Lucene search
K

2224 matches found

Talos
Talos
added 2020/01/02 12:0 a.m.57 views

OpenCV JSON persistence parser buffer overflow vulnerability

Summary An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, version 4.1.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a...

8.8CVSS8.9AI score0.10618EPSS
Exploits1
Talos
Talos
added 2019/12/16 12:0 a.m.61 views

WAGO PFC200 iocheckd service "I/O-Check" BC_ProductLabel remote code execution vulnerability

Summary An exploitable stack buffer overflow vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause a stack buffer overflow, resulting in code execution. An attacker can send unauthenticated packets to trigger this...

10CVSS9.9AI score0.0328EPSS
Exploits0
Talos
Talos
added 2019/12/16 12:0 a.m.88 views

WAGO PFC200 iocheckd service "I/O-Check" get_coupler_details remote code execution vulnerability

Summary An exploitable stack buffer overflow vulnerability exists in the command line utility getcouplerdetails of the WAGO PFC 200. A specially crafted set of packets sent to the iocheckd service “I/O-Check” can cause a stack buffer overflow in the sub-process getcouplerdetails, resulting in cod...

10CVSS10AI score0.03866EPSS
Exploits1
Talos
Talos
added 2019/12/16 12:0 a.m.128 views

WAGO PFC200 iocheckd service "I/O-Check" factory restore denial-of-service vulnerability

WAGO PFC200 iocheckd service “I/O-Check” factory restore denial-of-service vulnerability Summary An exploitable denial-of-service vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A single packet can cause a denial of service and weaken credentials resulting ...

9.1CVSS9.2AI score0.016EPSS
Exploits0
Talos
Talos
added 2019/12/16 12:0 a.m.76 views

WAGO PFC200 iocheckd service "I/O-Check" ReadPCBManuNum remote code execution vulnerability

Summary An exploitable heap buffer overflow vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger...

10CVSS9.8AI score0.04521EPSS
Exploits1
Talos
Talos
added 2019/12/16 12:0 a.m.78 views

WAGO PFC200 iocheckd service "I/O-Check" MAC Address overwrite Denial of Service Vulnerability

WAGO PFC200 iocheckd service “I/O-Check” MAC Address overwrite Denial of Service Vulnerability Summary An exploitable denial-of-service vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause a denial of service, resulti...

9.1CVSS8.9AI score0.01643EPSS
Exploits0
Talos
Talos
added 2019/12/16 12:0 a.m.63 views

WAGO PFC200 iocheckd service "I/O-Check" ReadPSN remote code execution vulnerability

WAGO PFC200 iocheckd service “I/O-Check” ReadPSN remote code execution vulnerability Summary An exploitable heap buffer overflow vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause a heap buffer overflow, potentially...

9.8CVSS10AI score0.03316EPSS
Exploits1
Talos
Talos
added 2019/12/16 12:0 a.m.73 views

WAGO PFC200 iocheckd service "I/O-Check" external tool information exposure vulnerability

Summary An exploitable information exposure vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause an external tool to fail, resulting in uninitialized stack data to be copied to the response packet buffer. An attacker...

5.3CVSS6.1AI score0.01621EPSS
Exploits1
Talos
Talos
added 2019/12/16 12:0 a.m.65 views

WAGO PFC200 iocheckd service "I/O-Check" ReadPCBManuNum remote code execution vulnerability

Summary An exploitable heap buffer overflow vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause a heap buffer overflow, potentially resulting in code execution. An attacker can send unauthenticated packets to trigger...

9.8CVSS9.8AI score0.03316EPSS
Exploits1
Talos
Talos
added 2019/12/16 12:0 a.m.73 views

WAGO PFC200 iocheckd service "I/O-Check" Erase Denial of Service Vulnerability

WAGO PFC200 iocheckd service “I/O-Check” Erase Denial of Service Vulnerability Summary An exploitable denial of service vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted set of packets can cause a denial of service, resulting in the device...

9.4CVSS9AI score0.01655EPSS
Exploits0
Talos
Talos
added 2019/12/11 12:0 a.m.55 views

W1.fi hostapd deauthentication denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in ...

