Vulnerability Reports

Current Report Totals for 2022

73

Open Reported Zero-DaysReported to the vendor but not yet publicly disclosed.

210

Publicly Disclosed Vulnerabilities
Report ID Title Report Date CVE Number CVSS Score
TALOS-2022-1644 PowerISO VHD File Format parsing CXSPARSE record memory corruption vulnerability 2022-12-07 CVE-2022-41992 7.8
TALOS-2022-1603 NVIDIA D3D10 Driver Shader Functionality MOV instruction memory corruption vulnerability 2022-12-06 CVE-2022-34671 8.5
TALOS-2022-1604 NVIDIA D3D10 Driver Shader Functionality DCL_INDEXRANGE instruction memory corruption vulnerability 2022-12-06 CVE-2022-34671 8.5
TALOS-2022-1530 Lansweeper lansweeper KnowledgebasePageActions.aspx ImportArticles directory traversal vulnerability 2022-12-01 CVE-2022-29511 9.1
TALOS-2022-1528 Lansweeper lansweeper AssetActions.aspx directory traversal vulnerability 2022-12-01 CVE-2022-32573 9.9
TALOS-2022-1531 Lansweeper lansweeper TicketTemplateActions.aspx GetTemplateAttachment directory traversal vulnerability 2022-12-01 CVE-2022-27498 9.1
TALOS-2022-1529 Lansweeper lansweeper HelpdeskActions.aspx edittemplate directory traversal vulnerability 2022-12-01 CVE-2022-29517 9.9
TALOS-2022-1541 Lansweeper lansweeper SanitizeHtml cross-site scripting (XSS) vulnerability 2022-12-01 CVE-2022-32763 9.1
TALOS-2022-1532 Lansweeper lansweeper HdConfigActions.aspx altertextlanguages stored cross-site scripting vulnerability 2022-12-01 CVE-2022-28703 9.1
TALOS-2022-1649 Callback technologies CBFS Filter handle_ioctl_0x830a0_systembuffer null pointer dereference vulnerability 2022-11-22 CVE-2022-43590 6.2
TALOS-2022-1647 Callback technologies CBFS Filter handle_ioctl_83150 null pointer dereference vulnerability 2022-11-22 CVE-2022-43588 6.2
TALOS-2022-1648 Callback technologies CBFS Filter handle_ioctl_8314C null pointer dereference vulnerability 2022-11-22 CVE-2022-43589 6.2
TALOS-2022-1591 Microsoft Office class attribute double-free vulnerability 2022-11-15 CVE-2022-41106 7.8
TALOS-2022-1600 Foxit Reader deletePages Field Calculate use-after-free vulnerability 2022-11-10 CVE-2022-32774 8.8
TALOS-2022-1614 Foxit Reader Optional Content Group use-after-free vulnerability 2022-11-10 CVE-2022-40129 8.8
TALOS-2022-1602 Foxit Reader openPlayer use-after-free vulnerability 2022-11-10 CVE-2022-37332 8.8
TALOS-2022-1601 Foxit Reader annotation destroy use-after-free vulnerability 2022-11-10 CVE-2022-38097 8.8
TALOS-2022-1519 InHand Networks InRouter302 console infct leftover debug code vulnerability 2022-10-27 CVE-2022-30543 4.3
TALOS-2022-1521 InHand Networks InRouter302 console support leftover debug code vulnerability 2022-10-27 CVE-2022-28689 6.5
TALOS-2022-1544 Accusoft ImageGear PICT parsing pctwread_14841 out-of-bounds write vulnerability 2022-10-27 CVE-2022-32588 9.8
TALOS-2022-1523 InHand Networks InRouter302 Incorrect fixes privilege escalation vulnerability 2022-10-27 CVE-2022-25932 7.4
TALOS-2022-1522 InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability 2022-10-27 CVE-2022-29888 6.5
TALOS-2022-1518 InHand Networks InRouter302 console nvram leftover debug code vulnerability 2022-10-27 CVE-2022-29481 4.9
TALOS-2022-1520 InHand Networks InRouter302 console verify leftover debug code vulnerability 2022-10-27 CVE-2022-26023 6.5
TALOS-2022-1585 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect format string injection vulnerabilities 2022-10-20 CVE-2022-35887,CVE-2022-35884,CVE-2022-35886,CVE-2022-35885 8.2
TALOS-2022-1569 Abode Systems, Inc. iota All-In-One Security Kit telnet hard-coded password vulnerability 2022-10-20 CVE-2022-29889 9.8
TALOS-2022-1567 Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_abode_code OS command injection vulnerability 2022-10-20 CVE-2022-27804 8.0
TALOS-2022-1583 Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities 2022-10-20 CVE-2022-35881,CVE-2022-35880,CVE-2022-35878,CVE-2022-35879 7.1
TALOS-2022-1553 Abode Systems, Inc. iota All-In-One Security Kit XFINDER information disclosure vulnerability 2022-10-20 CVE-2022-29475 4.7
TALOS-2022-1581 Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP format string injection vulnerabilities 2022-10-20 CVE-2022-35876,CVE-2022-35875,CVE-2022-35877,CVE-2022-35874 8.2
TALOS-2022-1557 Abode Systems, Inc. iota All-In-One Security Kit XCMD setUPnP OS command injection vulnerability 2022-10-20 CVE-2022-30541 10.0
TALOS-2022-1568 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect OS command injection vulnerabilities 2022-10-20 CVE-2022-33207,CVE-2022-33205,CVE-2022-33206,CVE-2022-33204 10.0
TALOS-2022-1559 Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP OS command injection vulnerabilities 2022-10-20 CVE-2022-33192,CVE-2022-33195,CVE-2022-33193,CVE-2022-33194 10.0
TALOS-2022-1552 Abode Systems, Inc. iota All-In-One Security Kit GHOME control authentication bypass vulnerability 2022-10-20 CVE-2022-27805 9.8
TALOS-2022-1555 Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug denial of service vulnerability 2022-10-20 CVE-2022-32760 8.6
TALOS-2022-1558 Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability 2022-10-20 CVE-2022-33189 10.0
TALOS-2022-1560 Abode Systems, Inc. iota All-In-One Security Kit XCMD setIPCam stack-based buffer overflow vulnerability 2022-10-20 CVE-2022-32454 10.0
TALOS-2022-1554 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory* authentication bypass vulnerability 2022-10-20 CVE-2022-29477 8.6
TALOS-2022-1561 Abode Systems, Inc. iota All-In-One Security Kit console_main_loop :sys OS command injection vulnerability 2022-10-20 CVE-2022-29520 8.1
TALOS-2022-1584 Abode Systems, Inc. iota All-In-One Security Kit ghome_process_control_packet format string injection vulnerability 2022-10-20 CVE-2022-33938 8.2
TALOS-2022-1556 Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug OS Command Injection vulnerability 2022-10-20 CVE-2022-32773 10.0
TALOS-2022-1562 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/iperf OS command injection vulnerability 2022-10-20 CVE-2022-30603 10.0
TALOS-2022-1563 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost OS command injection vulnerability 2022-10-20 CVE-2022-32586 8.0
TALOS-2022-1564 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost integer overflow vulnerability 2022-10-20 CVE-2022-32775 9.0
TALOS-2022-1565 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamSetParamPost double-free vulnerability 2022-10-20 CVE-2022-32574 7.5
TALOS-2022-1566 Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_serial_mac OS command injection vulnerability 2022-10-20 CVE-2022-29472 10.0
TALOS-2022-1582 Abode Systems, Inc. iota All-In-One Security Kit XCMD getVarHA memory corruption vulnerability 2022-10-20 CVE-2022-35244 9.8
