Lucene search
K

2224 matches found

Talos
Talos
added 2019/11/04 12:0 a.m.120 views

Investintech Able2Extract Professional BMP decoding biClrUsed code execution vulnerability

Summary An exploitable memory corruption vulnerability exists in Investintech Able2Extract Professional. A specially crafted BMP file can cause an out-of-bounds memory write, allowing a potential attacker to execute arbitrary code on the victim machine. Can trigger this vulnerability by sending t...

8.8CVSS8.2AI score0.01955EPSS
Exploits1
Talos
Talos
added 2019/10/30 12:0 a.m.139 views

YouPHPTube /objects/video.php getVideo videoName code execution vulnerability

Summary An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. A specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration of the database and local file inclusion, which could potentially further lead to code...

10CVSS9.9AI score0.02265EPSS
Exploits1
Talos
Talos
added 2019/10/30 12:0 a.m.326 views

YouPHPTube /objects/video.php getVideo search code execution vulnerability

Summary An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. When the “VideoTags” plugin is enabled, a specially crafted unauthenticated HTTP request can cause a SQL injection, possibly leading to denial of service, exfiltration of the database and local file inclusion, which could...

8.9CVSS8.6AI score0.01527EPSS
Exploits1
Talos
Talos
added 2019/10/28 12:0 a.m.65 views

VMware Fusion 11 Shader Functionality Denial Of Service

Summary An exploitable denial of service vulnerability exists in VMware Fusion 11.1.0 13668589. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from a VMware...

6.5CVSS6.3AI score0.02117EPSS
Exploits0
Talos
Talos
added 2019/10/23 12:0 a.m.97 views

X11 Mesa 3D Graphics Library shared memory permissions vulnerability

Summary An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D Graphics Library. An attacker can access the shared memory without any specific permissions to trigger this vulnerability. Tested Versions Mesa 3D X11 Graphics library 19.1.2 Product URLs...

5.1CVSS4.8AI score0.00504EPSS
Exploits1
Talos
Talos
added 2019/10/17 12:0 a.m.60 views

YouPHPTube /objects/subscribe.json.php SQL injection vulnerability

Summary Exploitable SQL injection vulnerabilities exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.6AI score0.01064EPSS
Exploits1
Talos
Talos
added 2019/10/17 12:0 a.m.258 views

YouPHPTube /objects/commentAddNew.json.php comments_id SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exists in the authenticated portion of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowin...

9.9CVSS8.9AI score0.01389EPSS
Exploits1
Talos
Talos
added 2019/10/17 12:0 a.m.120 views

YouPHPTube Encoder base64Url multiple command injections

Summary Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. Specially crafted web requests can cause commands to be executed on the server. An attacker can send a web request with parameters containing specific...

10CVSS9.9AI score0.45302EPSS
Exploits3
Talos
Talos
added 2019/10/17 12:0 a.m.90 views

YouPHPTube /objects/subscribeNotify.json.php user_id SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exist in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.4AI score0.00966EPSS
Exploits0
Talos
Talos
added 2019/10/17 12:0 a.m.70 views

YouPHPTube /plugin/AD_Server/view/campaignsVideos.json.php id SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.4AI score0.01064EPSS
Exploits1
Talos
Talos
added 2019/10/17 12:0 a.m.97 views

YouPHPTube /objects/pluginSwitch.json.php Multiple SQL Injection Vulnerabilities

Summary Exploitable SQL injection vulnerabilities exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.6AI score0.01064EPSS
Exploits3
Talos
Talos
added 2019/10/17 12:0 a.m.91 views

YouPHPTube /objects/videoAddNew.json.php SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause a SQL injection. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS8.5AI score0.01064EPSS
Exploits1
Talos
Talos
added 2019/10/15 12:0 a.m.56 views

Adobe Acrobat Reader DC text field value remote code execution vulnerability redux

Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC, version 2019.012.20035. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim...

9.3CVSS9.5AI score0.13071EPSS
Exploits0
Talos
Talos
added 2019/10/09 12:0 a.m.105 views

NitroPDF jpeg2000 ssizDepth Remote Code Execution Vulnerability

Summary A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open...