7.4CVSS6.6AI score0.00545EPSS
Exploits0
Talos
Talos
added 2019/12/11 12:0 a.m.112 views

W1.fi hostapd CAM table denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CA...

7.4CVSS6.9AI score0.10114EPSS
Exploits1
Talos
Talos
added 2019/12/11 12:0 a.m.140 views

Linux kernel CAM table denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different...

7.4CVSS6.9AI score0.10114EPSS
Exploits1
Talos
Talos
added 2019/12/11 12:0 a.m.93 views

Apple Safari SVG Marker Element baseVal Remote Code Execution Vulnerability

Summary A freed memory access vulnerability exists in the SVG Marker Element feature of Apple Safari’s WebKit version 13.0.2. A specially crafted HTML web page can cause a use after free, resulting in memory corruption and possibly arbitrary code execution. To trigger this vulnerability, a...

9.3CVSS8.8AI score0.02238EPSS
Exploits0
Talos
Talos
added 2019/12/11 12:0 a.m.81 views

Kakadu Software SDK ATK marker code execution vulnerability

Summary An exploitable heap underflow vulnerability exists in the derivetapsandgains function in kduv7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim t...

8.8CVSS8.6AI score0.02435EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.33 views

LEADTOOLS libltdic.so LDicomAssociate::SetBinary denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Dicom-packet parsing functionality of LEADTOOLS libltdic.so version 20. A specially crafted packet can cause an infinite loop, resulting in a denial of service. An attacker can send a packet to trigger this vulnerability. Tested...

7.5CVSS7.7AI score0.01942EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.46 views

LEADTOOLS DICOM UI Parsing Code Execution Vulnerability

Summary An exploitable heap out of bounds write vulnerability exists in the UI tag parsing functionality of the DICOM image format of LEADTOOLS 20. A specially crafted DICOM image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An...

8.8CVSS8.9AI score0.02456EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.36 views

LEADTOOLS JPEG2000 Isot parsing Memory Corruption Vulnerability

Summary An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20.0.2019.3.15. A specially crafted J2K image file can cause an out of bounds write of a null byte in a heap buffer, potentially resulting in code execution. An attack can specially craft ...

8.8CVSS8.9AI score0.02619EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.50 views

LEADTOOLS libltdic.so DICOM LDicomNet::receive information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an out-of-bounds read, resulting in information disclosure. An attacker can send a packet to trigger...

9.1CVSS7.7AI score0.02266EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.67 views

Adobe Acrobat Reader DC Javascript gotoNamedDest information leak vulnerability

Summary A specific JavaScript code embedded in a PDF file can lead to information leak when opening a PDF document in Adobe Acrobat Reader DC 2019.021.20048. With careful memory manipulation, this can lead to sensitive information disclose which could be abused when exploiting another vulnerabili...

10CVSS9.6AI score0.05438EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.50 views

Microsoft Remote Desktop Services (RDP8) license negotiation denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the RDP8 implementation of Microsoft’s Remote Desktop Services. A certain component of license negotiation can allow a remote client to read an amount of memory that is controlled by the client. Due to this, a client can coerce the...

7.5CVSS8.2AI score0.09202EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.37 views

LEADTOOLS libltdic.so DICOM receive code execution vulnerability

Summary An exploitable code execution vulnerability exists in the DICOM packet-parsing functionality of LEADTOOLS libltdic.so, version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this vulnerabilit...

9.8CVSS9.6AI score0.03366EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.52 views

Microsoft Remote Desktop Services (RDP7) Windows XP Multiple Information Leak Vulnerabilities

Summary Exploitable information leak vulnerabilities exists in the RDP7 implementation of Microsoft’s Remote Desktop Services on Windows XP. Various aspects of the T.128 protocol, such as capability negotiation, can cause an information leak, which can provide an attacker information about the...

7.5CVSS7.9AI score0.07736EPSS
Exploits0
Talos
Talos
added 2019/12/10 12:0 a.m.57 views

LEADTOOLS libltdic.so DICOM LDicomNet::SendData Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this...

9.8CVSS9AI score0.02529EPSS
Exploits0
Talos
Talos
added 2019/12/05 12:0 a.m.100 views

AMD ATI Radeon ATIDXX64.DLL shader functionality sincos denial-of-service vulnerability

Summary An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can...

