Lucene search
K

2218 matches found

Talos
Talos
added 2019/03/19 12:0 a.m.157 views

CUJO Smart Firewall mdnscap mDNS SRV record denial-of-service vulnerability

Summary An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall, version 7003. When parsing SRV records in an mDNS packet, the “RDLENGTH” value is handled incorrectly, leading to an out-of-bounds access that crashes the mdnscap process. An...

7.5CVSS7.1AI score0.01323EPSS
Exploits1
Talos
Talos
added 2019/03/19 12:0 a.m.136 views

CUJO Smart Firewall threatd hostname reputation check code execution vulnerability

Summary An exploitable vulnerability exists in the safe browsing function of the CUJO Smart Firewall, version 7003. The flaw lies in the way the safe browsing function parses HTTP requests. The server hostname is extracted from captured HTTP/HTTPS requests and inserted as part of a Lua statement...

10CVSS9.2AI score0.02669EPSS
Exploits1
Talos
Talos
added 2019/03/19 12:0 a.m.116 views

CUJO Smart Firewall safe browsing Host header-parsing firewall bypass vulnerability

Summary An exploitable vulnerability exists the safe browsing function of the CUJO Smart Firewall, version 7003. The bug lies in the way the safe browsing function parses HTTP requests. The “Host” header is incorrectly extracted from captured HTTP requests, which would allow an attacker to visit...

7.5CVSS6.1AI score0.01168EPSS
Exploits1
Talos
Talos
added 2019/03/19 12:0 a.m.181 views

Das U-Boot verified boot bypass

Summary An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot’s verified boot and execute an unsigned kernel, embedded in...

8.2CVSS7.1AI score0.00276EPSS
Exploits1
Talos
Talos
added 2019/03/19 12:0 a.m.87 views

CUJO Smart Firewall static DHCP hostname command injection vulnerability

Summary An exploitable command injection vulnerability exists in the DHCP daemon configuration of the CUJO Smart Firewall. When adding a new static DHCP address, its corresponding hostname is inserted into the dhcpd.conf file without prior sanitization, allowing for arbitrary execution of system...

9CVSS7.8AI score0.02612EPSS
Exploits1
Talos
Talos
added 2019/03/11 12:0 a.m.45 views

CleanMyMac X incomplete update patch privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service CleanMyMac X, version 4.20, due to improper updating. The application failed to remove the vulnerable components upon upgrading to the latest version, leaving the user open to attack. A user with local access c...

7.1CVSS6.1AI score0.00398EPSS
Exploits0
Talos
Talos
added 2019/03/09 12:0 a.m.36 views

WAGO e!Cockpit authentication hard-coded encryption key vulnerability

Summary A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e!Cockpit, version 1.5.1.1. An attacker with access to communications between e!Cockpit and CoDeSyS Gateway can trivially recover the password of any user attempting to log in, in plain text. Test...

5.5CVSS5.8AI score0.00335EPSS
Exploits1
Talos
Talos
added 2019/03/09 12:0 a.m.58 views

WAGO e!COCKPIT Firmware Downgrade Vulnerability

Summary An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software. A specially crafted firmware update file can allow an attacker to install an older firmware version while the user thinks a newer firmware version...

7.8CVSS7.8AI score0.01114EPSS
Exploits0
Talos
Talos
added 2019/03/09 12:0 a.m.46 views

WAGO PFC200 iocheckd service "I/O-Check" cache DNS code execution vulnerability

Summary An exploitable stack buffer overflow vulnerability exists in the iocheckd service “I/O-Check” functionality of WAGO PFC 200. A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An attacker can send...

7.8CVSS7.9AI score0.00818EPSS
Exploits1
Talos
Talos
added 2019/03/07 12:0 a.m.108 views

Pixar Renderman Install Helper Privilege Escalation Vulnerability

Summary A local privilege escalation vulnerability exists in the Mac OS X version of Pixar Renderman 22.3.0’s Install Helper helper tool. A user with local access can use this vulnerability to escalate their privileges to root. An attacker would need local access to the machine for a successful...

