Lucene search
K

2224 matches found

Talos
Talos
added 2021/07/26 12:0 a.m.179 views

CODESYS Development System ObjectManager.plugin ObjectStream.ProfileByteArray Unsafe Deserialization vulnerability

Summary An unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream.ProfileByteArray functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file t...

8.8CVSS8.1AI score0.01648EPSS
Exploits1
Talos
Talos
added 2021/07/26 12:0 a.m.115 views

CODESYS Development System PackageManagement.plugin ExtensionMethods.Clone() Unsafe Deserialization vulnerability

Summary An unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

8.8CVSS8AI score0.01298EPSS
Exploits0
Talos
Talos
added 2021/07/15 12:0 a.m.243 views

Advantech R-SeeNet telnet_form.php Reflected XSS vulnerability

Summary Cross-site scripting vulnerabilities exist in the telnetform.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can...

9.6CVSS6.8AI score0.12293EPSS
Exploits1
Talos
Talos
added 2021/07/15 12:0 a.m.85 views

D-LINK DIR-3040 Syslog information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions D-LINK DIR-30...

6.5CVSS4.8AI score0.36486EPSS
Exploits1
Talos
Talos
added 2021/07/15 12:0 a.m.75 views

D-LINK DIR-3040 Zebra IP routing manager information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability. Test...

7.5CVSS7.5AI score0.02013EPSS
Exploits2
Talos
Talos
added 2021/07/15 12:0 a.m.98 views

D-LINK DIR-3040 Libcli test environment hard-coded password vulnerability

Summary A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions D-LINK DIR-3040...

10CVSS9.7AI score0.02962EPSS
Exploits1
Talos
Talos
added 2021/07/15 12:0 a.m.216 views

Advantech R-SeeNet ssh_form.php Reflected XSS vulnerability

Summary Cross-site scripting vulnerabilities exist in the sshform.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can provide...

9.6CVSS6.8AI score0.14115EPSS
Exploits1
Talos
Talos
added 2021/07/15 12:0 a.m.104 views

D-LINK DIR-3040 Syslog information disclosure vulnerability

Talos Vulnerability Report TALOS-2021-1283 D-LINK DIR-3040 Syslog information disclosure vulnerability July 15, 2021 CVE Number CVE-2021-21818 Summary A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network...

7.5CVSS7.5AI score0.01948EPSS
Exploits2
Talos
Talos
added 2021/07/15 12:0 a.m.85 views

D-LINK DIR-3040 Libcli command injection vulnerability

Summary A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions D-LINK...

9.1CVSS8.3AI score0.02886EPSS
Exploits2
Talos
Talos
added 2021/07/15 12:0 a.m.264 views

Advantech R-SeeNet device_graph_page.php Multiple Reflected XSS vulnerabilities

Summary Multiple cross-site scripting vulnerabilities exist in the devicegraphpage.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. If a user visits specially crafted URLs, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An...

9.6CVSS6.8AI score0.63415EPSS
Exploits2
Talos
Talos
added 2021/07/15 12:0 a.m.263 views

Advantech R-SeeNet options.php local file inclusion (LFI) vulnerability

Summary A local file inclusion LFI vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacker can send a crafted HTTP request to trigger this vulnerability. Tested...

9.8CVSS8.9AI score0.03705EPSS
Exploits1
Talos
Talos
added 2021/07/15 12:0 a.m.329 views

Advantech R-SeeNet ping.php OS Command Injection vulnerability

Summary An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability. Tested...

10CVSS9.8AI score0.69631EPSS
Exploits1
Talos
Talos
added 2021/07/07 12:0 a.m.114 views

IOBit Advanced SystemCare Ultimate Privileged I/O Read vulnerabilities

Summary An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet IRP can lead to privileged reads in the context of a driver which can result in sensitive...

6.5CVSS5.2AI score0.0034EPSS
Exploits3
Talos
Talos
added 2021/07/07 12:0 a.m.90 views

IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c40a148 vulnerability

Summary An information disclosure vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to a disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerabilit...

6.5CVSS5.2AI score0.00336EPSS
Exploits1
Talos
Talos
added 2021/07/07 12:0 a.m.86 views

IOBit Advanced SystemCare ultimate privileged I/O write vulnerabilities

Summary A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. A specially crafted I/O request packet IRP can lead to privileged writes which can result in elevation of privileges of the current user. A...

