2205 matches found
Microsoft Azure Sphere mtd character device driver privilege escalation vulnerability
Summary An arbitrary flash write vulnerability exists in the mtd character device driver of Microsoft Azure Sphere 20.06. A specially crafted ioctl can bypass file permissions and allow writes to flash by unauthorized users. An attacker can issue a MEMWRITE ioctl to trigger this vulnerability...
Microsoft Azure Sphere Normal World application /proc/self/mem unsigned code execution vulnerability
Summary A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.05. A specially crafted shellcode can cause a process’ non-writable memory to be written. An attacker can execute a shellcode that modifies the program at runtime v...
Microsoft Azure Sphere kernel message ring buffer Information Disclosure Vulnerability
Summary An information disclosure vulnerability exists in the kernel message ring buffer functionality of Microsoft Azure Sphere 20.05. Unprivileged users can access the kernel message ring buffer, which can potentially leak sensitive information, such as kernel or userland memory addresses. An...
Microsoft Azure Sphere Normal World application ptrace unsigned code execution vulnerability
Summary A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.05. A specially crafted shellcode can cause a process’ non-writable memory to be written. An attacker can execute a shellcode that uses the ptrace system call to...
Microsoft Azure Sphere AF_AZSPIO socket memory corruption vulnerability
Summary A memory corruption vulnerability exists in the AFAZSPIO socket functionality of Microsoft Azure Sphere 20.05. A sequence of socket operations can cause a double-free and out-of-bounds read in the kernel. An attacker can write a shellcode to trigger this vulnerability. Tested Versions...
Microsoft Azure Sphere ASXipFS inode type privilege escalation vulnerability
Talos Vulnerability Report TALOS-2020-1131 Microsoft Azure Sphere ASXipFS inode type privilege escalation vulnerability July 31, 2020 CVE Number None SUMMARY A privilege escalation vulnerability exists in the ASXipFS inode type functionality of Microsoft Azure Sphere 20.06. A specially crafted...
Microsoft Azure Sphere asynchronous ioctl denial-of-service vulnerability
Summary A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write a shellcode to trigger this vulnerability. Tested Versions Microsoft Azure...
freeDiameter freeDiameterd Denial of Service Vulnerability
Talos Vulnerability Report TALOS-2020-1030 freeDiameter freeDiameterd Denial of Service Vulnerability July 28, 2020 CVE Number CVE-2020-6098 SUMMARY An exploitable denial of service vulnerability exists in the freeDiameterd functionality of freeDiameter 1.3.2. A specially crafted Diameter request...
Siemens LOGO! Web Server Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the Web Server functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted HTTP request can cause memory corruption resulting in a code execution. An attacker can send an unauthenticated...
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality RESOURCE Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be...
Intel IGC64.DLL Shader Functionality hull shader denial of service vulnerability
Summary An exploitable denial of service vulnerability exists in Intel IGC64.DLL graphics driver. A specially crafted hull shader can cause a NULL pointer dereference. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability could potentially be...
Intel IGC64.DLL Shader Functionality HeapReAlloc code execution vulnerability
Summary An exploitable double free vulnerability exists in Intel’s IGC64.DLL graphics driver, version 26.20.100.7584. A specially crafted geometry shader can cause a double free vulnerability, leading to arbitrary code execution. An attacker can provide a specially crafted shader file to trigger...
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality ROUND_NI Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be...
Intel IGC64.DLL Shader Functionality DCL_OUTPUT code execution vulnerability
Summary An exploitable memory corruption vulnerability exists in Intel’s IGC64.DLL graphics driver, version 26.20.100.7584. A specially crafted vertex shader can cause an out-of-bounds write, which could lead to arbitrary code execution. An attacker can provide a specially crafted shader file to...
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality MOV REG Code Execution Vulnerability
Summary An exploitable memory corruption vulnerability exists in AMD atidxx64.dll graphics driver. A specially crafted pixel shader can cause memory corruption vulnerability. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability potentially coul...
Intel IGC64.DLL shader functionality realloc code execution vulnerability
Summary An exploitable pointer corruption vulnerability exists in Intel’s IGC64.DLL graphics driver, version 26.20.100.7584. A specially crafted vertex shader can corrupt a pointer, which could lead to arbitrary code execution. An attacker can provide a specially crafted shader file to trigger th...
