Lucene search
K

2224 matches found

Talos
Talos
added 2020/08/31 12:0 a.m.73 views

OS4Ed openSIS GetSchool.php SQL injection Vulnerability

Summary An exploitable SQL injection vulnerability exists in the GetSchool.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.3 Produc...

8.8CVSS7.8AI score0.01803EPSS
Exploits1
Talos
Talos
added 2020/08/31 12:0 a.m.101 views

OS4Ed openSIS course_period_id parameter multiple SQL injection vulnerabilities

Summary Multiple exploitable SQL injection vulnerabilities exist in the courseperiodid parameters used in OS4Ed openSIS 7.3 pages. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities. Tested Versions OS4Ed...

8.8CVSS8.1AI score0.01403EPSS
Exploits3
Talos
Talos
added 2020/08/31 12:0 a.m.105 views

OS4Ed openSIS CoursePeriodModal.php page multiple SQL injection vulnerabilities

Summary Multiple exploitable SQL injection vulnerabilities exist in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger these vulnerabilities. Tested Versions OS4Ed openSIS 7...

8.8CVSS8.1AI score0.01766EPSS
Exploits3
Talos
Talos
added 2020/08/31 12:0 a.m.79 views

OS4Ed openSIS Modules.php remote code execution vulnerability

Summary A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can cause local file inclusion. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.3 Product URLs...

9.9CVSS9.7AI score0.0924EPSS
Exploits1
Talos
Talos
added 2020/08/31 12:0 a.m.73 views

OS4Ed openSIS install remote code execution vulnerability

Summary A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. A specially crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.4 Product URLs...

10CVSS10AI score0.06172EPSS
Exploits2
Talos
Talos
added 2020/08/31 12:0 a.m.101 views

OS4Ed openSIS email parameter SQL injection vulnerability

Summary An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.3...

8.8CVSS7.7AI score0.01403EPSS
Exploits2
Talos
Talos
added 2020/08/31 12:0 a.m.72 views

OS4Ed openSIS Validator.php SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exists in the Validator.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.3 Produc...

8.8CVSS7.9AI score0.01803EPSS
Exploits1
Talos
Talos
added 2020/08/31 12:0 a.m.85 views

OS4Ed openSIS Password Reset Multiple SQL injection vulnerabilities

Summary Multiple SQL injection vulnerabilities exist in the password reset functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions OS4Ed openSIS 7.3 Product URLs...

9.8CVSS9.9AI score0.02634EPSS
Exploits3
Talos
Talos
added 2020/08/30 12:0 a.m.59 views

NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV2 code execution vulnerability

Summary An exploitable code execution vulnerability exists in the nvwg MOV2 functionality of NVIDIA D3D10 Driver Version 442.50 - 26.21.14.4250. A specially crafted shader can cause remote code execution. An attacker can use this vulnerability to guest-to-host escape through Hyper-V RemoteFX...

7.8CVSS8AI score0.00359EPSS
Exploits0
Talos
Talos
added 2020/08/26 12:0 a.m.32 views

atftpd daemon Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert call resulting in denial-of-service. An attacker can send a sequence of malicious packets to...

7.5CVSS7.5AI score0.02399EPSS
Exploits1
Talos
Talos
added 2020/08/24 12:0 a.m.48 views

Microsoft Azure Sphere Capability access control privilege escalation vulnerability

Talos Vulnerability Report TALOS-2020-1133 Microsoft Azure Sphere Capability access control privilege escalation vulnerability August 24, 2020 CVE Number None SUMMARY A privilege escalation vulnerability exists in the Capability access control functionality of Microsoft Azure Sphere 20.06. A set ...

7.3AI score
Exploits0
Talos
Talos
added 2020/08/24 12:0 a.m.44 views

Google Chrome WebGL code execution vulnerability

Summary A use-after-free read vulnerability exists in Google Chrome 81.0.4044.138 Stable, 84.0.4136.5 Dev and 84.0.4143.7 Canary, when a WebGL component fails to properly handle objects in memory. Successful exploitation of this vulnerability can lead to arbitrary code execution in the context of...