9CVSS8.2AI score0.00881EPSS
Exploits1
Talos
Talos
added 2019/02/28 12:0 a.m.88 views

Antenna House Rainbow PDF Office server document converter getSummaryInformation NumProperties code execution vulnerability

Summary A heap overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 7,0,2018,1113. While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation...

9.8CVSS9.7AI score0.02301EPSS
Exploits1
Talos
Talos
added 2019/02/20 12:0 a.m.64 views

McAfee GetSusp VersionInfo Parsing Denial of Service Vulnerability

Summary An exploitable Denial of Service vulnerability exists in the file scanning functionality of McAfee GetSusp 3.0.0.461. A specially crafted executable can cause an infinite loop resulting in a Denial of Service. An attacker can scan this executable to trigger this vulnerability. Tested...

6.5CVSS5.7AI score0.00816EPSS
Exploits0
Talos
Talos
added 2019/02/14 12:0 a.m.77 views

AutoDesk AutoCAD 2019 DXF-parsing code execution vulnerability

Summary An exploitable heap overflow vulnerability exists in the DXF-parsing functionality of AutoDesk AutoCAD 2019 P.46.0.0. A specially crafted DXF file can cause a heap overflow, resulting in code execution. An attacker must convince a victim to open a malicious document in order to trigger th...

7.8CVSS7.9AI score0.01636EPSS
Exploits0
Talos
Talos
added 2019/02/14 12:0 a.m.203 views

AutoDesk AutoCAD 2019 LinetypeTableRecord Code Execution Vulnerability

Summary An exploitable use-after-free vulnerability exists in the DXF-parsing functionality of AutoDesk AutoCAD 2019. A specially crafted DXF file can cause a use-after-free vulnerability, resulting in code execution. Tested Versions AutoDesk AutoCAD 2019 P.46.0.0 Product URLs...

7.8CVSS7.8AI score0.01644EPSS
Exploits0
Talos
Talos
added 2019/02/14 12:0 a.m.98 views

AutoDesk AutoCAD 2019 cell margin code execution vulnerability

Summary An exploitable heap overflow vulnerability exists in the DXF-parsing functionality of AutoDesk AutoCAD 2019 P.46.0.0. A specially crafted DXF file with too many cell margins populating an AcCellMargin object can cause a heap overflow, resulting in code execution. An attacker can provide a...

7.8CVSS8AI score0.01636EPSS
Exploits0
Talos
Talos
added 2019/02/12 12:0 a.m.43 views

Adobe Acrobat Reader DC text field "comb" property remote code execution vulnerability

Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC, version 2019.8.20071. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim wou...

10CVSS9.8AI score0.04253EPSS
Exploits0
Talos
Talos
added 2019/02/07 12:0 a.m.32 views

Rakuten Viber Android Secret Chats Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the “Secret Chats” functionality of Rakuten Viber on Android 9.3.0.6. The “Secret Chats” functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this...

5.5CVSS4.8AI score0.00376EPSS
Exploits1
Talos
Talos
added 2019/01/30 12:0 a.m.104 views

ACD Systems Canvas Draw 4 FillSpan Out of Bounds Write Code Execution Vulnerability

Summary An exploitable out of bounds write exists in the CAL parsing functionality of Canvas Draw version 5.0.0. A specially crafted CAL image processed via the application can lead to an out of bounds write overwriting arbitrary data. An attacker can deliver a PCX image to trigger this...

8.8CVSS8.2AI score0.01893EPSS
Exploits1
Talos
Talos
added 2019/01/30 12:0 a.m.77 views

ACD Systems Canvas Draw 5 huff table out-of-bounds write code execution vulnerability

Summary An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this...

8.8CVSS8.1AI score0.01456EPSS
Exploits1
Talos
Talos
added 2019/01/30 12:0 a.m.85 views

ACD Systems Canvas Draw 5 Resolution_Set out-of-bounds write code execution vulnerability

Summary An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this...

8.8CVSS8.1AI score0.02253EPSS
Exploits1
Talos
Talos
added 2019/01/30 12:0 a.m.82 views

ACD Systems Canvas Draw 5 IO metadata out-of-bounds write code execution vulnerability

Summary An exploitable out-of-bounds write exists in the CALS Raster file format-parsing functionality of Canvas Draw version 5.0.0.28. A specially crafted CAL image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a CAL image t...

