2204 matches found
Tablib Yaml Load Code Execution Vulnerability
Summary An exploitable vulnerability exists in the Databook loading functionality of Tablib. A yaml loaded Databook can execute arbitrary python commands resulting in command execution. An attacker can insert python into loaded yaml to trigger this vulnerability. Tested Versions Tablib v0.11.4...
MuPDF Fitz library font glyph scaling Code Execution Vulnerability
Summary An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer. A specially crafted PDF file can cause a out of bounds write resulting in heap metadata and sensitive process memory corruption leading to potential code execution. Victi...
Artifex MuPDf JBIG2 Parser Code Execution Vulnerability
Summary An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9. A specially crafted PDF can cause a negative number to be passed to a memset resulting in memory corruption and potential code execution. An attacker can specially craft a PDF and send to the...
Hancom Thinkfree NEO Hangul Word Processor HWPTAG_TAB_DEF Tab Count Code Execution Vulnerability
Summary An exploitable heap-based buffer overflow exists in the Hangul Word Processor component version 9.6.1.4350 of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause an integer underflow resulting in a buffer overflow which can lead to code execution under th...
PowerISO ISO Parsing Use After Free
Summary A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific .ISO file to trigger this vulnerability. Tested Versions PowerISO 6.8 6, ...
PowerIso Parsing Code Execution Vulnerability
Summary An stack buffer overflow vulnerability exists in the ISO parsing functionality of Power Software Ltd PowerISO. A specially crafted ISO file can cause a vulnerability resulting in potential code execution. An attacker can send a specific ISO file to trigger this vulnerability. Tested...
AntennaHouse DMC HTMLFilter Txo Code Execution Vulnerability
Summary An exploitable heap corruption vulnerability exists in the Txo functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to trigge...
AntennaHouse DMC HTMLFilter PPT DHFSummary Code Execution Vulnerability
Summary An exploitable stack-based buffer overflow vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a stack corruption resulting in arbitrary code execution. An attacker can send/provide maliciou...
AntennaHouse DMC HTMLFilter Doc_SetSummary Code Execution Vulnerability
AntennaHouse DMC HTMLFilter DocSetSummary Code Execution Vulnerability Summary An exploitable heap corruption vulnerability exists in the DocSetSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An...
AntennaHouse DMC HTMLFilter PPT ParseEnvironment Code Execution Vulnerability
Summary An exploitable heap overflow vulnerability exists in the ParseEnvironment functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious PPT fil...
AntennaHouse DMC HTMLFilter GetIndexArray Code Execution Vulnerability
Summary An exploitable heap corruption vulnerability exists in the GetIndexArray functionality of AntennaHouse DMC HTMLFilter as used by MarkLogioc 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide a malicious XLS...
AntennaHouse DMC HTMLFilter AddSst Code Execution Vulnerability
Summary An exploitable heap corruption vulnerability exists in the AddSst functionality of AntennaHouse DMC HTMLFilter as used by MarkLogioc 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide a malicious XLS file to...
AntennaHouse DMC HTMLFilter DHFSummary Code Execution Vulnerability
Summary An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can provide a malicious doc file to trigger this vulnerability...
WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability
Summary An exploitable off-by-one write vulnerability exists in the x509 certificate parsing functionality of wolfSSL library versions up to 3.10.2. A specially crafted x509 certificate can cause a single out of bounds byte overwrite resulting in potential certificate validation vulnerabilities,...
AntennaHouse DMC HTMLFilter UnCompressUnicode Code Execution Vulnerability
Summary An exploitable heap corruption vulnerability exists in the UnCompressUnicode functionality of AntennaHouse DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS fil...
AntennaHouse DMC HTMLFilter FillRowFormat Code Execution Vulnerability
Summary An exploitable heap corruption vulnerability exists in the FillRowFormat functionality of AntennaHouse DMC HTMLFilter that is shipped with MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide maliciou...
AntennaHouse DMC HTMLFilter iBldDirInfo Code Execution Vulnerability
Summary An exploitable heap corruption vulnerability exists in the iBldDirInfo functionality of AntennaHouse DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can provide a malicious xls file to...
AntennaHouse DMC HTMLFilter Doc_GetFontTable Code Execution Vulnerability
Summary An exploitable heap corruption vulnerability exists in the DocGetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger this...
Randombit Botan Library X509 Certificate Validation Bypass Vulnerability
Summary A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in...
Zabbix Proxy Server SQL Database Write Vulnerability
Summary An exploitable database write vulnerability exists in the trapper functionality of Zabbix Server 2.4.X . Specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker set up a Man-in-the-Middle server to alter trapper requests made between ...
Zabbix Server Active Proxy Trapper Remote Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X . A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger this...
IrfanView JPEG 2000 Reference Tile Width Arbitrary Code Execution Vulnerability
IrfanView JPEG 2000 Reference Tile Width Arbitrary Code Execution Vulnerability Summary An exploitable integer overflow vulnerability exists in the JPEG 2000 parser functionality of IrfanView 4.44. A specially crafted jpeg2000 image can cause an integer overflow leading to wrong memory allocation...
Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability
Talos Vulnerability Report TALOS-2017-0231 Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability April 21, 2017 Report ID CVE-2016-8717 Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The devic...
Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability
Summary An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1. The device operating system contains an undocumented, privileged root account with hard-coded credentials, giving attackers full control of affected devices...