9.6CVSS9.6AI score0.00699EPSS
Exploits1
Talos
Talos
added 2020/08/24 12:0 a.m.54 views

Microsoft Azure Sphere Normal World application READ_IMPLIES_EXEC personality unsigned code execution vulnerability

Summary A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.06. A specially crafted shellcode can cause a process’ heap to become executable. An attacker can execute a shellcode that sets the READIMPLIESEXEC personality to...

7.8CVSS7.4AI score0.01281EPSS
Exploits0
Talos
Talos
added 2020/08/24 12:0 a.m.51 views

Microsoft Azure Sphere uid_map UID uniqueness privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the uidmap functionality of Microsoft Azure Sphere 20.06. A specially crafted uidmap file can cause multiple applications to get the same UID assigned, thus broadening the attack surface. An attacker can modify the uidmap file to trigger this...

6.8CVSS6.1AI score0.00826EPSS
Exploits0
Talos
Talos
added 2020/08/24 12:0 a.m.50 views

Microsoft Azure Sphere Normal World application /proc/thread-self/mem unsigned code execution vulnerability

Summary A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted shellcode can cause a process’ non-writable memory to be written. An attacker can execute a shellcode that modifies the program at runtime v...

7.8CVSS7.4AI score0.01254EPSS
Exploits0
Talos
Talos
added 2020/08/20 12:0 a.m.54 views

Internet Systems Consortium's BIND TCP Receive Buffer Length Assertion Check Denial of Service Vulnerability

Summary An assertion failure exists within the Internet Systems Consortium’s BIND server versions 9.16.1 through 9.17.1 when processing TCP traffic via the libuv library. Due to a length specified within a callback for the library, flooding the server’s TCP port used for larger DNS requests AXFR...

7.5CVSS7.3AI score0.03663EPSS
Exploits0
Talos
Talos
added 2020/08/18 12:0 a.m.141 views

ERPNext frappe.desk.reportview.get SQL injection vulnerability

Talos Vulnerability Report TALOS-2020-1091 ERPNext frappe.desk.reportview.get SQL injection vulnerability August 18, 2020 CVE Number CVE-2020-6145 SUMMARY An SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.1.38. A specially crafted HTTP request can...

8.8CVSS7.9AI score0.01803EPSS
Exploits1
Talos
Talos
added 2020/08/04 12:0 a.m.56 views

SoftPerfect RAM Disk spvve.sys 0x222024 information disclosure vulnerability

Talos Vulnerability Report TALOS-2020-1122 SoftPerfect RAM Disk spvve.sys 0x222024 information disclosure vulnerability August 4, 2020 CVE Number CVE-2020-13523 SUMMARY An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. A specially crafted I...

3.8CVSS3.8AI score0.00489EPSS
Exploits1
Talos
Talos
added 2020/08/04 12:0 a.m.46 views

SoftPerfect RAM Disk spvve.sys 0x222004 arbitrary file deletion vulnerability

Talos Vulnerability Report TALOS-2020-1121 SoftPerfect RAM Disk spvve.sys 0x222004 arbitrary file deletion vulnerability August 4, 2020 CVE Number CVE-2020-13522 SUMMARY An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O...

8.8CVSS7.2AI score0.00455EPSS
Exploits1
Talos
Talos
added 2020/07/31 12:0 a.m.34 views

Microsoft Azure Sphere Normal World application ptrace unsigned code execution vulnerability

Summary A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.05. A specially crafted shellcode can cause a process’ non-writable memory to be written. An attacker can execute a shellcode that uses the ptrace system call to...

7.3CVSS7.3AI score0.01673EPSS
Exploits1
Talos
Talos
added 2020/07/31 12:0 a.m.64 views

Microsoft Azure Sphere asynchronous ioctl denial-of-service vulnerability

Summary A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write a shellcode to trigger this vulnerability. Tested Versions Microsoft Azure...