8.6CVSS8.2AI score0.02029EPSS
Exploits1
Talos
Talos
added 2019/12/03 12:0 a.m.36 views

Shadowsocks-libev ss-server Stream Cipher Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information...

7.4CVSS7.3AI score0.01379EPSS
Exploits1
Talos
Talos
added 2019/12/03 12:0 a.m.289 views

Shadowsocks-libev ss-server UdpRelay Denial-of-Service Vulnerability

Summary An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a localaddress, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this...

7.5CVSS6.6AI score0.02289EPSS
Exploits1
Talos
Talos
added 2019/12/03 12:0 a.m.195 views

Shadowsocks-libev ss-manager add_server Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted network packets sent to ss-manager can cause an arbitrary binary to run, resulting in code execution and privilege escalation. An attacker can send network packets to...

7.8CVSS7.9AI score0.00734EPSS
Exploits1
Talos
Talos
added 2019/12/02 12:0 a.m.44 views

Accusoft ImageGear TIFF TIF_decode_thunderscan code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFdecodethunderscan function of Accusoft ImageGear 19.3.0 library. A specially crafted TIFF file can cause an out of bounds write, resulting in a remote code execution. An attacker needs to provide a malformed...

9.8CVSS9AI score0.03612EPSS
Exploits1
Talos
Talos
added 2019/12/02 12:0 a.m.49 views

Forma LMS 2.2.1 /appCore/index.php users parameter SQL injections

Summary Exploitable SQL injection vulnerabilities exist in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.7AI score0.01064EPSS
Exploits1
Talos
Talos
added 2019/12/02 12:0 a.m.81 views

Forma LMS 2.2.1 /appLms/ajax.server.php filter_cat and filter_status parameters SQL injections

Summary Exploitable SQL injection vulnerabilities exist in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.5AI score
Exploits0
Talos
Talos
added 2019/12/02 12:0 a.m.72 views

Accusoft ImageGear BMP code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll BMP parser of the ImageGear 19.3.0 library. A specially crafted BMP file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to...

9.8CVSS9AI score0.03203EPSS
Exploits0
Talos
Talos
added 2019/12/02 12:0 a.m.50 views

Forma LMS 2.2.1 ajax.adm_server.php dir parameter SQL injections

Summary Exploitable SQL injection vulnerabilities exists in the authenticated portion of Forma LMS 2.2.1. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowin...

8.8CVSS8.6AI score0.01064EPSS
Exploits1
Talos
Talos
added 2019/12/02 12:0 a.m.61 views

EmbedThis GoAhead web server code execution vulnerability

Summary An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to a use-after-free condition during the processing of thi...

9.8CVSS10AI score0.66982EPSS
Exploits2
Talos
Talos
added 2019/12/02 12:0 a.m.55 views

EmbedThis GoAhead web server denial-of-service vulnerability

Summary A denial-of-service vulnerability exists in the processing of multi-part/form-data requests in the base GoAhead web server application in versions v5.0.1, v.4.1.1 and v3.6.5. A specially crafted HTTP request can lead to an infinite loop in the process. The request can be unauthenticated i...

7.5CVSS6.5AI score0.45063EPSS
Exploits1
Talos
Talos
added 2019/12/02 12:0 a.m.47 views

Accusoft ImageGear PNG IHDR width code execution vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG header-parser of the Accusoft ImageGear 19.3.0 library. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to th...

9.8CVSS8.9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2019/12/02 12:0 a.m.60 views

Accusoft ImageGear GEM Raster Code Execution Vulnerability

Summary An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll GEM Raster parser of the Accusoft ImageGear 19.3.0 library. A specially crafted GEM file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to th...

9.8CVSS9AI score0.03687EPSS
Exploits1
Talos
Talos
added 2019/11/21 12:0 a.m.187 views

Tenda AC9 /goform/WanParameterSetting Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the /goform/WanParameterSetting functionality of Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Route AC9V1.0 Firmware V15.03.05.16multiTRU. A specially crafted HTTP POST request can cause a command injection, resulting in cod...