TALOS-2022-1577 Robustel R1510 js_package install OS command injection vulnerability 2022-10-14 CVE-2022-33150 9.1
TALOS-2022-1580 Robustel R1510 sysupgrade firmware update vulnerability 2022-10-14 CVE-2022-34845 6.7
TALOS-2022-1579 Robustel R1510 web_server /ajax/remove/ directory traversal vulnerability 2022-10-14 CVE-2022-33897 4.9
TALOS-2022-1578 Robustel R1510 web_server /action/import_authorized_keys/ OS command injection vulnerability 2022-10-14 CVE-2022-34850 9.1
TALOS-2022-1576 Robustel R1510 sysupgrade command injection OS command injection vulnerability 2022-10-14 CVE-2022-32765 9.1
TALOS-2022-1575 Robustel R1510 web_server hashFirst denial of service vulnerability 2022-10-14 CVE-2022-35262,CVE-2022-35263,CVE-2022-35267,CVE-2022-35268,CVE-2022-35265,CVE-2022-35270,CVE-2022-35261,CVE-2022-35269,CVE-2022-35266,CVE-2022-35271,CVE-2022-35264 4.9
TALOS-2022-1587 VMware vCenter Server Platform Services Controller Unsafe Deserialization vulnerability 2022-10-10 CVE-2022-31680 8.7
TALOS-2022-1574 Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability 2022-10-04 CVE-2022-33896 7.8
TALOS-2022-1517 uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities 2022-09-22 CVE-2022-29503 8.1
TALOS-2022-1497 Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability 2022-08-17 CVE-2022-35821 4.4
TALOS-2022-1549 WWBN AVideo aVideoEncoderReceiveImage information disclosure vulnerability 2022-08-16 CVE-2022-32761 6.5
TALOS-2022-1486 HDF5 Group libhdf5 gif2h5 out-of-bounds read vulnerability 2022-08-16 CVE-2022-25942 7.8
TALOS-2022-1547 WWBN AVideo aVideoEncoder unzipDirectory directory traversal vulnerability 2022-08-16 CVE-2022-30547 9.9
TALOS-2022-1539 WWBN AVideo image403 cross-site scripting (XSS) vulnerability 2022-08-16 CVE-2022-30690 9.6
TALOS-2022-1536 WWBN AVideo objects id handling authentication bypass vulnerability 2022-08-16 CVE-2022-32768,CVE-2022-32769 4.8
TALOS-2022-1538 WWBN AVideo footer alerts cross-site scripting (XSS) vulnerability 2022-08-16 CVE-2022-32770,CVE-2022-32772,CVE-2022-32771 9.6
TALOS-2022-1551 WWBN AVideo ObjectYPT SQL injection vulnerability 2022-08-16 CVE-2022-33147,CVE-2022-34652,CVE-2022-33149,CVE-2022-33148 8.3
TALOS-2022-1537 WWBN AVideo charts tab selection cross-site scripting (XSS) vulnerability 2022-08-16 CVE-2022-26842 9.6
TALOS-2022-1485 HDF5 Group libhdf5 gif2h5 out-of-bounds write vulnerability 2022-08-16 CVE-2022-25972 7.8
TALOS-2022-1542 WWBN AVideo cookie information disclosure vulnerability 2022-08-16 CVE-2022-32777,CVE-2022-32778 7.5
TALOS-2022-1546 WWBN AVideo aVideoEncoder chunkfile OS command injection vulnerability 2022-08-16 CVE-2022-30534 9.9
TALOS-2022-1534 WWBN AVideo all cross-site request forgery (csrf) vulnerability 2022-08-16 CVE-2022-29468 8.8
TALOS-2022-1515 Microsoft DirectComposition GetWeakReferenceBase null pointer dereference vulnerability 2022-08-16 CVE-2022-40733 5.0
TALOS-2022-1550 WWBN AVideo chunkFile information disclosure vulnerability 2022-08-16 CVE-2022-28710 6.5
TALOS-2022-1487 HDF5 Group libhdf5 gif2h5 heap-based buffer overflow vulnerability 2022-08-16 CVE-2022-26061 7.8
TALOS-2022-1548 WWBN AVideo aVideoEncoder wget OS command injection vulnerability 2022-08-16 CVE-2022-32572 9.9
TALOS-2022-1545 WWBN AVideo password hash improper authentication vulnerability 2022-08-16 CVE-2022-32282 7.2
TALOS-2022-1535 WWBN AVideo session id privilege escalation vulnerability 2022-08-16 CVE-2022-30605 8.8
TALOS-2022-1540 WWBN AVideo videoAddNew cross-site scripting (XSS) vulnerability 2022-08-16 CVE-2022-28712 9.0
TALOS-2022-1514 Microsoft DirectComposition CCompositionSurfaceBitmapMarshaler null pointer dereference vulnerability 2022-08-16 CVE-2022-40732 5.0
TALOS-2022-1533 ESTsoft Alyac OLE header Mini FAT sectors integer overflow 2022-08-03 CVE-2022-29886 7.3
TALOS-2022-1527 ESTsoft Alyac OLE header parsing integer overflow 2022-08-03 CVE-2022-32543 7.3
TALOS-2022-1458 TCL LinkHub Mesh Wifi confsrv ucloud_add_node OS command injection vulnerability 2022-08-01 CVE-2022-22140 9.6
TALOS-2022-1506 TCL LinkHub Mesh Wi-Fi confctl_set_wan_cfg denial of service vulnerability 2022-08-01 CVE-2022-27178 9.6
TALOS-2022-1454 TCL LinkHub Mesh Wifi confsrv set_port_fwd_rule stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-23399 8.8
TALOS-2022-1482 TCL LinkHub Mesh Wi-Fi confsrv addTimeGroup stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-25996 8.8
TALOS-2022-1459 TCL LinkHub Mesh Wifi libcommonprod.so prod_change_root_passwd hard-coded password vulnerability 2022-08-01 CVE-2022-22144 7.5
TALOS-2022-1463 TCL LinkHub Mesh Wifi GetValue buffer overflow vulnerability 2022-08-01 CVE-2022-24021,CVE-2022-24011,CVE-2022-24028,CVE-2022-24023,CVE-2022-24026,CVE-2022-24016,CVE-2022-24005,CVE-2022-24019,CVE-2022-24029,CVE-2022-24007,CVE-2022-24017,CVE-2022-24008,CVE-2022-24006,CVE-2022-24013,CVE-2022-24009,CVE-2022-24010,CVE-2022-24020,CVE-2022-24015,CVE-2022-24012,CVE-2022-24022,CVE-2022-24014,CVE-2022-24027,CVE-2022-24025,CVE-2022-24018,CVE-2022-24024 9.6
TALOS-2022-1455 TCL LinkHub Mesh Wifi confsrv set_mf_rule stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-23919,CVE-2022-23918 8.8
TALOS-2022-1503 TCL LinkHub Mesh Wifi confctl_get_guest_wlan information disclosure vulnerability 2022-08-01 CVE-2022-27633 6.5
TALOS-2022-1457 TCL LinkHub Mesh Wifi confsrv ucloud_add_node_new OS command injection vulnerability 2022-08-01 CVE-2022-21178 9.6
TALOS-2022-1507 TCL LinkHub Mesh Wifi ucloud_del_node denial of service vulnerability 2022-08-01 CVE-2022-26346 9.6
TALOS-2022-1483 TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-26009 8.8
TALOS-2022-1505 TCL LinkHub Mesh Wifi confctl_set_master_wlan denial of service vulnerability 2022-08-01 CVE-2022-27185 9.3
TALOS-2022-1462 TCL LinkHub Mesh Wi-Fi confsrv confctl_set_app_language stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-23103 8.8
TALOS-2022-1502 TCL LinkHub Mesh Wifi confctl_set_guest_wlan denial of service vulnerability 2022-08-01 CVE-2022-27660 9.3
TALOS-2022-1456 TCL LinkHub Mesh Wifi confers ucloud_add_node_new stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-21201 8.8
TALOS-2022-1484 TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location buffer overflow vulnerability 2022-08-01 CVE-2022-26342 8.8
TALOS-2022-1504 TCL LinkHub Mesh Wifi confctl_get_master_wlan information disclosure vulnerability 2022-08-01 CVE-2022-27630 6.5
TALOS-2022-1510 DD-WRT httpd unescape memory corruption vulnerability 2022-07-27 CVE-2022-27631 5.3
TALOS-2022-1511 Asuswrt and Asuswrt-Merlin New Gen httpd unescape memory corruption vulnerability 2022-07-27 CVE-2022-26376 5.3
TALOS-2022-1509 FreshTomato httpd unescape memory corruption vulnerability 2022-07-27 CVE-2022-28665,CVE-2022-28664 5.3
TALOS-2022-1526 Accusoft ImageGear PSD Header processing memory allocation out-of-bounds write vulnerability 2022-07-18 CVE-2022-29465 8.1