5.5CVSS5.5AI score0.01314EPSS
Exploits1
Talos
Talos
added 2020/07/31 12:0 a.m.57 views

Microsoft Azure Sphere AF_AZSPIO socket memory corruption vulnerability

Summary A memory corruption vulnerability exists in the AFAZSPIO socket functionality of Microsoft Azure Sphere 20.05. A sequence of socket operations can cause a double-free and out-of-bounds read in the kernel. An attacker can write a shellcode to trigger this vulnerability. Tested Versions...

8.8CVSS8AI score0.01378EPSS
Exploits1
Talos
Talos
added 2020/07/31 12:0 a.m.63 views

Microsoft Azure Sphere mtd character device driver privilege escalation vulnerability

Summary An arbitrary flash write vulnerability exists in the mtd character device driver of Microsoft Azure Sphere 20.06. A specially crafted ioctl can bypass file permissions and allow writes to flash by unauthorized users. An attacker can issue a MEMWRITE ioctl to trigger this vulnerability...

7.2CVSS6.7AI score0.01216EPSS
Exploits1
Talos
Talos
added 2020/07/31 12:0 a.m.58 views

Microsoft Azure Sphere ASXipFS inode type privilege escalation vulnerability

Talos Vulnerability Report TALOS-2020-1131 Microsoft Azure Sphere ASXipFS inode type privilege escalation vulnerability July 31, 2020 CVE Number None SUMMARY A privilege escalation vulnerability exists in the ASXipFS inode type functionality of Microsoft Azure Sphere 20.06. A specially crafted...

7.2AI score
Exploits0
Talos
Talos
added 2020/07/31 12:0 a.m.45 views

Microsoft Azure Sphere Normal World application /proc/self/mem unsigned code execution vulnerability

Summary A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.05. A specially crafted shellcode can cause a process’ non-writable memory to be written. An attacker can execute a shellcode that modifies the program at runtime v...

7.3CVSS7.4AI score0.01614EPSS
Exploits1
Talos
Talos
added 2020/07/31 12:0 a.m.62 views

Microsoft Azure Sphere kernel message ring buffer Information Disclosure Vulnerability

Summary An information disclosure vulnerability exists in the kernel message ring buffer functionality of Microsoft Azure Sphere 20.05. Unprivileged users can access the kernel message ring buffer, which can potentially leak sensitive information, such as kernel or userland memory addresses. An...

6.2CVSS6.3AI score0.0144EPSS
Exploits0
Talos
Talos
added 2020/07/28 12:0 a.m.52 views

freeDiameter freeDiameterd Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2020-1030 freeDiameter freeDiameterd Denial of Service Vulnerability July 28, 2020 CVE Number CVE-2020-6098 SUMMARY An exploitable denial of service vulnerability exists in the freeDiameterd functionality of freeDiameter 1.3.2. A specially crafted Diameter request...

7.5CVSS7.8AI score0.01763EPSS
Exploits1
Talos
Talos
added 2020/07/15 12:0 a.m.42 views

Siemens LOGO! Web Server Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the Web Server functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted HTTP request can cause memory corruption resulting in a code execution. An attacker can send an unauthenticated...

9.8CVSS10AI score0.09071EPSS
Exploits1
Talos
Talos
added 2020/07/14 12:0 a.m.31 views

AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality DCL_OUTPUT Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be...

9.9CVSS9.7AI score0.02781EPSS
Exploits1
Talos
Talos
added 2020/07/14 12:0 a.m.36 views

Intel IGC64.DLL shader functionality DCL_INDEXABLETEMP code execution vulnerability

Summary An exploitable memory corruption vulnerability exists in Intel’s IGC64.DLL graphics driver, version 26.20.100.7584. A specially crafted vertex shader can cause an out-of-bounds write, which could lead to arbitrary code execution. An attacker can provide a specially crafted shader file to...

