Lucene search
K

2224 matches found

Talos
Talos
added 2021/04/21 12:0 a.m.47 views

Prusa Research PrusaSlicer Admesh stl_fix_normal_directions() out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the Admesh stlfixnormaldirections functionality of Prusa Research PrusaSlicer 2.2.0 and Master commit 4b040b856. A specially crafted AMF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

8.8CVSS7.8AI score0.01274EPSS
Exploits1
Talos
Talos
added 2021/04/19 12:0 a.m.156 views

Synology QuickConnect servers HTTP redirection Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the HTTP redirection functionality of Synology QuickConnect servers. An attacker can impersonate the remote QuickConnect servers in order to impersonate the remote device and in turn steal the device’s credentials. An attacker...

6.8AI score
Exploits0
Talos
Talos
added 2021/04/19 12:0 a.m.187 views

Synology DSM synoagentregisterd server finder out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the synoagentregisterd server finder functionality of Synology DSM 6.2.3 25426 DS120j. A specially crafted HTTP response can lead to remote code execution. An attacker can use man-in-the-middle techniques to trigger this vulnerability. Tested...

8.7AI score
Exploits0
Talos
Talos
added 2021/04/15 12:0 a.m.77 views

Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability

Summary A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability. Tested Versions Cosori Smart...

8.1CVSS8.6AI score0.01875EPSS
Exploits1
Talos
Talos
added 2021/04/15 12:0 a.m.21 views

Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability

Summary A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability...

9.8CVSS9.4AI score0.02545EPSS
Exploits1
Talos
Talos
added 2021/04/13 12:0 a.m.31 views

Microsoft Azure Sphere mount namespace unsigned code execution vulnerability

Summary An unsigned code execution vulnerability exists in the mount namespace functionality of Microsoft Azure Sphere 21.01. A specially crafted shellcode could allow an adversary to execute an arbitrary binary in a tmpfs mount, leading to unsigned code execution. An attacker can switch to a new...

6.2CVSS6.5AI score0.01028EPSS
Exploits1
Talos
Talos
added 2021/04/13 12:0 a.m.79 views

OpenClinic GA web portal multiple SQL injection vulnerabilities in the 'getAssets.jsp' page

Summary Multiple exploitable SQL injection vulnerabilities exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions OpenClinic GA 5.173.3...

9.8CVSS8.7AI score0.00876EPSS
Exploits3
Talos
Talos
added 2021/04/13 12:0 a.m.258 views

OpenClinic GA unauthenticated command injection vulnerability

Summary An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially crafted web requests can cause commands to be executed on the server. An attacker can send a web request with parameters containing specific parameter to trigger this vulnerability, potentially...

10CVSS9.9AI score0.02894EPSS
Exploits1
Talos
Talos
added 2021/04/13 12:0 a.m.259 views

OpenClinic GA web portal multiple SQL injection vulnerabilities in 'patientslist.do' page

Summary A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions...

8.8CVSS8.1AI score0.00806EPSS
Exploits3
Talos
Talos
added 2021/04/13 12:0 a.m.45 views

Microsoft Azure Sphere Linux namespace ptrace unsigned code execution vulnerability

Summary An unsigned code execution vulnerability exists in the Linux namespace ptrace functionality of Microsoft Azure Sphere 21.01. Specially crafted shellcode could allow an adversary to execute unsigned code. An attacker can change the namespace and use ptrace to modify the code of a running...

6.2CVSS6.6AI score0.01028EPSS
Exploits1
Talos
Talos
added 2021/04/13 12:0 a.m.269 views

OpenClinic GA web portal SQL injection vulnerability in 'statistics/quickFile.jsp' page

Summary An exploitable SQL injection vulnerability exists in ‘quickFile.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions OpenClinic GA 5.173.3 Product...

8.8CVSS7.9AI score0.01037EPSS
Exploits1
Talos
Talos
added 2021/04/13 12:0 a.m.269 views

OpenClinic GA web portal multiple SQL injection vulnerabilities in 'listImmoLabels.jsp' page

Summary A number of exploitable SQL injection vulnerabilities exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions...