8.8CVSS8AI score0.01846EPSS
Exploits1
Talos
Talos
added 2019/01/28 12:0 a.m.78 views

WIBU-SYSTEMS WibuKey.sys 0x8200E804 pool corruption privilege escalation vulnerability

Summary An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation...

9.3CVSS8.8AI score0.00636EPSS
Exploits1
Talos
Talos
added 2019/01/28 12:0 a.m.230 views

WIBU-SYSTEMS WibuKey network server management WkbProgramLow remote code execution vulnerability

Summary An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet ...

10CVSS9.9AI score0.34329EPSS
Exploits1
Talos
Talos
added 2019/01/28 12:0 a.m.86 views

Python.org CPython X509 certificate parsing denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using...

7.5CVSS7.7AI score0.20743EPSS
Exploits1
Talos
Talos
added 2019/01/28 12:0 a.m.187 views

WIBU-SYSTEMS WibuKey.sys 0x8200E804 kernel memory information disclosure vulnerability

Summary An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 Build 2400. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An...

5.5CVSS4.8AI score0.0057EPSS
Exploits1
Talos
Talos
added 2019/01/21 12:0 a.m.63 views

Bitdefender BOX 2 bootstrap update_setup command execution vulnerability

Summary An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method /api/updatesetup does not perform firmware signature checks atomically, leading to an exploitable race condition TOCTTOU that allows arbitrary execution o...

9.3CVSS8.2AI score0.01948EPSS
Exploits0
Talos
Talos
added 2019/01/21 12:0 a.m.60 views

Bitdefender BOX 2 bootstrap download_image command injection vulnerability

Summary An exploitable command injection vulnerability exists in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method /api/downloadimage unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands...

10CVSS9.2AI score0.04234EPSS
Exploits1
Talos
Talos
added 2019/01/14 12:0 a.m.39 views

Pixar Renderman install helper privilege escalation vulnerability

Summary A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X version of Pixar Renderman, version 22.2.0. A user with local access can use this vulnerability to escalate their privileges to root. An attacker would need local access to the machine to...

9CVSS7.9AI score0.00683EPSS
Exploits1
Talos
Talos
added 2019/01/14 12:0 a.m.43 views

Pixar Renderman Install Helper Arbitrary File Read Privilege Escalation Vulnerability

Summary A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X version of Pixar Renderman, version 22.2.0. A user with local access can use this vulnerability to read any root file from the file system. An attacker would need local access to the machine to...

7.1CVSS5.9AI score0.00522EPSS
Exploits1
Talos
Talos
added 2019/01/08 12:0 a.m.51 views

Apple IntelHD5000 Graphics Process Token Privilege Escalation Vulnerability

Summary A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds access inside of the KEXT leading to a use after free and invalid memory...

9.3CVSS8AI score0.00907EPSS
Exploits0
Talos
Talos
added 2019/01/03 12:0 a.m.57 views

Foxit PDF Reader XFA xdpContent information leak vulnerability

Summary An exploitable out-of-bounds read vulnerability exists in the handling of certain XFA element attributes of Foxit Software’s PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger an out-of-bounds read, which can disclose sensitive memory content and aid in exploitati...

7.1CVSS6.7AI score0.49566EPSS
Exploits1
Talos
Talos
added 2019/01/03 12:0 a.m.40 views

Apple IntelHD5000 Graphics Delete Resource Privilege Escalation Vulnerability

Summary A memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of OSX 10.13.4. A library inserted into the VLC media application can cause an out-of-bounds access inside of the KEXT leading to a use after free and invalid memory...

9.3CVSS7.3AI score0.00895EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.35 views

CleanMyMac X truncateFileAtPath Privilege Escalation Vulnerability

Summary The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product URLs...

7.1CVSS6AI score0.00309EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.35 views

Clean My Mac X disableLaunchdAgentAtPath privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...

7.1CVSS6AI score0.00309EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.23 views

Clean My Mac X removePackageWithID privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...

7.1CVSS6AI score0.00309EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.34 views

CleanMyMac X removeItemAtPath Privilege Escalation Vulnerability

Summary The CleanMyMac X software contains an exploitable privilege escalation vulnerability that exists due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product URLs...