9CVSS9.2AI score0.06903EPSS
Exploits0
Talos
Talos
added 2020/07/14 12:0 a.m.58 views

AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality RESOURCE Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be...

9.9CVSS9.7AI score0.02781EPSS
Exploits1
Talos
Talos
added 2020/07/14 12:0 a.m.111 views

Intel IGC64.DLL shader functionality ATOMIC_ADD code execution vulnerability

Summary An exploitable memory corruption vulnerability exists in Intel’s IGC64.DLL graphics driver, version 26.20.100.7584. A specially crafted vertex shader can cause an out-of-bounds write, which could lead to arbitrary code execution. An attacker can provide a specially crafted shader file to...

9CVSS9.3AI score0.06185EPSS
Exploits0
Talos
Talos
added 2020/07/14 12:0 a.m.33 views

Intel IGC64.DLL Shader Functionality hull shader denial of service vulnerability

Summary An exploitable denial of service vulnerability exists in Intel IGC64.DLL graphics driver. A specially crafted hull shader can cause a NULL pointer dereference. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability could potentially be...

9CVSS8.6AI score0.05466EPSS
Exploits0
Talos
Talos
added 2020/07/14 12:0 a.m.35 views

Intel IGC64.DLL Shader Functionality HeapReAlloc code execution vulnerability

Summary An exploitable double free vulnerability exists in Intel’s IGC64.DLL graphics driver, version 26.20.100.7584. A specially crafted geometry shader can cause a double free vulnerability, leading to arbitrary code execution. An attacker can provide a specially crafted shader file to trigger...

9CVSS9AI score0.05532EPSS
Exploits0
Talos
Talos
added 2020/07/14 12:0 a.m.39 views

Intel IGC64.DLL Shader Functionality DCL_OUTPUT code execution vulnerability

Summary An exploitable memory corruption vulnerability exists in Intel’s IGC64.DLL graphics driver, version 26.20.100.7584. A specially crafted vertex shader can cause an out-of-bounds write, which could lead to arbitrary code execution. An attacker can provide a specially crafted shader file to...

9CVSS9.2AI score0.05466EPSS
Exploits0
Talos
Talos
added 2020/07/14 12:0 a.m.50 views

AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality ROUND_NI Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be...

9.9CVSS9.7AI score0.02781EPSS
Exploits1
Talos
Talos
added 2020/07/14 12:0 a.m.39 views

Intel IGC64.DLL shader functionality realloc code execution vulnerability

Summary An exploitable pointer corruption vulnerability exists in Intel’s IGC64.DLL graphics driver, version 26.20.100.7584. A specially crafted vertex shader can corrupt a pointer, which could lead to arbitrary code execution. An attacker can provide a specially crafted shader file to trigger th...

9CVSS9.1AI score0.05466EPSS
Exploits0
Talos
Talos
added 2020/07/14 12:0 a.m.44 views

AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality MOV REG Code Execution Vulnerability

Summary An exploitable memory corruption vulnerability exists in AMD atidxx64.dll graphics driver. A specially crafted pixel shader can cause memory corruption vulnerability. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability potentially coul...

9.9CVSS9.6AI score0.02081EPSS
Exploits1
Talos
Talos
added 2020/07/10 12:0 a.m.42 views

Glacies IceHRM Admin Reports SQL injection Vulnerability

Summary An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS Commit bb274de1751ffb9d09482fd2538f9950a94c510a . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this...

7.2CVSS7.2AI score0.01727EPSS
Exploits1
Talos
Talos
added 2020/07/02 12:0 a.m.100 views

Google Chrome PDFium Javascript Regexp Memory Corruption Vulnerability

Summary An exploitable memory corruption vulnerability exists in the way PDFium inside Google Chrome version 80.0.3987.158 executes Javascript regular expressions. The vulnerability could potentially be abused to achieve arbitrary code execution in the browser context. In order to trigger this...