8.8CVSS8.6AI score0.02282EPSS
Exploits1
Talos
Talos
added 2019/10/09 12:0 a.m.105 views

NitroPDF CharProcs Remote Code Execution Vulnerability

Summary An exploitable Use After Free vulnerability exists in the CharProcs parsing functionality of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a Use After Free. An attacker can craft a malicious PDF to trigger this vulnerability. Tested Versions NitroPDF 12.2.1.52...

7.8CVSS7.6AI score0.01331EPSS
Exploits1
Talos
Talos
added 2019/10/09 12:0 a.m.102 views

NitroPDF Page Kids Remote Code Execution Vulnerability

Summary A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file. Tested Versions NitroPD...

8.8CVSS8.4AI score0.02562EPSS
Exploits1
Talos
Talos
added 2019/10/09 12:0 a.m.99 views

NitroPDF Stream Length Memory Corruption Vulnerability

Summary An exploitable use-after-free vulnerability exists in the Length parsing function of NitroPDF. A specially crafted PDF can cause a type confusion, resulting in a use-after-free condition. An attacker can craft a malicious PDF to trigger this vulnerability. Tested Versions NitroPDF...

7.8CVSS7.9AI score0.01331EPSS
Exploits1
Talos
Talos
added 2019/10/09 12:0 a.m.98 views

NitroPDF ICCBased Color Space Remote Code Execution Vulnerability

Summary A specifically crafted PDF file can lead to a heap corruption when opened in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open the malicious file. Tested Versions NitroPD...

8.8CVSS8.5AI score0.02282EPSS
Exploits1
Talos
Talos
added 2019/10/09 12:0 a.m.102 views

NitroPDF jpeg2000 yTsiz Remote Code Execution Vulnerability

Summary A specifically crafted jpeg2000 file embedded in a PDF file can lead to a heap corruption when opening a PDF document in NitroPDF 12.12.1.522. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need to open...

8.8CVSS8.6AI score0.02282EPSS
Exploits1
Talos
Talos
added 2019/10/08 12:0 a.m.65 views

Schneider Electric Modicon M580 UMAS cleartext data transmission vulnerability

Summary An exploitable information disclosure vulnerability exists in the UMAS functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. An attacker can sniff network traffic to exploit this vulnerability. Tested Versions Schneider Electric...

7.5CVSS7.1AI score0.01064EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.303 views

Schneider Electric Modicon M580 FTP incomplete firmware update denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the FTP firmware update function of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. A specially crafted set of FTP commands can cause the device to enter a recoverable fault state,...

4.9CVSS5.3AI score0.00959EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.46 views

Schneider Electric Modicon M580 malformed firmware image FTP upgrade denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the FTP firmware update function of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. A specially crafted firmware image can cause the device to enter a recoverable fault state, resulti...

4.9CVSS5.3AI score0.00959EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.60 views

Schneider Electric Modicon M580 UMAS REST API readbolarray information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the UMAS REST API readbolarray functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to return blocks of program...

7.5CVSS7.5AI score0.01709EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.88 views

Schneider Electric Modicon M580 FTP cleartext authentication vulnerability

Summary An exploitable information disclosure vulnerability exists in the FTP functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. An attacker can sniff network traffic to exploit this vulnerability. Tested Versions Schneider Electric...

6.5CVSS6.5AI score0.00981EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.71 views

Schneider Electric Modicon M580 Mismatched Firmware Image FTP Upgrade Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the FTP firmware update functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted firmware image can cause the device to enter a recoverable fault state,...

4.9CVSS5.3AI score0.00959EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.49 views

Schneider Electric Modicon M580 UMAS REST API getcominfo information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the UMAS REST API getcominfo functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to return arbitrary memory,...

7.5CVSS7.3AI score0.01709EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.56 views

Schneider Electric Modicon M580 TFTP server information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the TFTP server functionality of the Schneider Electric Modicon M580 Programmable Automation Controller. A specially crafted TFTP get request can cause a file download, resulting in disclosure of sensitive information. An...

7.5CVSS7.4AI score0.29895EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.65 views

Schneider Electric Modicon M580 FTP firmware update loader service denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the FTP firmware update service function of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. A specially ordered set of FTP commands can cause the FTP loader service to enter a waiting...

4.9CVSS5.2AI score0.24374EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.182 views

Schneider Electric Modicon M580 UMAS REST API getcominfo denial-of-service vulnerability

Summary An exploitable denial of service vulnerability exists in the UMAS REST API getcominfo functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to enter a non-recoverable fault...