Intel IGC64.DLL shader functionality ATOMIC_ADD code execution vulnerability
Summary An exploitable memory corruption vulnerability exists in Intel’s IGC64.DLL graphics driver, version 26.20.100.7584. A specially crafted vertex shader can cause an out-of-bounds write, which could lead to arbitrary code execution. An attacker can provide a specially crafted shader file to...
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality DCL_OUTPUT Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be...
Intel IGC64.DLL shader functionality DCL_INDEXABLETEMP code execution vulnerability
Summary An exploitable memory corruption vulnerability exists in Intel’s IGC64.DLL graphics driver, version 26.20.100.7584. A specially crafted vertex shader can cause an out-of-bounds write, which could lead to arbitrary code execution. An attacker can provide a specially crafted shader file to...
Glacies IceHRM Admin Reports SQL injection Vulnerability
Summary An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS Commit bb274de1751ffb9d09482fd2538f9950a94c510a . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this...
Google Chrome PDFium Javascript Regexp Memory Corruption Vulnerability
Summary An exploitable memory corruption vulnerability exists in the way PDFium inside Google Chrome version 80.0.3987.158 executes Javascript regular expressions. The vulnerability could potentially be abused to achieve arbitrary code execution in the browser context. In order to trigger this...
Leadtools Image Parser Animated Icon Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Leadtools ...
Mozilla Firefox URL mPath Information Disclosure Vulnerability
Summary An information disclosure vulnerability exists in the URL mPath functionality of Mozilla Firefox Firefox Nightly Version 78.0a1 x64 and Firefox Release Version 76.0.2 x64. A specially crafted URL object can cause an out-of-bounds read. An attacker can visit a webpage to trigger this...
NVIDIA NVWGF2UMX_CFG.DLL shader functionality denial-of-service vulnerability
Summary An exploitable denial of service vulnerability exists in NVIDIA NVWGF2UMXCFG.DLL version 26.21.14.4128 and 26.21.14.4166 on NVIDIA D3D10 and version 441.28 and 441.66 on NVIDIA Quadro K620. A specially crafted pixel shader can cause denial of service issues. An attacker can provide a...
Microsoft Office Excel PivotField code execution vulnerability
Summary An exploitable use-after-free vulnerability exists in Excel application of Microsoft Office Professional Plus 2016 x86, version 2002, build 12527.20242 and Microsoft Office 365 ProPlus x86, version 1908, build 11929.20606. A specially crafted XLS file can cause a use after free condition,...
Mozilla Firefox SharedWorkerService Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the SharedWorkerService functionality of Mozilla Firefox 76.0a1 2020-04-01 x64. A specially crafted HTML web page can cause a use after free condition, resulting in a remote code execution. The victim needs to visit malicious web site ...
Microsoft Office Excel HTML and XML Table Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the HTML and XML Table functionality of Excel in Microsoft Office 2016 Professional Plus, version 2002, build 12527.20242 x86 and Microsoft Office 365 Pro Plus x86, version 1908, build 11929.20606. A specially crafted malformed file ca...
WAGO PFC 200 Web-Based Management (WBM) Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the Web-Based Management WBM functionality of WAGO PFC 200 03.03.1015. A specially crafted series of HTTP requests can cause code execution resulting in remote code execution. An attacker can make an authenticated HTTP request to trigg...
Siemens LOGO! TDE service "DELETEPROG" Denial of Service Vulnerability
Summary An exploitable denial of service vulnerability exists in the TDE service functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted network request can cause erased information resulting in a denial of service. An attacker can send an...
Siemens LOGO! TDE service "NFSAccess" Upload File Write Vulnerability
Summary An exploitable file write vulnerability exists in the TDE service functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted network request can upload or overwrite file content to the local SD card. An attacker can send a sequence of maliciou...
Siemens LOGO! TDE service "NFSAccess" Delete Denial of Service Vulnerability
Summary An exploitable denial of service vulnerability exists in the TDE service functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted network request can cause be used to delete critical system data resulting in a denial of service. An attacker...