8.8CVSS9.3AI score0.01326EPSS
Exploits0
Talos
Talos
added 2020/07/01 12:0 a.m.30 views

Mozilla Firefox URL mPath Information Disclosure Vulnerability

Summary An information disclosure vulnerability exists in the URL mPath functionality of Mozilla Firefox Firefox Nightly Version 78.0a1 x64 and Firefox Release Version 76.0.2 x64. A specially crafted URL object can cause an out-of-bounds read. An attacker can visit a webpage to trigger this...

6.5CVSS7.9AI score0.03034EPSS
Exploits0
Talos
Talos
added 2020/07/01 12:0 a.m.36 views

Leadtools Image Parser Animated Icon Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Leadtools ...

8.8CVSS8.5AI score0.02669EPSS
Exploits1
Talos
Talos
added 2020/06/24 12:0 a.m.40 views

NVIDIA NVWGF2UMX_CFG.DLL shader functionality denial-of-service vulnerability

Summary An exploitable denial of service vulnerability exists in NVIDIA NVWGF2UMXCFG.DLL version 26.21.14.4128 and 26.21.14.4166 on NVIDIA D3D10 and version 441.28 and 441.66 on NVIDIA Quadro K620. A specially crafted pixel shader can cause denial of service issues. An attacker can provide a...

5.5CVSS6AI score0.00338EPSS
Exploits0
Talos
Talos
added 2020/06/10 12:0 a.m.40 views

Mozilla Firefox SharedWorkerService Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the SharedWorkerService functionality of Mozilla Firefox 76.0a1 2020-04-01 x64. A specially crafted HTML web page can cause a use after free condition, resulting in a remote code execution. The victim needs to visit malicious web site ...

5.3CVSS7.8AI score0.01352EPSS
Exploits1
Talos
Talos
added 2020/06/10 12:0 a.m.30 views

Microsoft Office Excel PivotField code execution vulnerability

Summary An exploitable use-after-free vulnerability exists in Excel application of Microsoft Office Professional Plus 2016 x86, version 2002, build 12527.20242 and Microsoft Office 365 ProPlus x86, version 1908, build 11929.20606. A specially crafted XLS file can cause a use after free condition,...

9.3CVSS8.6AI score0.17157EPSS
Exploits0
Talos
Talos
added 2020/06/10 12:0 a.m.198 views

WAGO PFC 200 Web-Based Management (WBM) Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the Web-Based Management WBM functionality of WAGO PFC 200 03.03.1015. A specially crafted series of HTTP requests can cause code execution resulting in remote code execution. An attacker can make an authenticated HTTP request to trigg...

9CVSS7.6AI score0.02056EPSS
Exploits0
Talos
Talos
added 2020/06/10 12:0 a.m.54 views

Microsoft Office Excel HTML and XML Table Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the HTML and XML Table functionality of Excel in Microsoft Office 2016 Professional Plus, version 2002, build 12527.20242 x86 and Microsoft Office 365 Pro Plus x86, version 1908, build 11929.20606. A specially crafted malformed file ca...

9.3CVSS8.6AI score0.17157EPSS
Exploits0
Talos
Talos
added 2020/06/09 12:0 a.m.30 views

Siemens LOGO! TDE service "NFSAccess" Delete Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the TDE service functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted network request can cause be used to delete critical system data resulting in a denial of service. An attacker...

9.1CVSS9.1AI score0.0199EPSS
Exploits0
Talos
Talos
added 2020/06/09 12:0 a.m.22 views

Siemens LOGO! TDE service "NFSAccess" Upload File Write Vulnerability

Summary An exploitable file write vulnerability exists in the TDE service functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted network request can upload or overwrite file content to the local SD card. An attacker can send a sequence of maliciou...

9.1CVSS9.1AI score0.0199EPSS
Exploits0
Talos
Talos
added 2020/06/09 12:0 a.m.26 views

Siemens LOGO! TDE service "DELETEPROG" Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the TDE service functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted network request can cause erased information resulting in a denial of service. An attacker can send an...

9.1CVSS9AI score0.0199EPSS
Exploits0
Total number of security vulnerabilities2224