7.8CVSS7.9AI score0.01819EPSS
Exploits1
Talos
Talos
added 2019/11/21 12:0 a.m.55 views

xcftools flattenIncrementally tiles walk code execution vulnerability

Summary An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools, version 1.0.7. An integer overflow can occur while walking through tiles that could be exploited to corrupt memory and execute arbitrary code. In orde...

8.8CVSS8.3AI score0.03151EPSS
Exploits1
Talos
Talos
added 2019/11/20 12:0 a.m.29 views

xcftools flattenIncrementally rows allocation code execution vulnerability

Summary An exploitable integer overflow vulnerability exists in the flattenIncrementally function in the xcf2png and xcf2pnm binaries of xcftools 1.0.7. An integer overflow can occur while calculating the row’s allocation size, that could be exploited to corrupt memory and eventually execute...

8.8CVSS8.8AI score0.03637EPSS
Exploits1
Talos
Talos
added 2019/11/15 12:0 a.m.359 views

OpenWrt ustream-ssl certificate verification information leak vulnerability

Talos Vulnerability Report TALOS-2019-0893 OpenWrt ustream-ssl certificate verification information leak vulnerability November 15, 2019 CVE Number CVE-2019-5101,CVE-2019-5102 SUMMARY An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and...

5.9CVSS5.3AI score0.00781EPSS
Exploits2
Talos
Talos
added 2019/11/13 12:0 a.m.64 views

Intel IGC64.DLL shader functionality DCL_INDEXABLE_TEMP denial-of-service vulnerability

Summary An exploitable memory corruption vulnerability exists in Intel’s IGC64.DLL graphics driver, versions 26.20.100.6709 and 26.20.100.6861. A specially crafted pixel shader can cause an out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this...

5.5CVSS5.7AI score0.00297EPSS
Exploits0
Talos
Talos
added 2019/11/13 12:0 a.m.61 views

Exhibitor UI command injection vulnerability

Summary An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $ can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKeeper. An...

10CVSS10AI score0.5715EPSS
Exploits2
Talos
Talos
added 2019/11/12 12:0 a.m.94 views

Microsoft Office Excel WorksheetOptions Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the mso.dll of Microsoft Office. A specially crafted XLS file can cause a use after free, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. Tested Versions...

9.3CVSS8.4AI score0.28178EPSS
Exploits0
Talos
Talos
added 2019/11/12 12:0 a.m.39 views

Microsoft Media Foundation CMP4MetadataHandler AddQTMetadata Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the mfmp4srcsnk.dll of Microsoft Media Foundation. A specially crafted QuickTime file can cause a Use-After-Free, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the...

9.3CVSS7.9AI score0.12956EPSS
Exploits0
Talos
Talos
added 2019/11/05 12:0 a.m.72 views

LEADTOOLS CMP-parsing code execution vulnerability

Summary An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...

8.8CVSS7.9AI score0.02038EPSS
Exploits1
Talos
Talos
added 2019/11/05 12:0 a.m.85 views

LEADTOOLS TIF ImageWidth code execution vulnerability

Summary An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a...

8.8CVSS8.1AI score0.01996EPSS
Exploits1
Talos
Talos
added 2019/11/05 12:0 a.m.70 views

LEADTOOLS JPEG2000 j2pc Parsing Remote Code Execution Vulnerability

Summary An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this...

8.8CVSS8.2AI score0.01994EPSS
Exploits1
Talos
Talos
added 2019/11/05 12:0 a.m.62 views

LEADTOOLS BMP Parsing Remote Code Execution Vulnerability

Summary An exploitable integer overflow vulnerability exists in the BMP header parsing functionality of LEADTOOLS 20. A specially crafted BMP image file can cause an integer overflow, potentially resulting in code execution. An attacker can specially craft a BMP image to trigger this vulnerabilit...

8.8CVSS8.1AI score0.02038EPSS
Exploits1
Talos
Talos
added 2019/11/04 12:0 a.m.92 views

Investintech Able2Extract professional JPEG decoding code execution vulnerability

Summary An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional. A specially crafted JPEG file can cause an out-of-bounds memory write, allowing an attacker to execute arbitrary code on the victim machine. An attacker could exploit a vulnerability by...

8.8CVSS8.2AI score0.01955EPSS
Exploits1
Total number of security vulnerabilities2224