Zoom Client Application Chat Code Snippet Remote Code Execution Vulnerability
Summary An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused to achieve arbitrary code execution. An attacke...
Zoom client application chat Giphy arbitrary file write
Summary An exploitable path traversal vulnerability exists in the Zoom client, version 4.6.10 processes messages including animated GIFs. A specially crafted chat message can cause an arbitrary file write, which could potentially be abused to achieve arbitrary code execution. An attacker needs to...
Webkit fireEventListeners use-after-free vulnerability
Summary An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.3 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in remote code execution. The victim needs to visit a malicious web site to trigger the vulnerability. Tested...
VMware Workstation 15 shader functionality round_ni denial of service vulnerability
Summary An exploitable denial of service vulnerability exists in VMware Workstation 15.5.0 build-14665864. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered fro...
GNU glibc ARMv7 memcpy() memory corruption vulnerability
Summary An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the ‘num’ parameter results in a signed comparison vulnerability. If an attacker...
Epson EB-1470Ui ESPON Web Control Authentication Bypass Vulnerability
Summary An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can...
Nitro Pro PDF Javascript XML error handling Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling. A specially crafted PDF document can cause uninitialized memory access resulting in information disclosure. In order to trigger this vulnerability, victim must open a...
Nitro Pro PDF Pattern Object Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary code execution. In order to trigger this vulnerability, victim must open a malicious file...
Nitro PRO PDF nested pages remote code execution vulnerability
Summary An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. A specially crafted PDF document can cause a use-after-free which can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Nitro...
Synology SRM SafeAccess 1.2.1-0220 code execution Vvulnerability
Summary An exploitable code execution vulnerability exists in the SafeAccess 1.2.1-0220 package of Synology SRM 1.2.3 RT2600ac 8017-5. A specially crafted domain access request can lead to an SQL injection. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Synolo...
Microsoft Office Excel s_Schema Code Execution Vulnerability
Talos Vulnerability Report TALOS-2020-1015 Microsoft Office Excel sSchema Code Execution Vulnerability May 12, 2020 CVE Number CVE-2020-0901 Summary An exploitable code execution vulnerability exists in the Excel sSchema functionality of Microsoft Corporation Microsoft Office 2001 build 12430.202...
Adobe Acrobat Reader DC Javascript submitForm Remote Code Execution Vulnerability
Summary A specific JavaScript code embedded in a PDF file can lead to out of bounds memory access when opening a PDF document in Adobe Acrobat Reader DC 2020.006.20034. With careful memory manipulation, this can lead to sensitive information disclose as well as memory corruption which can lead to...
Adobe Acrobat Reader DC Annotation Destroy Remote Code Execution
Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC 2020.006.20034. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need...
Synology SRM DHCP monitor hostname parsing Denial of Service Vulnerability
Summary An exploitable denial of service vulnerability exists in the DHCP monitor’s hostname parsing functionality of Synology SRM 1.2.3 MR2200ac 8017 and 1.2.3 RT2600ac 8017. A specially crafted network request can cause an out-of-bounds read resulting in a denial of service. An attacker can sen...
3S-Smart Software Solutions GmbH CODESYS Runtime PLC_Task Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the PLCTask functionality of 3S-Smart Software Solutions GmbH CODESYS Runtime 3.5.14.30. A specially crafted network request can cause remote code execution. An attacker can send a malicious packet to trigger this vulnerability. Tested...
Accusoft ImageGear PNG store_data_buffer size computation code execution vulnerability
Summary An exploitable out-of-bounds write vulnerability exists in the storedatabuffer function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed...
Accusoft ImageGear ICO ico_read buffer size computation code execution vulnerability
Summary An exploitable out-of-bounds write vulnerability exists in the icoread function of the igcore19d.dll library of Accusoft ImageGear 19.6.0. A specially crafted ICO file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to...
Accusoft ImageGear ICO icoread code execution vulnerability
Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll ICO icoread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted ICO file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to t...
Windows 10 Insider Preview Fast win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability Regression
Summary A use after free vulnerability exists in Windows 10, Insider Preview Fast 10.0.19582.1001, when a Win32k component fails to properly handle objects in memory. Successful exploitation of this vulnerability can lead to arbitrary code execution in the kernel context and elevation of...