TALOS-2022-1508 Google Chrome WebGPU DoBufferDestroy kDirect allocation use-after-free vulnerability 2022-07-14 CVE-2022-2399 8.3
TALOS-2022-1525 Adobe Acrobat Reader DC event value use-after-free 2022-07-13 CVE-2022-34230 8.8
TALOS-2022-1516 Adobe Acrobat Reader DC overlapping annotations type confusion vulnerability 2022-07-13 CVE-2022-34221 8.8
TALOS-2022-1570 Robustel R1510 clish art2 command execution vulnerability 2022-06-30 CVE-2022-32585 9.1
TALOS-2022-1573 Robustel R1510 web_server ajax endpoints OS command injection vulnerabilities 2022-06-30 CVE-2022-33326,CVE-2022-33329,CVE-2022-33327,CVE-2022-33325,CVE-2022-33328 9.1
TALOS-2022-1571 Robustel R1510 web_server /action/remove/ API data removal vulnerability 2022-06-30 CVE-2022-28127 8.7
TALOS-2022-1572 Robustel R1510 web_server action endpoints OS command injection vulnerabilities 2022-06-30 CVE-2022-33312,CVE-2022-33313,CVE-2022-33314 9.1
TALOS-2022-1524 Blynk Blynk-Library BlynkConsole.h runCommand stack-based buffer overflow vulnerability 2022-06-15 CVE-2022-29496 9.0
TALOS-2022-1461 Bachmann Visutec GmbH Atvise License registration information disclosure vulnerability 2022-06-15 CVE-2022-21184 5.9
TALOS-2022-1440 Anker Eufy Homebase 2 mips_collector appsrv_server use-after-free vulnerability 2022-06-15 CVE-2022-21806 10.0
TALOS-2022-1489 Open Automation Software Platform Engine SecureAddSecurity external config control vulnerability 2022-05-25 CVE-2022-26043 7.5
TALOS-2022-1492 Open Automation Software Platform Engine SecureTransferFiles information disclosure vulnerability 2022-05-25 CVE-2022-26067 4.9
TALOS-2022-1494 Open Automation Software Platform Engine SecureBrowseFile information disclosure vulnerability 2022-05-25 CVE-2022-27169 7.5
TALOS-2022-1488 Open Automation Software Platform Engine SecureAddUser External config control vulnerability 2022-05-25 CVE-2022-26303 7.5
TALOS-2022-1513 Open Automation Software OAS Platform REST API unauthenticated vulnerability 2022-05-25 CVE-2022-26833 9.4
TALOS-2022-1493 Open Automation Software Platform Engine SecureTransferFiles file write vulnerability 2022-05-25 CVE-2022-26082 9.1
TALOS-2022-1490 Open Automation Software Platform Engine cleartext transmission of sensitive information vulnerability 2022-05-25 CVE-2022-26077 7.5
TALOS-2022-1491 Open Automation Software Platform Engine SecureConfigValues denial of service vulnerability 2022-05-25 CVE-2022-26026 7.5
TALOS-2021-1435 NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXABLE memory corruption vulnerability 2022-05-17 CVE-2022-28181 8.5
TALOS-2021-1437 NVIDIA nvwgf2umx_cfg.dll shader DCL_UNORDERED_ACCESS_VIEW_STRUCTURED memory corruption vulnerability 2022-05-17 CVE-2022-28182 8.5
TALOS-2021-1438 NVIDIA nvwgf2umx_cfg.dll shader DCL_RESOURCE_STRUCTURED memory corruption vulnerability 2022-05-17 CVE-2022-28182 8.5
TALOS-2021-1436 NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXRANGE memory corruption vulnerability 2022-05-17 CVE-2022-28182 8.5
TALOS-2022-1499 InHand Networks InRouter302 console infactory_port OS command injection vulnerability 2022-05-10 CVE-2022-26420 9.9
TALOS-2022-1495 InHand Networks InRouter302 iburn firmware checks firmware update vulnerability 2022-05-10 CVE-2022-26510 9.9
TALOS-2022-1472 InHand Networks InRouter302 router configuration import privilege escalation vulnerability 2022-05-10 CVE-2022-21182 7.4
TALOS-2022-1473 InHand Networks InRouter302 httpd wlscan_ASP OS command injection vulnerability 2022-05-10 CVE-2022-26085 9.9
TALOS-2022-1452 ESTsoft Alyac PE section headers out of bounds read 2022-05-10 CVE-2022-21147 5.0
TALOS-2022-1474 InHand Networks InRouter302 router configuration export information disclosure vulnerability 2022-05-10 CVE-2022-26020 6.3
TALOS-2022-1469 InHand Networks InRouter302 info.jsp cross-site scripting (XSS) vulnerability 2022-05-10 CVE-2022-21238 5.4
TALOS-2022-1500 InHand Networks InRouter302 console infactory_wlan command injection vulnerability 2022-05-10 CVE-2022-26075 9.9
TALOS-2022-1475 InHand Networks InRouter302 console factory OS command injection vulnerability 2022-05-10 CVE-2022-26007 9.1
TALOS-2022-1477 InHand Networks InRouter302 console inhand command execution vulnerability 2022-05-10 CVE-2022-25995 9.9
TALOS-2022-1476 InHand Networks InRouter302 console factory stack-based buffer overflow vulnerability 2022-05-10 CVE-2022-26002 9.1
TALOS-2022-1468 InHand Networks InRouter302 httpd upload.cgi file write vulnerability 2022-05-10 CVE-2022-21809 9.9
TALOS-2022-1470 InHand Networks InRouter302 web interface session cookie information disclosure vulnerability 2022-05-10 CVE-2022-25172 7.5
TALOS-2022-1471 InHand Networks InRouter302 httpd parse_ping_result API buffer overflow vulnerability 2022-05-10 CVE-2022-24910 8.2
TALOS-2022-1496 InHand Networks InRouter302 console infactory hard-coded password vulnerability 2022-05-10 CVE-2022-27172 4.3
TALOS-2022-1478 InHand Networks InRouter302 daretools binary OS command injection vulnerability 2022-05-10 CVE-2022-26042 9.9
TALOS-2022-1501 InHand Networks InRouter302 console infactory_net command injection vulnerability 2022-05-10 CVE-2022-26518 9.9
TALOS-2022-1481 InHand Networks InRouter302 libnvram.so nvram_import improper input validation vulnerabilities 2022-05-10 CVE-2022-26780,CVE-2022-26781,CVE-2022-26782 9.9
TALOS-2021-1412 WPS Office HtmTableAlt use-after-free vulnerability 2022-05-09 CVE-2021-40399 8.8
TALOS-2022-1480 Anker Eufy Homebase 2 libxm_av.so DemuxCmdInBuffer buffer overflow vulnerability 2022-05-05 CVE-2022-26073 7.4
TALOS-2022-1479 Anker Eufy Homebase 2 libxm_av.so getpeermac() authentication bypass vulnerability 2022-05-05 CVE-2022-25989 7.1
TALOS-2022-1465 Accusoft ImageGear IGXMPXMLParser::parseDelimiter stack-based buffer overflow vulnerability 2022-05-02 CVE-2022-23400 7.1
TALOS-2022-1449 Accusoft ImageGear ioca_mys_rgb_allocate memory corruption vulnerability 2022-05-02 CVE-2022-22137 9.8
TALOS-2022-1512 ArduPilot APWeb cgi.c unescape memory corruption vulnerability 2022-04-14 CVE-2022-28711 5.3
TALOS-2021-1411 Accusoft ImageGear parse_raster_data out-of-bounds write vulnerability 2022-03-31 CVE-2021-40398 8.1
TALOS-2021-1434 Sound Exchange libsox sphere.c start_read() heap-based buffer overflow vulnerability 2022-03-23 CVE-2021-40426 10.0
TALOS-2021-1433 Webroot Secure Anywhere IOCTL GetProcessCommand and B_03 out-of-bounds read vulnerability 2022-03-15 CVE-2021-40425,CVE-2021-40424 7.1
TALOS-2022-1464 Leadtools fltSaveCMP integer overflow vulnerability 2022-03-15 CVE-2022-21154 8.8
TALOS-2021-1416 Gerbv RS-274X aperture macro multiple outline primitives out-of-bounds read vulnerability 2022-02-28 CVE-2021-40402 9.3