8.8CVSS8.1AI score0.00806EPSS
Exploits3
Talos
Talos
added 2021/04/13 12:0 a.m.252 views

OpenClinic GA Web portal SQL injection vulnerability in 'manageServiceStocks.jsp' page

Summary An exploitable SQL injection vulnerability exists in ‘manageServiceStocks.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions OpenClinic GA 5.173.3...

8.8CVSS7.9AI score0.01037EPSS
Exploits1
Talos
Talos
added 2021/04/13 12:0 a.m.44 views

Microsoft Azure Sphere mqueue inode initialization kernel code execution vulnerability

Summary A code execution vulnerability exists in the mqueue inode initialization functionality of Microsoft Azure Sphere 21.01. A specially crafted set of syscalls can lead to uninitialized kernel read, which in turn leads to code execution in kernel. To trigger this vulnerability, an attacker ca...

9.3CVSS9.1AI score0.01216EPSS
Exploits1
Talos
Talos
added 2021/04/13 12:0 a.m.25 views

Microsoft Azure Sphere Kernel pwm_ioctl_apply_state kfree() code execution vulnerability

Summary A code execution vulnerability exists in the kernel pwmioctlapplystate functionality of Microsoft Azure Sphere 21.01. A specially crafted ioctl can lead to arbitrary kfree. An attacker can issue an ioctl to trigger this vulnerability. Tested Versions Microsoft Azure Sphere 21.01 Product...

8.1CVSS8.2AI score0.0048EPSS
Exploits0
Talos
Talos
added 2021/04/13 12:0 a.m.85 views

OpenClinic GA installation privilege escalation vulnerability

Summary An incorrect default permissions vulnerability exists in the installation functionality of OpenClinic GA 5.173.3. Overwriting the binary can result in privilege escalation. An attacker can replace a file to exploit this vulnerability. Tested Versions OpenClinic GA 5.173.3 Product URLs...

8.8CVSS8AI score0.00763EPSS
Exploits1
Talos
Talos
added 2021/04/08 12:0 a.m.81 views

Rukovoditel Project Management App multiple SQL injection vulnerabilities in the 'entities/fields' page

Summary Multiple exploitable SQL injection vulnerabilities exist in the ‘entities/fields’ page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities, this can b...

8.8CVSS6.4AI score0.00968EPSS
Exploits3
Talos
Talos
added 2021/04/08 12:0 a.m.244 views

Rukovoditel Project Management App application SQL injection vulnerability in the 'access_rules/rules_form' page

Summary An exploitable SQL injection vulnerability exists in the ‘‘accessrules/rulesform’ page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be...

8.8CVSS7.3AI score0.01507EPSS
Exploits1
Talos
Talos
added 2021/04/08 12:0 a.m.50 views

Dream Report platform privilege escalation vulnerability

Summary Multiple privilege escalation vulnerabilities exist in Dream Report 5 R20-2. A specially crafted executable can cause elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Dream Report 5 R20-2 Product URLs https://dreamreport.net/...

9.3CVSS8.2AI score0.00889EPSS
Exploits3
Talos
Talos
added 2021/04/08 12:0 a.m.242 views

Rukovoditel Project Management App application SQL injection vulnerability in the 'global_lists/choices' page

Summary An exploitable SQL injection vulnerability exists in ‘globallists/choices’ page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done...

8.8CVSS7.3AI score0.01507EPSS
Exploits1
Talos
Talos
added 2021/04/08 12:0 a.m.245 views

Rukovoditel Project Management App SQL injection vulnerability in the 'forms_fields_rules/rules' page

Summary An exploitable SQL injection vulnerability exists in the ‘formsfieldsrules/rules’ page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be...

8.8CVSS7.4AI score0.01507EPSS
Exploits1
Talos
Talos
added 2021/03/30 12:0 a.m.44 views

Accusoft ImageGear SGI format buffer size processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the SGI format buffer size processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft...

9.8CVSS9.2AI score0.01257EPSS
Exploits1
Talos
Talos
added 2021/03/30 12:0 a.m.46 views

Accusoft ImageGear TIFF Header count processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the TIFF header count-processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft...