8.8CVSS8.6AI score0.00338EPSS
Exploits3
Talos
Talos
added 2021/07/07 12:0 a.m.63 views

IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c406144 vulnerability

Summary A privilege escalation vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to increased privileges. An attacker can send a malicious IRP to trigger this vulnerability. Tested Versions...

8.8CVSS7.9AI score0.00295EPSS
Exploits1
Talos
Talos
added 2021/06/28 12:0 a.m.112 views

PowerISO DMG File Format Handler memory corruption vulnerability

Summary A memory corruption vulnerability exists in the DMG File Format Handler functionality of PowerISO 7.9. A specially crafted DMG file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. The vendor fixed it in a bug-release of the curre...

8.8CVSS7.8AI score0.00947EPSS
Exploits1
Talos
Talos
added 2021/06/22 12:0 a.m.146 views

Moodle spellchecker plugin command execution vulnerability

Summary A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities. Tested Versions Moodle 3.10 Product...

9.1CVSS9.7AI score0.24173EPSS
Exploits7
Talos
Talos
added 2021/06/16 12:0 a.m.61 views

EIP Stack Group OpENer Ethernet/IP UDP handler information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read. Tested Versions EIP Stack Group OpENer 2.3 EIP Stack Group OpENe...

10CVSS9.1AI score0.01667EPSS
Exploits1
Talos
Talos
added 2021/06/09 12:0 a.m.63 views

Komoot GmbH Komoot Friend finder information disclosure vulnerability

Talos Vulnerability Report TALOS-2021-1288 Komoot GmbH Komoot Friend finder information disclosure vulnerability June 9, 2021 CVE Number CVE-2021-21823 Summary An information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A special...

7.5CVSS5.8AI score0.00895EPSS
Exploits0
Talos
Talos
added 2021/06/08 12:0 a.m.112 views

Google Chrome WebAudio blink::AudioNodeOutput::Pull code execution vulnerability

Summary A code execution vulnerability exists in the WebAudio blink::AudioNodeOutput::Pull functionality of Google Chrome 90.0.4405.0 Build 64-bit and 88.0.4324.146 Official version 64-bit. A specially crafted web page can lead to use after free. An attacker could exploit this vulnerability by...

8.8CVSS8.6AI score0.0143EPSS
Exploits1
Talos
Talos
added 2021/06/02 12:0 a.m.45 views

Apple macOS SMB server directory query request integer overflow vulnerability

Summary A memory corruption vulnerability exists in the SMB Server on Apple macOS 11.2. A specially crafted SMB packet can trigger an integer overflow when handling directory query requests which can result in memory corruption, potentially leading to remote code execution and denial of service...

8.1CVSS9.2AI score0.0202EPSS
Exploits0
Talos
Talos
added 2021/06/02 12:0 a.m.188 views

Webkit ImageLoader dispatchPendingErrorEvent use-after-free vulnerability

Summary A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to trigger the vulnerability, a victim must be...

8CVSS8AI score0.0127EPSS
Exploits1
Talos
Talos
added 2021/06/02 12:0 a.m.55 views

Apple macOS SMB server TREE_CONNECT stack buffer overflow vulnerability

Summary A remote code execution vulnerability exists in the SMB Server Apple macOS 10.15.7. A specially crafted SMB packet can trigger a stack-based buffer overflow, which can lead to arbitrary code execution and denial of service. This vulnerability can be triggered by sending a malicious packet...

6.5CVSS7.3AI score0.01294EPSS
Exploits1
Talos
Talos
added 2021/06/02 12:0 a.m.86 views

Apple macOS SMB server IOCTL request uninitialized stack variable vulnerability

Summary A memory corruption vulnerability exists in the SMB Server Apple macOS 11.1. A specially crafted SMB packet can trigger the use of an uninitialized stack variable which can lead to memory corruption and denial of service. This vulnerability can be triggered by sending a malicious packet t...

7.8CVSS8.7AI score0.03766EPSS
Exploits0
Talos
Talos
added 2021/06/02 12:0 a.m.34 views

Webkit WebCore::GraphicsContext use-after-free vulnerability

Summary A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. A victim must be tricked into visiting a malicious web page to trigger...

8.8CVSS7.9AI score0.02913EPSS
Exploits1
Talos
Talos
added 2021/06/02 12:0 a.m.46 views

Apple macOS SMB server directory query arbitrary file access

Summary An arbitrary file access vulnerability exists in the SMB Server Apple macOS 11.2. A specially crafted SMB request can leak metadata of arbitrary files. This vulnerability can be triggered by sending a malicious packet to the vulnerable server. Tested Versions Apple macOS 11.2 Product URLs...