8.6CVSS8.6AI score0.32974EPSS
Exploits0
Talos
Talos
added 2019/10/08 12:0 a.m.42 views

Schneider Electric Modicon M580 outdated firmware image FTP upgrade denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the FTP firmware update functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. An outdated firmware image can cause the device to enter a non-recoverable fault state,...

4.9CVSS5.6AI score0.00959EPSS
Exploits0
Talos
Talos
added 2019/09/30 12:0 a.m.68 views

Foxit PDF Reader JavaScript Array.includes remote code execution vulnerability

Summary An exploitable memory corruption vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 9.4.1.16828. A specially crafted PDF document can trigger an out-of-memory condition which isn’t handled properly, resulting in arbitrary code execution. An attacke...

8.8CVSS8.8AI score0.0604EPSS
Exploits1
Talos
Talos
added 2019/09/24 12:0 a.m.79 views

E2fsprogs quotaio_tree.c report_tree() code execution vulnerability

Summary An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. Tested...

7.5CVSS7.5AI score0.01105EPSS
Exploits1
Talos
Talos
added 2019/09/17 12:0 a.m.154 views

Aspose.PDF for C++ LZWDecode filter predictor remote code execution vulnerability

Summary An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2.for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free condition. To trigger this vulnerability, a specifically crafted PDF...

9.8CVSS9.9AI score0.02375EPSS
Exploits1
Talos
Talos
added 2019/09/17 12:0 a.m.112 views

Aspose.PDF for C++ parent generation remote code execution vulnerability

Summary An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers. A specially crafted PDF can cause a read and write from uninitialized memory, resulting in memory corruption and possibly arbitrary code execution. To trigger thi...

9.8CVSS9.9AI score0.03415EPSS
Exploits1
Talos
Talos
added 2019/09/17 12:0 a.m.209 views

Aspose.PDF for C++ Remote Code Execution Vulnerability

Summary An exploitable Use-After-Free vulnerability exists in the way FunctionType 0 PDF elements are processed in Aspose.PDF for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free . An attacker can send a malicious PDF to trigger this vulnerability...

8.8CVSS9.1AI score0.02061EPSS
Exploits1
Talos
Talos
added 2019/09/16 12:0 a.m.88 views

Atlassian Jira Tempo plugin issue summary information disclosure vulnerability

Summary An issue summary information disclosure vulnerability exists in Atlassian Jira Tempo plugin, version 4.10.0. Authenticated users can obtain the summary for issues they do not have permission to view via the Tempo plugin. Tested Versions Atlassian Jira 7.6.4 Atlassian Jira Tempo Core syste...

4.3CVSS4.3AI score0.01123EPSS
Exploits1
Talos
Talos
added 2019/09/16 12:0 a.m.101 views

Atlassian Jira Worklog Information Disclosure Vulnerability

Summary A worklog information disclosure vulnerability exists in Atlassian Jira 7.6.4, from version 7.6.4 to 8.1.0. Authenticated users can view worklog details for issues they do not have permission to view via the /rest/api/2/worklog/list API endpoint. They can also obtain a list of worklog ID’...

5.3CVSS5.2AI score0.02711EPSS
Exploits0
Talos
Talos
added 2019/09/16 12:0 a.m.89 views

Atlassian Jira CSRF Login Vulnerability

Summary An exploitable CSRF vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. The login form doesn’t require a CSRF token. As a result, an attacker can log a user into the system under an unexpected account. Tested Versions Atlassian Jira 7.6.4 Atlassian Jira 8.1.0 Product URL...

4.3CVSS7.2AI score0.00301EPSS
Exploits0
Talos
Talos
added 2019/09/16 12:0 a.m.161 views

Atlassian Jira WikiRenderer parser XSS vulnerability

Summary An exploitable XSS vulnerability exists in the WikiRenderer functionality of Atlassian Jira, from version 7.6.4 to 8.1.0. A specially crafted comment can cause a persistent XSS. An attacker can create a comment or worklog entry to trigger this vulnerability. Tested Versions Atlassian Jira...