TALOS-2021-1431 Swift Sensors Gateway device password generation authentication bypass vulnerability 2022-02-28 CVE-2021-40422 10.0
TALOS-2022-1442 Lansweeper WebUserActions.aspx Stored XSS vulnerability 2022-02-28 CVE-2022-21145 9.1
TALOS-2021-1413 Gerbv RS-274X aperture macro outline primitive out-of-bounds read vulnerability 2022-02-28 CVE-2021-40400 9.3
TALOS-2022-1441 Lansweeper lansweeper HelpdeskSetupActions SQL injection vulnerability 2022-02-28 CVE-2022-22149 9.1
TALOS-2022-1467 MZ Automation GmbH libiec61850 parseNormalModeParameters denial of service vulnerability 2022-02-28 CVE-2022-21159 7.5
TALOS-2022-1444 Lansweeper lansweeper AssetActions.aspx SQL injection vulnerability 2022-02-28 CVE-2022-21210 6.6
TALOS-2022-1443 Lansweeper lansweeper EchoAssets.aspx SQL injection vulnerability 2022-02-28 CVE-2022-21234 9.1
TALOS-2021-1373 Accusoft ImageGear XWD parser::xwdread_pixmapformat_0_or_1 heap-based buffer overflow vulnerability 2022-02-23 CVE-2021-21943 9.8
TALOS-2021-1371 Accusoft ImageGear TIFF YCbCr image parser out-of-bounds write vulnerability 2022-02-23 CVE-2021-21942 9.8
TALOS-2021-1375 Accusoft ImageGear JPEG-JFIF lossless Huffman parser heap-based buffer overflow vulnerabilities 2022-02-23 CVE-2021-21947,CVE-2021-21946 9.8
TALOS-2021-1362 Accusoft ImageGear DecoderStream::Append heap-based buffer overflow vulnerability 2022-02-23 CVE-2021-21914 9.8
TALOS-2021-1374 Accusoft ImageGear TIFF parser heap-based buffer overflow vulnerabilities 2022-02-23 CVE-2021-21945,CVE-2021-21944 9.8
TALOS-2021-1377 Accusoft ImageGear JPEG-JFIF Scan header parser out-of-bounds write vulnerability 2022-02-23 CVE-2021-21949 9.8
TALOS-2021-1368 Accusoft ImageGear XWD parser heap-based buffer overflow vulnerability 2022-02-23 CVE-2021-21939 9.8
TALOS-2021-1367 Accusoft ImageGear Palette box parser heap-based buffer overflow vulnerability 2022-02-23 CVE-2021-21938 9.8
TALOS-2022-1460 KiCad EDA Gerber Viewer gerber and excellon GCode/Dcode parsing stack-based buffer overflow vulnerability 2022-02-16 CVE-2022-23947,CVE-2022-23946 7.8
TALOS-2022-1453 KiCad EDA Gerber Viewer gerber and excellon coordinates parsing stack-based buffer overflow vulnerability 2022-02-16 CVE-2022-23804,CVE-2022-23803 7.8
TALOS-2021-1386 Hancom Office 2020 Hword HwordApp.dll SectorLoc heap-based buffer overflow 2022-02-15 CVE-2021-21958 7.8
TALOS-2021-1393 Texas Instruments CC3200 SimpleLink Solution HTTP Server /ping.html information disclosure vulnerability 2022-02-15 CVE-2021-21966 5.3
TALOS-2021-1401 Moxa MXView Series Web Application authentication bypass vulnerability 2022-02-11 CVE-2021-40390 10.0
TALOS-2021-1403 Moxa MXView Series Web Application information disclosure vulnerability 2022-02-11 CVE-2021-40392 5.3
TALOS-2021-1397 Sealevel Systems, Inc. SeaConnect 370W URL_decode out-of-bounds write vulnerability 2022-02-01 CVE-2021-21971 3.7
TALOS-2021-1388 Sealevel Systems, Inc. SeaConnect 370W MQTTS Certificate Validation vulnerability 2022-02-01 CVE-2021-21959 7.7
TALOS-2021-1389 Sealevel Systems, Inc. SeaConnect 370W LLMNR/NBNS stack-based buffer overflow vulnerabilities 2022-02-01 CVE-2021-21960,CVE-2021-21961 10.0
TALOS-2021-1396 Sealevel Systems, Inc. SeaConnect 370W HandleSeaCloudMessage out-of-bounds write vulnerabilities 2022-02-01 CVE-2021-21970,CVE-2021-21969 3.7
TALOS-2021-1395 Sealevel Systems, Inc. SeaConnect 370W OTA update task file overwrite vulnerability 2022-02-01 CVE-2021-21968 8.1
TALOS-2021-1394 Sealevel Systems, Inc. SeaConnect 370W OTA update task out-of-bounds write vulnerability 2022-02-01 CVE-2021-21967 6.5
TALOS-2021-1392 Sealevel Systems, Inc. SeaConnect 370W Modbus/SeaMAX Remote Configuration denial of service vulnerabilities 2022-02-01 CVE-2021-21965,CVE-2021-21964 8.6
TALOS-2021-1390 Sealevel Systems, Inc. SeaConnect 370W OTA Update "u-download" heap-based buffer overflow vulnerability 2022-02-01 CVE-2021-21962 9.0
TALOS-2021-1406 Eclipse Foundation Paho MQTTClient-C library readPacket out-of-bounds write vulnerability 2022-02-01 CVE-2021-41036 9.8
TALOS-2021-1391 Sealevel Systems, Inc. SeaConnect 370W Web Server information disclosure vulnerability 2022-02-01 CVE-2021-21963 7.4
TALOS-2021-1429 Foxit Reader deletePages use-after-free vulnerability 2022-01-31 CVE-2021-40420 8.8
TALOS-2021-1415 Gerbv RS-274X aperture definition tokenization use-after-free vulnerability 2022-01-31 CVE-2021-40401 10.0
TALOS-2022-1439 Foxit Reader getPageNthWordQuads mishandled exception vulnerability 2022-01-31 CVE-2022-22150 8.8
TALOS-2021-1417 Gerbv pick-and-place rotation parsing use of uninitialized variable vulnerability 2022-01-31 CVE-2021-40403 5.8
TALOS-2021-1398 Google Chrome MediaStreamTrackGenerator use after free vulnerability 2022-01-27 CVE-2021-38008 8.3
TALOS-2021-1428 Reolink RLC-410W "factory" binary firmware update vulnerability 2022-01-26 CVE-2021-40419 10.0
TALOS-2021-1422 Reolink RLC-410W cgiserver.cgi Upgrade API denial of service vulnerability 2022-01-26 CVE-2021-40405 7.7
TALOS-2022-1446 Reolink RLC-410W web server misconfiguration information disclosure vulnerability 2022-01-26 CVE-2022-21236 8.1
TALOS-2022-1451 Reolink RLC-410W netserver parse_command_list memory corruption vulnerability 2022-01-26 CVE-2022-21796 9.3
TALOS-2021-1421 Reolink RLC-410W cgiserver.cgi JSON command parser denial of service vulnerabilities 2022-01-26 CVE-2021-44354,CVE-2021-44355, CVE-2021-44356, CVE-2021-44357, CVE-2021-44358, CVE-2021-44359, CVE-2021-44360, CVE-2021-44361, CVE-2021-44362, CVE-2021-44363, CVE-2021-44364, CVE-2021-44365, CVE-2021-44366, CVE-2021-44367, CVE-2021-44368, CVE-2021-44369, CVE-2021-44370, CVE-2021-44371, CVE-2021-44372, CVE-2021-44373, CVE-2021-44374, CVE-2021-44375, CVE-2021-44376, CVE-2021-44377, CVE-2021-44378, CVE-2021-44379, CVE-2021-44380, CVE-2021-44381, CVE-2021-44382, CVE-2021-44383, CVE-2021-44384, CVE-2021-44385, CVE-2021-44386, CVE-2021-44387, CVE-2021-44388, CVE-2021-44389, CVE-2021-44390, CVE-2021-44391, CVE-2021-44392, CVE-2021-44393, CVE-2021-44394, CVE-2021-44395, CVE-2021-44396, CVE-2021-44397, CVE-2021-44398, CVE-2021-44399, CVE-2021-44400,CVE-2021-44401, CVE-2021-44402,CVE-2021-44403,CVE-2021-44404,CVE-2021-44405, CVE-2021-44406, CVE-2021-44407, CVE-2021-44408, CVE-2021-44409, CVE-2021-44410, CVE-2021-44411, CVE-2021-44412, CVE-2021-44413, CVE-2021-44414, CVE-2021-44415, CVE-2021-44416, CVE-2021-44417, CVE-2021-44418, CVE-2021-44419 8.6
TALOS-2021-1423 Reolink RLC-410W cgiserver.cgi session creation denial of service vulnerability 2022-01-26 CVE-2021-40406 7.5
TALOS-2022-1448 Reolink RLC-410W hardcoded TLS key information disclosure vulnerability 2022-01-26 CVE-2022-21199 7.5
TALOS-2022-1450 Reolink RLC-410W netserver recv_command denial of service vulnerability 2022-01-26 CVE-2022-21801 8.6
TALOS-2021-1432 Reolink RLC-410W cgiserver.cgi command parser denial of service vulnerability 2022-01-26 CVE-2021-40423 7.5