8.1CVSS8.2AI score0.00678EPSS
Exploits1
Talos
Talos
added 2021/03/30 12:0 a.m.29 views

Accusoft ImageGear SGI Format Buffer Size Processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the SGI Format Buffer Size Processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft...

9.8CVSS9AI score0.01325EPSS
Exploits1
Talos
Talos
added 2021/03/24 12:0 a.m.58 views

Genivia gSOAP WS-Addressing plugin code execution vulnerability redux

Talos Vulnerability Report TALOS-2021-1245 Genivia gSOAP WS-Addressing plugin code execution vulnerability redux March 24, 2021 CVE Number CVE-2021-21783 Summary A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP...

9.8CVSS10AI score0.04983EPSS
Exploits1
Talos
Talos
added 2021/03/16 12:0 a.m.33 views

Accusoft ImageGear PSD read_icc_icCurve_data heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the PSD readiccicCurvedata functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to an integer overflow that, in turn, leads to a heap buffer overflow. An attacker can provide a malicious file to trigger...

9.8CVSS9.5AI score0.01407EPSS
Exploits1
Talos
Talos
added 2021/03/10 12:0 a.m.31 views

3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability

Summary A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions 3MF Consortium...

8.1CVSS8AI score0.04339EPSS
Exploits1
Talos
Talos
added 2021/03/10 12:0 a.m.26 views

3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability

Talos Vulnerability Report TALOS-2021-1226 3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP use-after-free vulnerability March 10, 2021 CVE Number CVE-2021-21772 SUMMARY A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf...

8.1CVSS8AI score0.04339EPSS
Exploits1
Talos
Talos
added 2021/03/02 12:0 a.m.177 views

Accusoft ImageGear JPG format SOF marker processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the JPG format SOF marker processing of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.8...

9.8CVSS8AI score0.00807EPSS
Exploits1
Talos
Talos
added 2021/02/24 12:0 a.m.97 views

CGAL libcgal multiple code execution vulnerabilities in Nef polygon-parsing code

Summary Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigg...

9.2AI score
Exploits0
Talos
Talos
added 2021/02/24 12:0 a.m.25 views

Slic3r libslic3r Obj File TriangleMesh::TriangleMesh() out-of-bounds read vulnerability

Summary An out-of-bounds read vulnerability exists in the Obj File TriangleMesh::TriangleMesh functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted obj file could lead to information disclosure. An attacker can provide a malicious file to trigger this...

8.6CVSS6.5AI score0.01342EPSS
Exploits1
Talos
Talos
added 2021/02/23 12:0 a.m.28 views

Openscad import_stl.cc:import_stl() out-of-bounds stack write vulnerability

Summary An out-of-bounds write vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Openscad...

8.8CVSS7.8AI score0.01274EPSS
Exploits1
Talos
Talos
added 2021/02/23 12:0 a.m.42 views

Openscad import_stl.cc:import_stl() stack-based buffer overflow vulnerability

Summary A stack-based buffer overflow vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Openscad...

8.8CVSS8AI score0.01956EPSS
Exploits1
Talos
Talos
added 2021/02/19 12:0 a.m.72 views

Sytech XL reporter installation privilege escalation vulnerability

Summary An exploitable local privilege elevation vulnerability exists in the file system permissions of Sytech XL Reporter v14.0.1 install directory. Depending on the vector chosen, an attacker can overwrite service executables and execute arbitrary code with privileges of user set to run the...

8.8CVSS8.3AI score0.00465EPSS
Exploits1
Talos
Talos
added 2021/02/16 12:0 a.m.96 views

Advantech WebAccess/SCADA installation privilege escalation vulnerability

Summary Multiple exploitable local privilege elevation vulnerabilities exist in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. Depending on the vector chosen, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege. Tested...

8.8CVSS9AI score0.00504EPSS
Exploits3
Talos
Talos
added 2021/02/16 12:0 a.m.52 views

Advantech WebAccess/SCADA installation local file inclusion

Summary A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability. Tested Versions Advantech...

7.7CVSS7.3AI score0.03488EPSS
Exploits1
Talos
Talos
added 2021/02/09 12:0 a.m.131 views

Accusoft ImageGear TIFF index record out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.8 Product URLs...

