Lucene search
K

2224 matches found

Talos
Talos
added 2020/03/09 12:0 a.m.63 views

WAGO e!Cockpit network communication cleartext transmission vulnerability

Summary A cleartext transmission vulnerability exists in the network communication functionality of WAGO e!Cockpit, version 1.5.1.1. An attacker with access to network traffic can easily intercept, interpret, and manipulate data coming from, or destined for e!Cockpit. This includes passwords,...

7.5CVSS7.5AI score0.01103EPSS
Exploits0
Talos
Talos
added 2020/03/09 12:0 a.m.69 views

WAGO PFC200 Cloud Connectivity Remote Code Execution Vulnerability

Summary An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200. A specially crafted XML file will direct the Cloud Connectivity service to download and execute a shell script with root privileges. Tested Versions WAGO PFC200 Firmware versi...

9.1CVSS9.4AI score0.02508EPSS
Exploits1
Talos
Talos
added 2020/03/09 12:0 a.m.70 views

WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Memory Corruption Vulnerabilities

Summary An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted xml cache file written to a specific location on the device can cause a stack buffer overflow, resulting in a denial of service an...

7CVSS7.3AI score0.00846EPSS
Exploits1
Talos
Talos
added 2020/03/05 12:0 a.m.39 views

Zoom conference room connector service insufficient session invalidation

Summary Zoom Conference Room Connector services perform insufficient session invalidation upon certain user administration tasks which enable a demoted or deleted user to still access the room administration interface. If a user has administrative access to the connected device and if this access...

7.1AI score
Exploits0
Talos
Talos
added 2020/03/03 12:0 a.m.56 views

Epignosis eFront LMS Password Reset authentication bypass vulnerability

Summary A predictable seed vulnerability eixsts in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An attacker can visit the password reset supplying the password reset token to reset the...

9.8CVSS7.7AI score0.01035EPSS
Exploits0
Talos
Talos
added 2020/03/03 12:0 a.m.29 views

Webkit AudioSourceProviderGStreamer use-after-free vulnerability

Summary A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free. Tested Versions Webkit WebKitGTK 2.30.1 Product URLs https://webkit.org/ CVSSv3 Score 8.8 -...

8.8CVSS9AI score0.01792EPSS
Exploits1
Talos
Talos
added 2020/02/25 12:0 a.m.118 views

Synology DSM findhostd unencrypted credentials disclosure vulnerability

Summary An information disclosure vulnerability exists in the findhostd authentication functionality of Synology DSM 6.2.3 25426 DS120j. Using an application e.g. Synology Assistant can lead to information disclosure of administrator credentials. An attacker can sniff network traffic to trigger...

7.7AI score
Exploits0
Talos
Talos
added 2020/02/24 12:0 a.m.71 views

Moxa AWK-3131A Encrypted Diagnostic Script Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arbitrary busybox commands to be executed, resulting in remote control over the device. An...

9.9CVSS9.9AI score0.05364EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.26 views

Slic3r libslic3r AMF File AMFParserContext::endElement() out-of-bounds read vulnerability

Summary An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to information disclosure. An attacker can provide a malicious file to trigger this...

8.6CVSS6.3AI score0.01897EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.52 views

Moxa AWK-3131A iw_webs DecryptScriptFile file name Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file name can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. A...

8.8CVSS1.2AI score0.02911EPSS
Exploits0
Talos
Talos
added 2020/02/24 12:0 a.m.36 views

Moxa AWK-3131A iw_webs iw_serverip Parameter Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted iwserverip parameter can cause user input to be reflected in a subsequent iwsystem call, resulting in remote control over the device. An...

8.8CVSS8.8AI score0.05136EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.60 views

Moxa AWK-3131A iw_webs hostname Authentication Bypass Vulnerability

Summary An exploitable authentication bypass vulnerability exists in the hostname processing of the Moxa AWK-3131A firmware version 1.13. A specially configured device hostname can cause the device to interpret select remote traffic as local traffic, resulting in a bypass of web authentication. A...

8CVSS7.7AI score0.02233EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.61 views

Moxa AWK-3131A WAP Hostname Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the hostname functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted entry to network configuration information can cause execution of arbitrary system commands, resulting in full control of the device. An...

9CVSS7.6AI score0.06892EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.51 views

Moxa AWK-3131A multiple iw_* utilities Use of Hard-coded Credentials Vulnerability

Summary An exploitable use of hard-coded credentials vulnerability exists in multiple iw utilities of the Moxa AWK-3131A firmware version 1.13. The device operating system contains an undocumented encryption password, allowing for the creation of custom diagnostic scripts. Tested Versions Moxa...

7.1CVSS6.7AI score0.00337EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.37 views

Moxa AWK-3131A iw_webs User Configuration Remote Code Execution Vulnerability

Summary An exploitable remote code execution vulnerability exists in the iwwebs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker ca...

9.9CVSS9AI score0.04557EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.59 views

Moxa AWK-3131A ServiceAgent denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send th...