6.5CVSS7.6AI score0.24292EPSS
Exploits0
Talos
Talos
added 2021/06/02 12:0 a.m.221 views

Apple macOS SMB server create file request uninitialized memory disclosure

Summary A use of uninitialized data vulnerability exists in the SMB Server Apple macOS 11.2. A specially crafted SMB packet can cause uninitialized data to end up in server reply which can leak sensitive information. This vulnerability can be triggered by sending a malicious packet to the...

5.9CVSS7.2AI score0.01641EPSS
Exploits0
Talos
Talos
added 2021/06/02 12:0 a.m.36 views

Apple macOS SMB server lock request infinite loop

Summary A resource exhaustion vulnerability exists in the SMB Server on Apple macOS 11.2. A specially crafted SMB packet can trigger an infinite loop which leads to maximum CPU utilization and denial of service. This vulnerability can be triggered by sending a malicious packet to the vulnerable...

5.9CVSS7.2AI score0.01623EPSS
Exploits0
Talos
Talos
added 2021/06/01 12:0 a.m.46 views

Accusoft ImageGear JPG sof_nb_comp header processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the JPG sofnbcomp header processing functionality of Accusoft ImageGear 19.8 and 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions...

9.8CVSS9AI score0.01137EPSS
Exploits1
Talos
Talos
added 2021/06/01 12:0 a.m.29 views

Accusoft ImageGear JPG Handle_JPEG420 out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the JPG HandleJPEG420 functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.9...

9.8CVSS8.9AI score0.01215EPSS
Exploits1
Talos
Talos
added 2021/06/01 12:0 a.m.66 views

Accusoft ImageGear PDF process_fontname stack-based buffer overflow vulnerability

Summary A stack-based buffer overflow vulnerability exists in the PDF processfontname functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear...

9.8CVSS9.7AI score0.01963EPSS
Exploits1
Talos
Talos
added 2021/06/01 12:0 a.m.46 views

Accusoft ImageGear PNG png_palette_process memory corruption vulnerability

Summary A memory corruption vulnerability exists in the PNG pngpaletteprocess functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide malicious inputs to trigger this vulnerability. Tested Versions Accusoft ImageGear...

8.8CVSS8.8AI score0.01004EPSS
Exploits1
Talos
Talos
added 2021/06/01 12:0 a.m.47 views

Accusoft ImageGear DICOM parse_dicom_meta_info integer overflow vulnerability

Summary An integer overflow vulnerability exists in the DICOM parsedicommetainfo functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft...

9.8CVSS9.7AI score0.01458EPSS
Exploits1
Talos
Talos
added 2021/06/01 12:0 a.m.42 views

Accusoft ImageGear TIF bits_per_sample processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the TIF bitspersample processing functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft...

9.8CVSS7.9AI score0.0067EPSS
Exploits0
Talos
Talos
added 2021/06/01 12:0 a.m.34 views

Accusoft ImageGear TIF IP_planar_raster_unpack improper array index validation vulnerability

Summary An improper array index validation vulnerability exists in the TIF IPplanarrasterunpack functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions...

9.8CVSS9.5AI score0.01428EPSS
Exploits1
Talos
Talos
added 2021/05/28 12:0 a.m.212 views

Linux Kernel Arm SIGPAGE information disclosure vulnerability

Talos Vulnerability Report TALOS-2021-1243 Linux Kernel Arm SIGPAGE information disclosure vulnerability May 28, 2021 CVE Number CVE-2021-21781 SUMMARY An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version 5.11-rc4...

4CVSS5.5AI score0.00529EPSS
Exploits1
Talos
Talos
added 2021/05/24 12:0 a.m.48 views

Trend Micro, Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the tdts.ko chrdevioctlhandle functionality of Trend Micro, Inc. Home Network Security 6.1.567. A specially crafted ioctl can lead to increased privileges. An attacker can issue an ioctl to trigger this vulnerability. Tested Versions Trend...

7.8CVSS7.8AI score0.00434EPSS
Exploits1
Talos
Talos
added 2021/05/24 12:0 a.m.52 views

Trend Micro Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the tdts.ko chrdevioctlhandle functionality of Trend Micro, Inc. Home Network Security 6.1.567. A specially crafted ioctl can lead to code execution. An attacker can issue an ioctl to trigger this vulnerability. Tested Versions Trend Micro,...