7.1CVSS6AI score0.00309EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.87 views

CleanMyMac X moveToTrashItemAtPath privilege escalation vulnerability

Summary The CleanMyMac X software contains an exploitable privilege escalation vulnerability due to improper input validation. An attacker with local access could use this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product URLs https://macpaw.com/cleanmym...

7.1CVSS6AI score0.00309EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.33 views

CleanMyMac X moveItemAtPath privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the way the CleanMyMac X software improperly validates inputs. An attacker with local access could use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful...

7.1CVSS6AI score0.00306EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.339 views

Clean My Mac X removeLaunchdAgentAtPath privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...

7.1CVSS5.9AI score0.00309EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.29 views

CleanMyMac X removeKextAtPath privilege escalation vulnerability

Summary The CleanMyMac X software contains an exploitable privilege escalation vulnerability due to improper input validation. An attacker with local access could use this vulnerability to modify the running kernel extensions on the system. Tested Versions Clean My Mac X 4.04 Product URLs...

7.1CVSS5.9AI score0.00306EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.32 views

Clean My Mac X pleaseTerminate denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. A user with local access can use this vulnerability to terminate a privileged helper application. An attacker would need local access to the machi...

7.1CVSS5.8AI score0.00309EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.29 views

Clean My Mac X removeASL Privilege Escalation Vulnerability

Summary An exploitable privilege escalation vulnerability exists in the Clean My Mac X, version 4.04, helper service due to improper input validation. A user with local access can use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a...

7.1CVSS5.7AI score0.00497EPSS
Exploits1
Talos
Talos
added 2019/01/02 12:0 a.m.27 views

Clean My Mac X enableLaunchdAgentAtPath privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...

7.1CVSS6AI score0.00309EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.25 views

Clean My Mac X securelyRemoveItemAtPath privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...

7.1CVSS5.9AI score0.00309EPSS
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.26 views

CleanMyMac X removeDiagnosticLogs privilege escalation vulnerability

Summary The CleanMyMac X software contains an exploitable privilege escalation vulnerability due to improper input validation. An attacker with local access can use this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product URLs https://macpaw.com/cleanmymac...

7.1CVSS6AI score0.00306EPSS
Exploits0
Talos
Talos
added 2018/12/21 12:0 a.m.132 views

Telegram Android Secret Chats Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the “Secret Chats” functionality of the Telegram Android messaging application version 4.9.0. The “Secret Chats” functionality allows a user to delete all traces of a chat, either by using a time trigger or by direct request...

5.5CVSS4.8AI score0.00428EPSS
Exploits1
Talos
Talos
added 2018/12/17 12:0 a.m.82 views

Webroot BrightCloud SDK HTTP headers-parsing code execution vulnerability

Summary An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bchttpreadheader incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightClo...

9.3CVSS8.6AI score0.02546EPSS
Exploits1
Talos
Talos
added 2018/12/17 12:0 a.m.106 views

Webroot BrightCloud SDK HTTP connection unsafe defaults vulnerability

Summary An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightClou...

8.1CVSS8.4AI score0.00732EPSS
Exploits0
Talos
Talos
added 2018/12/11 12:0 a.m.63 views

Adobe Acrobat Reader DC Text Field Value Remote Code Execution Vulnerability

Summary A specific JavaScript code embedded in a PDF file can lead to a heap corruption when opening a PDF document in Adobe Acrobat Reader DC 2019.8.20071. With careful memory manipulation, this can lead to arbitrary code execution. In order to trigger this vulnerability, the victim would need t...

9.8CVSS7.1AI score0.09744EPSS
Exploits0
Talos
Talos
added 2018/12/10 12:0 a.m.24 views

Facebook WhatsApp Desktop Multiple Web Connection Notice Bypass Vulnerability

Summary An exploitable notice bypass vulnerability exists in the multiple web connections functionality of Facebook WhatsApp Desktop version 0.2.9739. This functionality allows a user to choose what to do when multiple desktop sessions are initiated using WhatsApp Desktop. By stealing the session...

7AI score
Exploits0
Total number of security vulnerabilities2218