7.5CVSS7.8AI score0.02516EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.68 views

Moxa AWK-3131A iw_console conio_writestr Remote Code Execution Vulnerability

Summary An exploitable format string vulnerability exists in the iwconsole coniowritestr functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted time server entry can cause an overflow of the time server buffer, resulting in remote code execution. An attacker can send...

8.8CVSS9.2AI score0.04652EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.71 views

Moxa AWK-3131A ServiceAgent Use of Hard-coded Cryptographic Key

Summary The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13. Tested Versions Moxa AWK-3131A Firmware version 1.13 Product URLs...

7.5CVSS7.5AI score0.02304EPSS
Exploits1
Talos
Talos
added 2020/02/24 12:0 a.m.68 views

Moxa AWK-3131A iw_console Privilege Escalation Vulnerability

Summary An exploitable privilege escalation vulnerability exists in the iwconsole functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send...

9CVSS9AI score0.02479EPSS
Exploits4
Talos
Talos
added 2020/02/24 12:0 a.m.58 views

Moxa AWK-3131A iw_webs Account Settings Improper Access Control Vulnerability

Summary An exploitable improper access control vulnerability exists in the iwwebs account settings functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the...

9.9CVSS9.1AI score0.02695EPSS
Exploits1
Talos
Talos
added 2020/02/18 12:0 a.m.56 views

CoTURN HTTP Server POST-parsing information leak vulnerability

Summary An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability. Teste...

9.8CVSS8.3AI score0.05116EPSS
Exploits1
Talos
Talos
added 2020/02/18 12:0 a.m.68 views

CoTURN HTTP Server POST-parsing denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of service. An attacker needs to send an HTTP request to trigger this vulnerability. Tested Versions...

7.5CVSS7.4AI score0.06102EPSS
Exploits1
Talos
Talos
added 2020/02/12 12:0 a.m.77 views

Apple Safari FontFaceSet Remote Code Execution Vulnerability

Summary A type confusion vulnerability exists in the Fonts feature of Apple Safari version 13.0.3. A specially crafted HTML web page can cause a type confusion, resulting in memory corruption and possibly arbitrary code execution. To trigger this vulnerability, a specifically crafted HTML web pag...

9.3CVSS8.7AI score0.02633EPSS
Exploits0
Talos
Talos
added 2020/02/11 12:0 a.m.66 views

Microsoft Media Foundation IMFASFSplitter::Initialize Code Execution Vulnerability

Summary An exploitable type confusion vulnerability exists in the mfasfsrcsnk.dll of Microsoft Media Foundation 10.0.18362.207. A specially crafted ASF file can cause type confusion, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the...

9.3CVSS8.7AI score0.06149EPSS
Exploits0
Talos
Talos
added 2020/02/11 12:0 a.m.50 views

Adobe Acrobat Reader DC Javascript Field Name Information Leak

Summary A specific JavaScript code embedded in a PDF file can lead to information leak when opening a PDF document in Adobe Acrobat Reader DC 2019.021.20048. With careful memory manipulation, this can lead to sensitive information disclose which could be abused when exploiting another vulnerabili...

7.5CVSS8.4AI score0.08906EPSS
Exploits0
Talos
Talos
added 2020/02/11 12:0 a.m.130 views

Windows 10 win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability

Summary A use after free vulnerability exists in Windows 10, Version 10.0.19033.1, when a Win32k component fails to properly handle objects in memory. Successful exploitation of this vulnerability can lead to arbitrary code execution in the kernel context and elevation of privileges. This...

7.8CVSS8.5AI score0.01055EPSS
Exploits0
Talos
Talos
added 2020/02/11 12:0 a.m.303 views

Microsoft Office Excel Ordinal43 code execution vulnerability

Summary An exploitable use-after-free vulnerability exists in Excel in Microsoft Office Professional Plus 2016 x86, version 1909, build 12026.20334 and Microsoft Office 365 ProPlus x86, version 1902, build 11328.20480. A specially crafted XLS file can cause a use after free condition, resulting i...

9.3CVSS8.9AI score0.15168EPSS
Exploits0
Talos
Talos
added 2020/02/10 12:0 a.m.70 views

Accusoft ImageGear PCX uncompress_scan_line buffer size computation code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the uncompressscanline function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide ...

9.8CVSS8.9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2020/02/10 12:0 a.m.70 views

Accusoft ImageGear PCX uncompress_scan_line buffer copy operation code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the uncompressscanline function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide ...

9.8CVSS8.8AI score0.03687EPSS
Exploits1
Talos
Talos
added 2020/02/10 12:0 a.m.69 views

Accusoft ImageGear JPEG SOFx Code Execution Vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG SOFx parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to th...

9.8CVSS9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2020/02/10 12:0 a.m.75 views

Accusoft ImageGear TIFF tifread code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFF tifread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted TIFF file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to...

9.8CVSS9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2020/02/10 12:0 a.m.94 views

Accusoft ImageGear JPEG jpegread precision code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG jpegread precision parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a...