7.8CVSS8AI score0.00392EPSS
Exploits0
Talos
Talos
added 2021/05/24 12:0 a.m.47 views

Trend Micro Inc. Home Network Security SFTP log collection server hard-coded password vulnerability

Summary A hard-coded password vulnerability exists in the SFTP Log Collection Server function of Trend Micro Inc.’s Home Network Security 6.1.567. A specially crafted network request can lead to arbitrary authentication. An attacker can send an unauthenticated message to trigger this vulnerabilit...

6.5CVSS6.9AI score0.0096EPSS
Exploits0
Talos
Talos
added 2021/05/19 12:0 a.m.35 views

Apple macOS SMB server signature verification information disclosure vulnerability

Summary An information disclosure vulnerability exists in the SMB Server Apple macOS 11.1. A specially crafted SMB packet can trigger an integer overflow, leading to information disclosure, cryptographic check bypass and denial of service. This vulnerability can be triggered by sending a maliciou...

6.5CVSS7.7AI score0.01825EPSS
Exploits0
Talos
Talos
added 2021/05/19 12:0 a.m.213 views

Google Chrome AudioDelayDSPKernel::ProcessKRate heap-based buffer overflow vulnerability

Summary An exploitable heap-based buffer overflow vulnerability exists in the Google Chromium browser affecting at least versions 89.0.4383.0 64-bit and 90.0.4390.0 64-bit. A specially crafted HTML web page can cause a heap-based Buffer Overflow condition, resulting in a remote code execution. Th...

8.8CVSS8.9AI score0.0191EPSS
Exploits1
Talos
Talos
added 2021/05/11 12:0 a.m.55 views

Adobe Acrobat Reader DC JavaScript search query code execution vulnerability

Summary A use-after-free vulnerability exists in the way Adobe Acrobat Reader DC 2020.013.20074 executes search queries through JavaScript. A specially crafted PDF document can trigger this vulnerability, which can lead to arbitrary code execution. A victim needs to open the malicious file to...

8.8CVSS9.1AI score0.05117EPSS
Exploits0
Talos
Talos
added 2021/05/06 12:0 a.m.196 views

Foxit Reader FileAttachment annotation use-after-free vulnerability

Summary A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.3.37598. A specially crafted PDF document can trigger the reuse of previously free memory, which can lead to arbitrary code execution. An attacker needs to trick the user into openi...

8.8CVSS8.9AI score0.01765EPSS
Exploits1
Talos
Talos
added 2021/04/26 12:0 a.m.49 views

Systemd DHCP client denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the...

6.1CVSS6.7AI score0.01399EPSS
Exploits1
Talos
Talos
added 2021/04/26 12:0 a.m.56 views

MZ Automation GmbH lib60870.NET ASDU message processing denial of service vulnerability

Summary A denial of service vulnerability exists in the ASDU message processing functionality of MZ Automation GmbH lib60870.NET 2.2.0. A specially crafted network request can lead to loss of communications. An attacker can send an unauthenticated message to trigger this vulnerability. Tested...

7.5CVSS7.5AI score0.01261EPSS
Exploits1
Talos
Talos
added 2021/04/22 12:0 a.m.52 views

Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability

Talos Vulnerability Report TALOS-2021-1240 Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability April 22, 2021 CVE Number CVE-2021-31518 SUMMARY A denial-of-service vulnerability exists in the tdts.ko TRF file-parsing function of Trend Micro Inc.’s Home...

7.8CVSS7.1AI score0.01097EPSS
Exploits0
Talos
Talos
added 2021/04/22 12:0 a.m.35 views

Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability

Talos Vulnerability Report TALOS-2021-1239 Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability April 22, 2021 CVE Number CVE-2021-31517 SUMMARY A denial-of-service vulnerability exists in the tdts.ko TRF file-parsing functionality of Trend Micro Inc.’s...

7.8CVSS7AI score0.01097EPSS
Exploits0
Talos
Talos
added 2021/04/21 12:0 a.m.370 views

Prusa Research PrusaSlicer Obj.cpp load_obj() out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the Obj.cpp loadobj functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Version...

8.8CVSS7.6AI score0.01467EPSS
Exploits1
Talos
Talos
added 2021/04/21 12:0 a.m.85 views

Prusa Research PrusaSlicer Objparser::objparse() stack-based buffer overflow vulnerability

Summary A stack-based buffer overflow vulnerability exists in the Objparser::objparse functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted obj file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS8AI score0.01436EPSS
Exploits1
Total number of security vulnerabilities2224