ARM Mbedtls x509 ECDSA invalid public key Remote Code Execution Vulnerability
Summary An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbedTLS 2.4.0. A specially crafted x509 certificate, when parsed by mbedTLS library, can cause an invalid free of a stack pointer leading to a potential remote code execution. In order ...
Lexmark Perceptive Document Filters XLS ShapeHLink Information Disclosure Vulnerability
Summary An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory disclosure. The vulnerability was confirmed on versions 11.3.0.2228 and 11.3.0.2400 Tested...
Moxa AWK-3131A Web Application Ping Command Injection Vulnerability
Summary An exploitable OS Command Injection vulnerability exists in the web application ‘ping’ functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the vulnerable device...
Moxa AWK-3131A HTTP GET Denial of Service Vulnerability
Summary An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an ‘/’ will cause a segmentation fault in the web server. An attacker can send any of a multitude of...
Moxa AWK-3131A Web Application Cross-Site Request Forgery Vulnerability
Summary An exploitable Cross-Site Request Forgery vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted form can trick a client into making an unintentional request to the web server which will be treated as an...
Moxa AWK-3131A Web Application Multiple Reflected Cross-Site Scripting Vulnerabilities
Summary An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multiple parameters, can cause a malicious scripts to be executed by a victim. Tested Versions...
Moxa AWK-3131A Web Application onekey Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker. Tested Versions Moxa...
Moxa AWK-3131A web_runScript Header Manipulation Denial of Service Vulnerability
Summary An exploitable null pointer dereference vulnerability exists in the Web Application /forms/webrunScript iwfilename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. An HTTP POST request with a blank line in the header will cause a segmentation fault in the web...
Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability
Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability Summary An exploitable Information Disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Series Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client. Retrieving a specific URL without...
Moxa AWK-3131A Web Application systemlog.log Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the Web Application functionality of the Moxa AWK-3131A wireless access point running firmware 1.1. Retrieving a specific URL without authentication can reveal sensitive information to an attacker. Tested Versions Moxa AWK-3131...
Moxa AWK-3131A serviceAgent Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the serviceAgent functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted TCP query will allow an attacker to retrieve potentially sensitive information. Tested Versions Moxa AWK-3131A...
Moxa AWK-3131A Web Application Cleartext Transmission of Password Vulnerability
Summary An exploitable Cleartext Transmission of Password vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. The Change Password functionality of the Web Application transmits the password in cleartext. An attacker capable of...
Moxa AWK-3131A Web Application bkpath HTTP Header Injection Vulnerability
Summary An exploitable HTTP Header Injection vulnerability exists in the Web Application functionality of the Moxa AWK-3131A Wireless Access Point running firmware 1.1. A specially crafted HTTP request can inject a payload in the bkpath parameter which will be copied in to Location header of the...
Moxa AWK-3131A Web Application Nonce Reuse Vulnerability
Summary An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300 seconds. Teste...
Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability
Summary An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the...
National Instruments LabVIEW LvVarientUnflatten Code Execution Vulnerability
Summary An exploitable memory corruption vulnerability exists in the LvVarientUnflatten functionality of LabVIEW 2016 version 16.0.0.49152. A specially crafted VI file can cause a user controlled value to be used as a loop terminator resulting in internal heap corruption. An attacker controlled V...
Apple OS X and iOS x509 certificate parsing Name Constraints Remote Code Execution Vulnerability
Summary An exploitable use-after-free vulnerability exists in the x509 certificate validation functionality in Apple macOS Sierra 10.12.3 release and 10.12.4 public beta versions and iOS 10.2.1. A specially crafted x509 certificate can trigger a use-after-free vulnerability potentially resulting ...
R PDF LoadEncoding Code Execution Vulnerability
Summary An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this...
Pharos PopUp Printer Client DecodeString Code Execution Vulnerability
Summary An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is always...
Pharos PopUp Printer Client memcpy Code Execution Vulnerability
Summary A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening...
Pharos PopUp Printer Client DecodeString Code Execution Vulnerability
Summary A denial of service vulnerability exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to an out of bounds read causing a crash and a denial of service. Tested Versions Pharos PopUp...
Pharos PopUp Printer Client DecodeBinary Code Execution Vulnerability
Summary An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is always...
Iceni Argus PDF Font-Encoding GlyphMap Adjustment Code Execution Vulnerability
Summary An exploitable arbitrary heap-overwrite vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will explicitly trust an index within the specific font object and use it to write the font’s name to a single object within an array of objects. Due to ...
Ichitaro Office Excel File Code Execution Vulnerability
Summary A vulnerability was discovered within the Ichitaro word processor. Ichitaro is published by JustSystems and is considered one of the more popular word processors used within Japan. Ichitaro handles Microsoft Excel’s .xls file format. When processing a record type of 0x3c from a Workbook...
Iceni Argus ipStringCreate Code Execution Vulnerability
Summary An exploitable heap overflow vulnerability exists in the ipStringCreate function of Iceni Argus Version 6.6.05. A specially crafted pdf file can cause an integer overflow resulting in heap overflow. An attacker can send file to trigger this vulnerability. Tested Versions Iceni Argus 6.6.0...
Iceni Argus icnChainAlloc Signed Comparison Code Execution Vulnerability
Summary An exploitable heap corruption vulnerability exists in the loadTrailer functionality of Iceni Argus version 6.6.05. A specially crafted PDF file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide a malicious PDF file to trigger this...