TALOS-2021-1420 Reolink RLC-410W cgiserver.cgi Login authentication bypass vulnerability 2022-01-26 CVE-2021-40404 5.3
TALOS-2021-1424 Reolink RLC-410W device network settings OS command injection vulnerabilities 2022-01-26 CVE-2021-40407,CVE-2021-40408, CVE-2021-40409, CVE-2021-40410,CVE-2021-40411,CVE-2021-40412 9.1
TALOS-2022-1447 Reolink RLC-410W "update" firmware checks firmware update vulnerability 2022-01-26 CVE-2022-21134 8.3
TALOS-2022-1445 Reolink RLC-410W device TestEmail out-of-bounds write vulnerability 2022-01-26 CVE-2022-21217 9.1
TALOS-2021-1425 Reolink RLC-410W cgiserver.cgi cgi_check_ability improper access control vulnerabilities 2022-01-26 CVE-2021-40413, CVE-2021-40414, CVE-2021-40415,CVE-2021-40416 7.1
TALOS-2021-1414 Apple macOS ImageIO DDS image out-of-bounds read vulnerability 2022-01-25 CVE-2021-30939 5.3
TALOS-2021-1409 Advantech WISE-PaaS/OTA 3.0.9 Server installation privilege escalation vulnerability 2022-01-18 CVE-2021-40397 8.8
TALOS-2021-1408 Advantech DeviceOn/iService 1.1.7 Server installation privilege escalation vulnerability 2022-01-18 CVE-2021-40396 8.8
TALOS-2021-1399 Advantech SQ Manager Server 1.0.6 privilege escalation vulnerability 2022-01-18 CVE-2021-40388 8.8
TALOS-2021-1400 Advantech DeviceOn/iEdge Server 1.0.2 privilege escalation vulnerability 2022-01-18 CVE-2021-40389 8.8
TALOS-2021-1387 Adobe Acrobat Reader Javascript event.richValue use-after-free vulnerability 2022-01-11 CVE-2021-44710 8.8
TALOS-2021-1410 Adobe Acrobat Reader DC annotation gestures integer overflow vulnerability 2022-01-11 CVE-2021-44711 8.8
TALOS-2021-1376 AnyCubic Chitubox AnyCubic Plugin readDatHeadVec heap-based buffer overflow vulnerability 2022-01-10 CVE-2021-21948 7.8
TALOS-2021-1372 Google Chrome WebRTC RTPSenderVideoFrameTransformerDelegate memory corruption vulnerability 2022-01-10 CVE-2021-37979 7.1
TALOS-2021-1356 Garrett Metal Detectors iC Module CMA CLI setenv command directory traversal vulnerability 2021-12-20 CVE-2021-21904 9.1
TALOS-2021-1355 Garrett Metal Detectors iC Module CMA check_udp_crc strcpy stack-based buffer overflow vulnerability 2021-12-20 CVE-2021-21903 9.8
TALOS-2021-1357 Garrett Metal Detectors iC Module CMA CLI readfile stack-based buffer overflow vulnerabilities 2021-12-20 CVE-2021-21905,CVE-2021-21906 8.2
TALOS-2021-1353 Garrett Metal Detectors iC Module CMA check_udp_crc memcpy stack-based buffer overflow vulnerability 2021-12-20 CVE-2021-21901 9.8
TALOS-2021-1354 Garrett Metal Detectors iC Module CMA run_server_6877 authentication bypass vulnerability 2021-12-20 CVE-2021-21902 7.5
TALOS-2021-1358 Garrett Metal Detectors iC Module CMA CLI getenv command directory traversal vulnerability 2021-12-20 CVE-2021-21907 4.9
TALOS-2021-1426 Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame decoding heap-based buffer overflow vulnerability 2021-12-20 CVE-2021-40417 9.8
TALOS-2021-1427 Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame parsing uninitialized uuid object vulnerability 2021-12-20 CVE-2021-40418 9.8
TALOS-2021-1359 Garrett Metal Detectors iC Module CMA CLI del[env] command directory traversal vulnerabilities 2021-12-20 CVE-2021-21908,CVE-2021-21909 6.0
TALOS-2021-1384 Dream Report ODS Remote Connector privilege escalation vulnerability 2021-12-06 CVE-2021-21957 8.8
TALOS-2021-1404 Gerbv RS-274X format aperture macro variables out-of-bounds write vulnerability 2021-12-06 CVE-2021-40393 10.0
TALOS-2021-1405 Gerbv RS-274X aperture macro outline primitive integer overflow vulnerability 2021-12-06 CVE-2021-40394 10.0
TALOS-2021-1352 Google Chrome Blink setBaseAndExtent use after free vulnerability 2021-11-30 CVE-2021-30625 8.3
TALOS-2021-1380 Anker Eufy Homebase 2 home_security process_msg() authentication bypass vulnerability 2021-11-29 CVE-2021-21953 7.7
TALOS-2021-1378 Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_SERVER_LIST_REQUEST out-of-bounds write vulnerability 2021-11-29 CVE-2021-21950,CVE-2021-21951 10.0
TALOS-2021-1379 Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_RSA_KEY_REQUEST authentication bypass vulnerability 2021-11-29 CVE-2021-21952 9.4
TALOS-2021-1381 Anker Eufy Homebase 2 home_security wifi_country_code_update command execution vulnerability 2021-11-29 CVE-2021-21954 9.9
TALOS-2021-1382 Anker Eufy Homebase 2 home_security get_aes_key_info_by_packetid() authentication bypass vulnerability 2021-11-29 CVE-2021-21955 7.7
TALOS-2021-1365 Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'user_list' page 2021-11-22 CVE-2021-21920,CVE-2021-21921, CVE-2021-21922,CVE-2021-21923 7.7
TALOS-2021-1360 Advantech R-SeeNet installation privilege escalation vulnerability 2021-11-22 CVE-2021-21910, CVE-2021-21911, CVE-2021-21912 8.8
TALOS-2021-1383 CloudLinux Inc Imunify360 Ai-Bolit php unserialize vulnerability 2021-11-22 CVE-021-21956 8.2
TALOS-2021-1363 Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'group_list' page 2021-11-22 CVE-2021-21915,CVE-2021-21916,CVE-2021-21917 7.7
TALOS-2021-1364 Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'company_list' page 2021-11-22 CVE-2021-21918,CVE-2021-21919 7.7
TALOS-2021-1366 Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'device_list' page 2021-11-22 CVE-2021-21924,CVE-2021-21925,CVE-21926,CVE-2021-21927,CVE-2021-21928,CVE-2021-21929,CVE-2021-21930,CVE-2021-21931,CVE-2021-21932,CVE-2021-21933,CVE-2021-21934,CVE-2021-21935,CVE-2021-21936,CVE-2021-21937 7.7
TALOS-2021-1349 LibreCad libdxfrw dwgCompressor::decompress18() out-of-bounds write vulnerability 2021-11-17 CVE-2021-21898 8.8
TALOS-2021-1351 LibreCad libdxfrw dxfRW::processLType() use-after-free vulnerability 2021-11-17 CVE-2021-21900 8.8
TALOS-2021-1350 LibreCad libdxfrw dwgCompressor::copyCompBytes21 heap-based buffer overflow vulnerability 2021-11-17 CVE-2021-21899 8.8
TALOS-2021-1348 Google Chrome WebRTC addIceCandidate use after free vulnerability 2021-11-16 CVE-2021-30602 8.3
TALOS-2021-1338 Lantronix PremierWave 2050 Web Manager FsBrowseClean directory traversal vulnerability 2021-11-15 CVE-2021-21896 4.9
TALOS-2021-1327 Lantronix PremierWave 2050 Web Manager Diagnostics: Ping OS command injection vulnerability 2021-11-15 CVE-2021-21883 9.9
TALOS-2021-1326 Lantronix PremierWave 2050 Web Manager FsUnmount OS command injection vulnerability 2021-11-15 CVE-2021-21882 9.9
TALOS-2021-1324 Lantronix PremierWave 2050 Web Manager FsCopyFile directory traversal vulnerability 2021-11-15 CVE-2021-21880 7.2
TALOS-2021-1323 Lantronix PremierWave 2050 Web Manager File Upload directory traversal vulnerability 2021-11-15 CVE-2021-21879 9.9
TALOS-2021-1330 Lantronix PremierWave 2050 Web Manager FSBrowsePage directory traversal vulnerability 2021-11-15 CVE-2021-21886 4.3