9.8CVSS9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2020/02/10 12:0 a.m.69 views

Accusoft ImageGear BMP bmp_parsing buffer size computation code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the bmpparsing function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted BMP file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a...

9.8CVSS9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2020/02/05 12:0 a.m.41 views

Accusoft ImageGear TIFF TIF_read_stripdata code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the TIFreadstripdata function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted TIFF file file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a...

9.8CVSS8.7AI score0.03687EPSS
Exploits1
Talos
Talos
added 2020/02/03 12:0 a.m.56 views

Mini-SNMPD socket disconnect denial-of-service vulnerability

Talos Vulnerability Report TALOS-2019-0977 Mini-SNMPD socket disconnect denial-of-service vulnerability February 3, 2020 CVE Number CVE-2020-6060 Summary A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections. A specially timed sequence of SNMP...

5CVSS0.3AI score0.02197EPSS
Exploits1
Talos
Talos
added 2020/02/03 12:0 a.m.81 views

Mini-SNMPD decode_cnt information leak vulnerability

Summary An exploitable out-of-bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request can trigger an out-of-bounds memory read, which can result in the disclosure of sensitive information and denial of service. To trigger th...

9.1CVSS8.9AI score0.02388EPSS
Exploits1
Talos
Talos
added 2020/02/03 12:0 a.m.26 views

Mini-SNMPD socket disconnect denial-of-service vulnerability

Summary A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections. A specially timed sequence of SNMP connections can trigger a stack overflow, resulting in a denial of service. To trigger this vulnerability, an attacker needs to simply initiate...

7.5CVSS7.7AI score0.02197EPSS
Exploits1
Talos
Talos
added 2020/02/03 12:0 a.m.65 views

Mini-SNMPD decode_int Information Leak Vulnerability

Talos Vulnerability Report TALOS-2019-0976 Mini-SNMPD decodeint Information Leak Vulnerability February 3, 2020 CVE Number CVE-2020-6059 Summary An exploitable out of bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request c...

6.4CVSS0.1AI score0.02567EPSS
Exploits1
Talos
Talos
added 2020/02/03 12:0 a.m.32 views

Mini-SNMPD decode_int Information Leak Vulnerability

Summary An exploitable out of bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request can trigger an out of bounds memory read which can result in sensitive information disclosure and Denial Of Service. In order to trigger...

8.2CVSS8.1AI score0.02567EPSS
Exploits1
Talos
Talos
added 2020/01/27 12:0 a.m.35 views

Accusoft ImageGear PNG pngread width code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG pngread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to t...

9.8CVSS9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2020/01/21 12:0 a.m.48 views

AMD ATI Radeon ATIDXX64.DLL MAD shader functionality denial-of-service vulnerability

Summary An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be...

8.6CVSS8.3AI score0.01705EPSS
Exploits0
Talos
Talos
added 2020/01/21 12:0 a.m.58 views

AMD ATI Radeon ATIDXX64.DLL shader functionality VTABLE remote code execution vulnerability

Summary An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a specially...

9CVSS9.2AI score0.01802EPSS
Exploits0
Talos
Talos
added 2020/01/21 12:0 a.m.32 views

AMD ATI Radeon ATIDXX64.DLL shader functionality constant buffer denial-of-service vulnerability

Summary An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be...

8.6CVSS8.3AI score0.01705EPSS
Exploits0
Talos
Talos
added 2020/01/21 12:0 a.m.41 views

AMD ATI Radeon ATIDXX64.DLL MOVC shader functionality denial-of-service vulnerability

Summary An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be...

8.6CVSS8.2AI score0.01705EPSS
Exploits0
Talos
Talos
added 2020/01/16 12:0 a.m.48 views

Foxit PDF Reader Javascript createTemplate Invalid Page Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...

8.8CVSS8.6AI score0.02312EPSS
Exploits1
Talos
Talos
added 2020/01/16 12:0 a.m.49 views

Foxit PDF Reader Javascript Field Action Validate Remote Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...

8.8CVSS8.8AI score0.03485EPSS
Exploits1
Talos
Talos
added 2020/01/16 12:0 a.m.56 views

Foxit PDF Reader JavaScript field action OnBlur remote code execution vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to...

8.8CVSS8.9AI score0.02422EPSS
Exploits1
Talos
Talos
added 2020/01/16 12:0 a.m.57 views

Foxit PDF Reader JavaScript field keystroke action remote code execution vulnerability

Summary An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user t...

8.8CVSS9AI score0.03107EPSS
Exploits1
Talos
Talos
added 2020/01/07 12:0 a.m.115 views

E2fsprogs e2fsck rehash.c mutate_name() Code Execution Vulnerability

Summary A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. Test...

7.5CVSS7.4AI score0.01025EPSS
Exploits1
Talos
Talos
added 2020/01/02 12:0 a.m.57 views

OpenCV XML Persistence Parser Buffer Overflow Vulnerability

Summary An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially...

8.8CVSS8.8AI score0.20947EPSS
Exploits1
Total number of security vulnerabilities2224