrobat Reader DC overlapping annotations type confusion vulnerability

Summary A type confusion vulnerability exists in the way Adobe Acrobat Reader DC 2022.001.20085 deals with overlapping annotations. A specially-crafted PDF document can trigger this vulnerability, which can lead to arbitrary code execution. A victim needs to open the malicious file to trigger thi...

7.8CVSS7.9AI score0.1083EPSS
Exploits0
Talos
Talos
added 2022/07/13 12:0 a.m.29 views

Adobe Acrobat Reader DC event value use-after-free

Summary A use-after-free vulnerability exists in the way Adobe Acrobat Reader DC 2022.001.20117 deals with event objects across different event types. A specially-crafted PDF document can trigger this vulnerability, which can lead to arbitrary code execution. A victim needs to open the malicious...

7.8CVSS7.8AI score0.03363EPSS
Exploits0
Talos
Talos
added 2022/06/30 12:0 a.m.57 views

Robustel R1510 web_server ajax endpoints OS command injection vulnerabilities

Summary Multiple command injection vulnerabilities exist in the webserver ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities. Tested...

9.8CVSS10AI score0.04251EPSS
Exploits5
Total number of security vulnerabilities2224