TALOS-2021-1315 Lantronix PremierWave 2050 Web Manager FsTFtp OS command injection vulnerabilities 2021-11-15 CVE-2021-21876,CVE-2021-21877 9.1
TALOS-2021-1332 Lantronix PremierWave 2050 Web Manager SslGenerateCertificate OS command injection vulnerability 2021-11-15 CVE-2021-21888 9.1
TALOS-2021-1325 Lantronix PremierWave 2050 Web Manager Wireless Network Scanner OS command injection vulnerability 2021-11-15 CVE-2021-21881 9.9
TALOS-2021-1322 Lantronix PremierWave 2050 Web Manager Applications and FsBrowse local file inclusion vulnerability 2021-11-15 CVE-2021-21878 4.9
TALOS-2021-1335 Lantronix PremierWave 2050 Web Manager FsUnmount stack-based buffer overflow vulnerability 2021-11-15 CVE-2021-21892 9.9
TALOS-2021-1314 Lantronix PremierWave 2050 Web Manager SSL Credential Upload OS command injection vulnerabilities 2021-11-15 CVE-2021-21873,CVE-2021-21874,CVE-2021-21875 9.1
TALOS-2021-1329 Lantronix PremierWave 2050 Web Manager FsMove directory traversal vulnerability 2021-11-15 CVE-2021-21885 7.2
TALOS-2021-1312 Lantronix PremierWave 2050 Web Manager Diagnostics: Traceroute OS command injection vulnerability 2021-11-15 CVE-2021-21872 9.9
TALOS-2021-1337 Lantronix PremierWave 2050 Web Manager FsTFtp directory traversal vulnerability 2021-11-15 CVE-2021-21894,CVE-2021-21895 9.1
TALOS-2021-1334 Lantronix PremierWave 2050 Web Manager FsBrowseClean stack-based buffer overflow vulnerability 2021-11-15 CVE-2021-21890,CVE-2021-21891 9.1
TALOS-2021-1333 Lantronix PremierWave 2050 Web Manager Ping stack-based buffer overflow vulnerability 2021-11-15 CVE-2021-21889 9.9
TALOS-2021-1328 Lantronix PremierWave 2050 Web Manager SslGenerateCSR OS command injection vulnerability 2021-11-15 CVE-2021-21884 9.1
TALOS-2021-1331 Lantronix PremierWave 2050 Web Manager SslGenerateCSR stack-based buffer overflow vulnerability 2021-11-15 CVE-2021-21887 9.1
TALOS-2021-1343 Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests offset calculation out-of-bounds read vulnerability 2021-11-09 CVE-2021-41376 2.3
TALOS-2021-1342 Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests image validation signature check bypass vulnerability 2021-11-09 CVE-2021-42300 6.0
TALOS-2021-1339 Microsoft Azure Sphere Kernel GPIO_SET_PIN_CONFIG_IOCTL information disclosure vulnerability 2021-11-09 None 6.7
TALOS-2021-1347 Microsoft Azure Sphere Pluton concurrent syscalls denial of service vulnerability 2021-11-09 -- 6.2
TALOS-2021-1344 Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging 1BL firmware downgrade vulnerability 2021-11-09 -- 6.0
TALOS-2021-1340 Microsoft Azure Sphere Kernel GPIO_GET_PIN_ACCESS_CONTROL_USER information disclosure vulnerability 2021-11-09 None 4.4
TALOS-2021-1341 Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging stage-without-manifest denial of service vulnerability 2021-11-09 -- 6.0
TALOS-2021-1402 Gerbv drill format T-code tool number out-of-bounds write vulnerability 2021-11-04 CVE-2021-40391 10.0
TALOS-2021-1320 ZTE MF971R ADB_MODE_SWITCH stack-based buffer overflow vulnerability 2021-10-18 CVE-2021-21748 9.6
TALOS-2021-1317 ZTE MF971R Referer authentication bypass vulnerability 2021-10-18 CVE-2021-21745 4.7
TALOS-2021-1316 ZTE MF971R goform_get_cmd_process Config Control External config control vulnerability 2021-10-18 CVE-2021-21744 5.4
TALOS-2021-1318 ZTE MF971R sms_cmd_status_info cross-site scripting vulnerability 2021-10-18 CVE-2021-21746 6.1
TALOS-2021-1313 ZTE MF971R HTTP_HOST CRLF Injection vulnerability 2021-10-18 CVE-2021-21743 6.3
TALOS-2021-1319 ZTE MF971R xmlclient cross-site scripting vulnerability 2021-10-18 CVE-2021-21747 6.1
TALOS-2021-1321 ZTE MF971R STK_PROCESS stack-based buffer overflow vulnerability 2021-10-18 CVE-2021-21749 8.3
TALOS-2021-1266 Nitro Pro PDF JavaScript TimeOutObject double free vulnerability 2021-10-13 CVE-2021-21797 8.8
TALOS-2021-1265 Nitro Pro PDF JavaScript local_file_path Object use-after-free vulnerability 2021-10-13 CVE-2021-21796 8.8
TALOS-2021-1259 Microsoft Office Excel 2019/365 ConditionalFormatting code execution vulnerability 2021-10-12 CVE-2021-40474 8.8
TALOS-2021-1370 Anker Eufy Homebase 2 pushMuxer CreatePushThread use-after-free vulnerability 2021-10-11 CVE-2021-21941 10.0
TALOS-2021-1369 Anker Eufy Homebase 2 pushMuxer processRtspInfo heap buffer overflow vulnerability 2021-10-11 CVE-2021-21940 10.0
TALOS-2021-1361 D-LINK DIR-3040 WiFi Smart Mesh information disclosure vulnerability 2021-09-23 CVE-2021-21913 10.0
TALOS-2021-1309 Microsoft Azure Sphere Security Monitor SMSyscallPeripheralAcquire information disclosure vulnerability 2021-09-14 None 4.4
TALOS-2021-1267 Nitro Pro PDF JavaScript document.flattenPages JSStackFrame stack-based use-after-free vulnerability 2021-09-13 CVE-2021-21798 8.8
TALOS-2021-1346 Ribbonsoft dxflib DL_Dxf::handleLWPolylineData heap-based buffer overflow vulnerability 2021-09-07 CVE-2021-21897 8.8
TALOS-2021-1295 Disc Soft Ltd Daemon Tools Pro ISO Parsing memory corruption vulnerability 2021-08-17 CVE-2021-21832 8.1
TALOS-2021-1299 GPAC Project Advanced Content MPEG-4 Decoding multiple integer addition overflow vulnerabilities 2021-08-16 CVE-2021-21853, CVE-2021-21854,CVE-2021-21855,CVE-2021-21856,CVE-2021-21857,CVE-2021-21858 8.8
TALOS-2021-1298 GPAC Project Advanced Content MPEG-4 Decoding multiple integer truncation vulnerabilities 2021-08-16 CVE-2021-21859,CVE-2021-21860,CVE-2021-21861,CVE-2021-21862 8.8
TALOS-2021-1297 GPAC Project on Advanced Content library MPEG-4 Decoding multiple multiplication integer overflow vulnerabilities 2021-08-16 CVE-2021-21834, CVE-2021-21835, CVE-2021-21836, CVE-2021-21837, CVE-2021-21838, CVE-2021-21839, CVE-2021-21840, CVE-2021-21841, CVE-2021-21842, CVE-2021-21843, CVE-2021-21844, CVE-2021-21845, CVE-2021-21846, CVE-2021-21847, CVE-2021-21848, CVE-2021-21849, CVE-2021-21850, CVE-2021-21851, CVE-2021-21852 8.8
TALOS-2021-1279 AT&T Labs Xmill XML parsing CreateLabelOrAttrib memory corruption vulnerability 2021-08-11 CVE-2021-21811 8.1
TALOS-2021-1291 AT&T Labs Xmill XML decompression DecodeTreeBlock multiple heap-based buffer overflow vulnerabilities 2021-08-10 CVE-2021-21826, CVE-2021-21827, CVE-2021-21828 8.1
TALOS-2021-1293 AT&T Labs Xmill XML decompression LabelDict::Load heap-based buffer overflow vulnerability 2021-08-10 CVE-2021-21830 8.1
TALOS-2021-1278 AT&T Labs Xmill XML parsing ParseAttribs memory corruption vulnerability 2021-08-10 CVE-2021-21810 8.1
TALOS-2021-1311 Microsoft Azure Sphere Security Monitor SECTION_ABIDepends denial of service vulnerability 2021-08-10 None 6.0
TALOS-2021-1290 AT&T Labs Xmill XML decompression PlainTextUncompressor::UncompressItem heap-based buffer overflow vulnerability 2021-08-10 CVE-2021-21825 8.1
TALOS-2021-1310 Microsoft Azure Sphere Security Monitor SMSyscallWriteBlockToStageImage information disclosure vulnerability 2021-08-10 None 4.4