9.8CVSS9AI score0.01855EPSS
Exploits1
Talos
Talos
added 2021/02/09 12:0 a.m.41 views

Accusoft ImageGear SGI RLE decompression out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2020-1182 Accusoft ImageGear SGI RLE decompression out-of-bounds write vulnerability February 9, 2021 CVE Number CVE-2020-13571 Summary An out-of-bounds write vulnerability exists in the SGI RLE decompression functionality of Accusoft ImageGear 19.8. A specially...

9.8CVSS8.9AI score0.01959EPSS
Exploits1
Talos
Talos
added 2021/02/09 12:0 a.m.50 views

Accusoft ImageGear PSD Header processing out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the PSD Header processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.8...

9.8CVSS8.9AI score0.01855EPSS
Exploits1
Talos
Talos
added 2021/02/05 12:0 a.m.125 views

Accusoft ImageGear GIF LZW decoder heap overflow vulnerability

Summary A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this...

9.8CVSS9.1AI score0.01917EPSS
Exploits1
Talos
Talos
added 2021/02/03 12:0 a.m.140 views

SoftMaker Office PlanMaker Document Records 0x8011 and 0x820a integer overflow vulnerability

Summary An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap...

8.8CVSS7.9AI score0.72559EPSS
Exploits1
Talos
Talos
added 2021/02/03 12:0 a.m.150 views

SoftMaker Office PlanMaker Document Record 0x8010 out-of-bounds write vulnerability

Summary An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it...

8.8CVSS7.9AI score0.72559EPSS
Exploits1
Talos
Talos
added 2021/02/03 12:0 a.m.140 views

SoftMaker Office PlanMaker Document Record 0x800d memory corruption vulnerability

Summary An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is...

8.8CVSS7.9AI score0.01032EPSS
Exploits1
Talos
Talos
added 2021/02/03 12:0 a.m.157 views

SoftMaker Office PlanMaker Excel document CEscherObject::ReadNativeProperties multiple heap buffer overflow vulnerabilities

Summary An exploitable heap-based buffer overflow vulnerability exists in the Office Art record-parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer...

7.8AI score
Exploits0
Talos
Talos
added 2021/02/03 12:0 a.m.169 views

SoftMaker Office PlanMaker Excel document record 0x00fc memory corruption vulnerability

Summary A memory corruption vulnerability exists in the Excel Document SST Record 0x00fc functionality of SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 Revision 1014. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigg...

8.8CVSS8.1AI score0.01525EPSS
Exploits1
Talos
Talos
added 2021/02/02 12:0 a.m.113 views

Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Network Segment Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the ENIP Request Path Network Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

7.5CVSS7.4AI score0.03454EPSS
Exploits1
Talos
Talos
added 2021/01/27 12:0 a.m.52 views

OpenEMR GACL cross-site request forgery vulnerability

Summary A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 commit babec93f600ff1394f91ccd512bcad85832eb6ce. A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An...

8.8CVSS9.2AI score0.03029EPSS
Exploits1
Talos
Talos
added 2021/01/27 12:0 a.m.68 views

phpGACL template multiple cross-site scripting vulnerabilities

Summary Multiple cross-site scripting vulnerabilities exist in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability. Tested Versions phpGACL 3.3.7 OpenEMR 5.0.2...

9.6CVSS6.7AI score0.77745EPSS
Exploits3
Talos
Talos
added 2021/01/27 12:0 a.m.50 views

phpGACL database multiple SQL injection vulnerabilities

Summary Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OpenEMR 5.0.2 OpenEMR development version 6.0.0 commit...

9.8CVSS9.3AI score0.02308EPSS
Exploits2
Talos
Talos
added 2021/01/27 12:0 a.m.30 views

phpGACL return_page redirection open redirect vulnerability

Summary An open redirect vulnerability exists in the returnpage redirection functionality of phpGACL 3.3.7. A specially crafted HTTP request can redirect users to an arbitrary URL. An attacker can provide a crafted URL to trigger this vulnerability. Tested Versions OpenEMR 5.0.2 OpenEMR developme...

6.1CVSS6.3AI score0.01879EPSS
Exploits1
Total number of security vulnerabilities2224