5.4CVSS5.8AI score0.0092EPSS
Exploits0
Talos
Talos
added 2019/09/16 12:0 a.m.216 views

Atlassian Jira CSRF Protections Bypass Vulnerability

Summary An exploitable CSRF vulnerability exists in Atlassian Jira 7.6.4. An attacker controlling a subdomain different that the Jira hosting subdomain enables cookie injection and control of the CSRF header token. An attacker can create a cookie and submit CSRF attacks on behalf of a logged-in...

6.5CVSS6.6AI score0.01175EPSS
Exploits1
Talos
Talos
added 2019/09/16 12:0 a.m.99 views

Atlassian Jira issue attachment name information disclosure vulnerability

Summary An issue attachment name information disclosure vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. Anonymous users can differentiate between valid attachment names and invalid attachment names for any given issue via /rest/api/1.0/render API endpoint. Tested Versions...

5.3CVSS5.1AI score0.03012EPSS
Exploits1
Talos
Talos
added 2019/09/16 12:0 a.m.91 views

Atlassian Jira issueTable username information disclosure vulnerability

Summary An username information disclosure vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. Anonymous users can differentiate between valid usernames and invalid usernames via /rest/issueNav/1/issueTable API endpoint. Tested Versions Atlassian Jira 7.6.4 Atlassian Jira 8.1.0...

5.3CVSS5.3AI score0.1755EPSS
Exploits1
Talos
Talos
added 2019/09/16 12:0 a.m.77 views

Atlassian Jira Issue Key Information Disclosure Vulnerability

Summary An issue key information disclosure vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. Anonymous users can differentiate between valid issue keys and invalid issue keys via the /rest/api/1.0/render API endpoint. Tested Versions Atlassian Jira 7.6.4 Atlassian Jira 8.1.0...

5.3CVSS5AI score0.03012EPSS
Exploits1
Talos
Talos
added 2019/09/16 12:0 a.m.104 views

AMD ATI Radeon ATIDXX64.DLL shader functionality remote code execution vulnerability

Summary An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this vulnerability...

10CVSS9.4AI score0.02013EPSS
Exploits0
Talos
Talos
added 2019/09/09 12:0 a.m.67 views

NETGEAR N300 WNR2000v5 unauthenticated host access point daemon denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the Host Access Point Daemon hostapd on the NETGEAR N300 WNR2000v5 wireless router. A SOAP request sent in an invalid sequence to the service can cause a null pointer dereference, resulting in the hostapd service crashing. An...

7.5CVSS7.5AI score0.02014EPSS
Exploits1
Talos
Talos
added 2019/09/09 12:0 a.m.96 views

NETGEAR N300 WNR2000v5 unauthenticated HTTP denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the session handling functionality of the NETGEAR N300 WNR2000v5 HTTP server. An HTTP request with an empty User-Agent string sent to a page requiring authentication can cause a null pointer dereference, resulting in the HTTP servic...

7.5CVSS7.6AI score0.0313EPSS
Exploits1
Talos
Talos
added 2019/09/04 12:0 a.m.113 views

Blynk inc. Blynk-Library BlynkProtocol<Transp>::processInput() information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the packet-parsing functionality of Blynk-Library v0.6.1. A specially crafted packet can cause an unterminated strncpy, resulting in information disclosure. An attacker can send a packet to trigger this vulnerability. Tested...

5.3CVSS5.1AI score0.01876EPSS
Exploits1
Talos
Talos
added 2019/09/03 12:0 a.m.87 views

Epignosis eFront LMS unauthenticated SQL injection vulnerability

Summary An exploitable SQL injection vulnerability exists in the unauthenticated portion of eFront LMS, versions v5.2.12 and earlier. Specially crafted web request to login page can cause SQL injections, resulting in data compromise. An attacker can use a browser to trigger these vulnerabilities,...

6.5CVSS6.9AI score0.01025EPSS
Exploits1
Talos
Talos
added 2019/09/03 12:0 a.m.91 views

Epignosis eFront LMS PHP deserialization code execution vulnerability

Summary A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker can send a crafted web parameter to trigger this vulnerability. Tested Versions Epignosis...

8.8CVSS9AI score0.0228EPSS
Exploits1
Talos
Talos
added 2019/08/20 12:0 a.m.120 views

Aspose Aspose.Words for C++ EnumMetaInfo Code Execution Vulnerability

Summary An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words for C++, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malforme...

9.8CVSS9.5AI score0.03282EPSS
Exploits0
Total number of security vulnerabilities2224