TALOS-2021-1280 AT&T Labs Xmill multiple command line parsing vulnerabilities 2021-08-10 CVE-2021-21812, CVE-2021-21813, CVE-2021-21814, CVE-2021-21815 7.8
TALOS-2021-1345 Mozilla Firefox MediaCacheStream::NotifyDataReceived use-after-free vulnerability 2021-08-10 CVE-2021-29985 8.8
TALOS-2021-1292 AT&T Labs Xmill XML decompression EnumerationUncompressor::UncompressItem heap-based buffer overflow vulnerability 2021-08-10 CVE-2021-21829 8.1
TALOS-2020-1212 tinyobjloader LoadObj improper array index validation vulnerability 2021-07-30 CVE-2020-28589 9.6
TALOS-2021-1307 Foxit Reader FileAttachment annotation use-after-free vulnerability redux 2021-07-27 CVE-2021-21870 8.8
TALOS-2021-1336 Foxit Reader Field OnFocus event use-after-free vulnerability 2021-07-27 CVE-2021-21893 8.8
TALOS-2021-1294 Foxit Reader removeField use-after-free vulnerability 2021-07-27 CVE-2021-21831 8.8
TALOS-2021-1305 CODESYS Development System ObjectManager.plugin Project.get_MissingTypes() Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21868 8.8
TALOS-2021-1303 CODESYS Development System ObjectManager.plugin ProfileInformation.ProfileData Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21866 8.8
TALOS-2021-1300 CODESYS Development System ComponentModel Profile.FromFile() Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21863 8.8
TALOS-2021-1302 CODESYS Development System PackageManagement.plugin ExtensionMethods.Clone() Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21865 8.8
TALOS-2021-1306 CODESYS Development System Engine.plugin ProfileInformation ProfileData Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21869 8.8
TALOS-2021-1304 CODESYS Development System ObjectManager.plugin ObjectStream.ProfileByteArray Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21867 8.8
TALOS-2021-1301 CODESYS Development System ComponentModel ComponentManager.StartupCultureSettings Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21864 7.8
TALOS-2021-1271 Advantech R-SeeNet ssh_form.php Reflected XSS vulnerability 2021-07-15 CVE-2021-21800 9.6
TALOS-2021-1270 Advantech R-SeeNet telnet_form.php Reflected XSS vulnerability 2021-07-15 CVE-2021-21799 9.6
TALOS-2021-1274 Advantech R-SeeNet ping.php OS Command Injection vulnerability 2021-07-15 CVE-2021-21805 9.8
TALOS-2021-1273 Advantech R-SeeNet options.php local file inclusion (LFI) vulnerability 2021-07-15 CVE-2021-21804 8.1
TALOS-2021-1284 D-LINK DIR-3040 Libcli command injection vulnerability 2021-07-15 CVE-2021-21819 9.1
TALOS-2021-1272 Advantech R-SeeNet device_graph_page.php Multiple Reflected XSS vulnerabilities 2021-07-15 CVE-2021-21801, CVE-2021-21802, CVE-2021-21803 9.6
TALOS-2021-1283 D-LINK DIR-3040 Syslog information disclosure vulnerability 2021-07-15 CVE-2021-21818 6.5
TALOS-2021-1282 D-LINK DIR-3040 Zebra IP routing manager information disclosure vulnerability 2021-07-15 CVE-2021-21817 7.5
TALOS-2021-1285 D-LINK DIR-3040 Libcli test environment hard-coded password vulnerability 2021-07-15 CVE-2021-21820 10.0
TALOS-2021-1281 D-LINK DIR-3040 Syslog information disclosure vulnerability 2021-07-15 CVE-2021-21816 6.5
TALOS-2021-1253 IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c406144 vulnerability 2021-07-07 CVE-2021-21786 8.8
TALOS-2021-1252 IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c40a148 vulnerability 2021-07-07 CVE-2021-21785 6.5
TALOS-2021-1254 IOBit Advanced SystemCare ultimate privileged I/O write vulnerabilities 2021-07-07 CVE-2021-21787, CVE-2021-21788,CVE-2021-21789 8.8
TALOS-2021-1255 IOBit Advanced SystemCare Ultimate Privileged I/O Read vulnerabilities 2021-07-07 CVE-2021-21790, CVE-2021-21791, CVE-2021-21792 6.5
TALOS-2021-1308 PowerISO DMG File Format Handler memory corruption vulnerability 2021-06-28 CVE-2021-21871 8.8
TALOS-2021-1277 Moodle spellchecker plugin command execution vulnerability 2021-06-22 CVE-2021-21809 8.2
TALOS-2021-1234 EIP Stack Group OpENer Ethernet/IP UDP handler information disclosure vulnerability 2021-06-16 CVE-2021-21777 8.6
TALOS-2021-1288 Komoot GmbH Komoot Friend finder information disclosure vulnerability 2021-06-09 CVE-2021-21823 5.3
TALOS-2021-1251 Google Chrome WebAudio blink::AudioNodeOutput::Pull code execution vulnerability 2021-06-08 CVE-2021-30522 8.3
TALOS-2021-1260 Apple macOS SMB server directory query request integer overflow vulnerability 2021-06-02 CVE-2021-30717 7.5
TALOS-2021-1258 Apple macOS SMB server IOCTL request uninitialized stack variable vulnerability 2021-06-02 CVE-2021-30712 4.2
TALOS-2021-1269 Apple macOS SMB server directory query arbitrary file access 2021-06-02 CVE-2021-30721 4.3
TALOS-2021-1263 Apple macOS SMB server lock request infinite loop 2021-06-02 CVE-2021-30716 6.5
TALOS-2021-1268 Apple macOS SMB server create file request uninitialized memory disclosure 2021-06-02 CVE-2021-30722 6.5
TALOS-2021-1229 Webkit ImageLoader dispatchPendingErrorEvent use-after-free vulnerability 2021-06-02 CVE-2021-21775 6.8
TALOS-2021-1238 Webkit WebCore::GraphicsContext use-after-free vulnerability 2021-06-02 CVE-2021-21779 6.8
TALOS-2021-1246 Apple macOS SMB server TREE_CONNECT stack buffer overflow vulnerability 2021-06-02 CVE-2020-10005 8.5
TALOS-2021-1296 Accusoft ImageGear TIF IP_planar_raster_unpack improper array index validation vulnerability 2021-06-01 CVE-2021-21833 9.8
TALOS-2021-1289 Accusoft ImageGear JPG Handle_JPEG420 out-of-bounds write vulnerability 2021-06-01 CVE-2021-21824 8.1
TALOS-2021-1261 Accusoft ImageGear TIF bits_per_sample processing out-of-bounds write vulnerability 2021-06-01 CVE-2021-21794 9.8
TALOS-2021-1257 Accusoft ImageGear JPG sof_nb_comp header processing out-of-bounds write vulnerability 2021-06-01 CVE-2021-21793 9.8
TALOS-2021-1286 Accusoft ImageGear PDF process_fontname stack-based buffer overflow vulnerability 2021-06-01 CVE-2021-21821 9.8
TALOS-2021-1276 Accusoft ImageGear PNG png_palette_process memory corruption vulnerability 2021-06-01 CVE-2021-21808 8.1
TALOS-2021-1275 Accusoft ImageGear DICOM parse_dicom_meta_info integer overflow vulnerability 2021-06-01 CVE-2021-21807 9.8
TALOS-2021-1243 Linux Kernel Arm SIGPAGE information disclosure vulnerability 2021-05-28 CVE-2021-21781 4.0
TALOS-2021-1231 Trend Micro Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability 2021-05-24 CVE-2021-32458 7.8
TALOS-2021-1230 Trend Micro, Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability 2021-05-24 CVE-2021-32457 7.8
TALOS-2021-1241 Trend Micro Inc. Home Network Security SFTP log collection server hard-coded password vulnerability 2021-05-24 CVE-2021-32459 4.9
TALOS-2021-1235 Google Chrome AudioDelayDSPKernel::ProcessKRate heap-based buffer overflow vulnerability 2021-05-19 CVE-2021-21160 8.8
TALOS-2021-1237 Apple macOS SMB server signature verification information disclosure vulnerability 2021-05-19 CVE-2021-1878 7.1
TALOS-2021-1233 Adobe Acrobat Reader DC JavaScript search query code execution vulnerability 2021-05-11 CVE-2021-28562 8.0
TALOS-2021-1287 Foxit Reader FileAttachment annotation use-after-free vulnerability 2021-05-06 CVE-2021-21822 8.8
TALOS-2020-1142 Systemd DHCP client denial-of-service vulnerability 2021-04-26 CVE-2020-13529 6.1
TALOS-2021-1236 MZ Automation GmbH lib60870.NET ASDU message processing denial of service vulnerability 2021-04-26 CVE-2021-21778 7.5
TALOS-2021-1239 Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability 2021-04-22 None 7.4
TALOS-2021-1240 Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability 2021-04-22 None 7.4
TALOS-2020-1219 Prusa Research PrusaSlicer Obj.cpp load_obj() out-of-bounds write vulnerability 2021-04-21 CVE-2020-28595 8.8
TALOS-2020-1220 Prusa Research PrusaSlicer Objparser::objparse() stack-based buffer overflow vulnerability 2021-04-21 CVE-2020-28596 8.8
TALOS-2020-1222 Prusa Research PrusaSlicer Admesh stl_fix_normal_directions() out-of-bounds write vulnerability 2021-04-21 CVE-2020-28598 8.8
TALOS-2020-1159 Synology DSM synoagentregisterd server finder out-of-bounds write vulnerability 2021-04-19 CVE-2021-26560, CVE-2021-26561, CVE-2021-26562 9.4
TALOS-2020-1160 Synology QuickConnect servers HTTP redirection Information Disclosure Vulnerability 2021-04-19 CVE-2021-26564, CVE-2021-26565, CVE-2021-26566 8.3
TALOS-2020-1216 Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability 2021-04-15 CVE-2020-28592 8.1
TALOS-2020-1217 Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability 2021-04-15 CVE-2020-28593 8.1
TALOS-2020-1203 OpenClinic GA unauthenticated command injection vulnerability 2021-04-13 CVE-2020-27227 10.0
TALOS-2021-1249 Microsoft Azure Sphere Linux namespace ptrace unsigned code execution vulnerability 2021-04-13 CVE-2021-27074 6.2
TALOS-2020-1205 OpenClinic GA web portal multiple SQL injection vulnerabilities in 'patientslist.do' page 2021-04-13 CVE-2020-27229, CVE-2020-27230, CVE-2020-27231 6.4
TALOS-2020-1206 OpenClinic GA Web portal SQL injection vulnerability in 'manageServiceStocks.jsp' page 2021-04-13 CVE-2020-27232 6.4
TALOS-2021-1247 Microsoft Azure Sphere mount namespace unsigned code execution vulnerability 2021-04-13 CVE-2021-27074 6.2
TALOS-2020-1208 OpenClinic GA web portal multiple SQL injection vulnerabilities in 'listImmoLabels.jsp' page 2021-04-13 CVE-2020-27242, CVE-2020-27243, CVE-2020-27244, CVE-2020-27245, CVE-2020-27246 6.4
TALOS-2020-1204 OpenClinic GA installation privilege escalation vulnerability 2021-04-13 CVE-2020-27228 8.8
TALOS-2021-1250 Microsoft Azure Sphere mqueue inode initialization kernel code execution vulnerability 2021-04-13 CVE-2021-27080 9.3
TALOS-2020-1202 OpenClinic GA web portal SQL injection vulnerability in 'statistics/quickFile.jsp' page 2021-04-13 CVE-2020-27226 6.4
TALOS-2020-1207 OpenClinic GA web portal multiple SQL injection vulnerabilities in the 'getAssets.jsp' page 2021-04-13 CVE-2020-27233, CVE-2020-27234, CVE-2020-27235, CVE-2020-27236, CVE-2020-27237, CVE-2020-27238, CVE-2020-27239, CVE-2020-27240, CVE-2020-27241 6.4
TALOS-2021-1262 Microsoft Azure Sphere Kernel pwm_ioctl_apply_state kfree() code execution vulnerability 2021-04-13 CVE-2021-28460 8.1
TALOS-2020-1200 Rukovoditel Project Management App application SQL injection vulnerability in the 'access_rules/rules_form' page 2021-04-08 CVE-2020-13591 5.4
TALOS-2020-1198 Rukovoditel Project Management App SQL injection vulnerability in the 'forms_fields_rules/rules' page 2021-04-08 CVE-2020-13587 5.4
TALOS-2020-1146 Dream Report platform privilege escalation vulnerability 2021-04-08 CVE-2020-13532, CVE-2020-13533, CVE-2020-13534 9.3
TALOS-2020-1199 Rukovoditel Project Management App multiple SQL injection vulnerabilities in the 'entities/fields' page 2021-04-08 CVE-2020-13588, CVE-2020-13589, CVE-2020-13599 5.4
TALOS-2020-1201 Rukovoditel Project Management App application SQL injection vulnerability in the 'global_lists/choices' page 2021-04-08 CVE-2020-13592 5.4
TALOS-2021-1244 Accusoft ImageGear SGI format buffer size processing out-of-bounds write vulnerability 2021-03-30 CVE-2021-21782 9.8
TALOS-2021-1232 Accusoft ImageGear SGI Format Buffer Size Processing out-of-bounds write vulnerability 2021-03-30 CVE-2021-21776 9.8
TALOS-2021-1227 Accusoft ImageGear TIFF Header count processing out-of-bounds write vulnerability 2021-03-30 CVE-2021-21773 8.1
TALOS-2021-1245 Genivia gSOAP WS-Addressing plugin code execution vulnerability redux 2021-03-24 CVE-2021-21783 9.8
TALOS-2021-1264 Accusoft ImageGear PSD read_icc_icCurve_data heap-based buffer overflow vulnerability 2021-03-16 CVE-2021-21795 9.8
TALOS-2020-1226 3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability 2021-03-10 CVE-2021-21772 8.1
TALOS-2021-1226 3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability 2021-03-10 CVE-2021-21772 8.1
TALOS-2021-1248 Accusoft ImageGear JPG format SOF marker processing out-of-bounds write vulnerability 2021-03-02 CVE-2021-21784 9.8
TALOS-2020-1213 Slic3r libslic3r Obj File TriangleMesh::TriangleMesh() out-of-bounds read vulnerability 2021-02-24 CVE-2020-28590 8.6
TALOS-2020-1225 CGAL libcgal multiple code execution vulnerabilities in Nef polygon-parsing code 2021-02-24 CVE-2020-28601,CVE-2020-28602,CVE-2020-28603,CVE-2020-28604,CVE-2020-28605,CVE-2020-28606,CVE-2020-28607,CVE-2020-28608,CVE-2020-28609,CVE-2020-28610,CVE-2020-28611,CVE-2020-28612,CVE-2020-28613,CVE-2020-28614,CVE-2020-28615,CVE-2020-28616, CVE-2020-28617,CVE-2020-28618,CVE-2020-28619,CVE-2020-28620, CVE-2020-28621,CVE-2020-28622,CVE-2020-28623,CVE-2020-28624,CVE-2020-28625,CVE-2020-28626,CVE-2020-28627,CVE-2020-28628,CVE-2020-28629,CVE-2020-28630,CVE-2020-28631,CVE-2020-28632,CVE-2020-28633,CVE-2020-28634,CVE-2020-28635,CVE-2020-28636,CVE-2020-35628,CVE-2020-35629,CVE-2020-35630, CVE-2020-35631,CVE-2020-35632,CVE-2020-35633,CVE-2020-35634,CVE-2020-35635,CVE-2020-35636 10.0
TALOS-2020-1223 Openscad import_stl.cc:import_stl() stack-based buffer overflow vulnerability 2021-02-23 CVE-2020-28599 8.8
TALOS-2020-1224 Openscad import_stl.cc:import_stl() out-of-bounds stack write vulnerability 2021-02-23 CVE-2020-28600 8.8
TALOS-2020-1167 Sytech XL reporter installation privilege escalation vulnerability 2021-02-19 CVE-2020-13549 8.8
TALOS-2020-1169 Advantech WebAccess/SCADA installation privilege escalation vulnerability 2021-02-16 CVE-2020-13551, CVE-2020-13552, CVE-2020-13553, CVE-2020-13554, CVE-2020-13555 8.8
TALOS-2020-1168 Advantech WebAccess/SCADA installation local file inclusion 2021-02-16 CVE-2020-13550 7.7
TALOS-2020-1196 Accusoft ImageGear PSD Header processing out-of-bounds write vulnerability 2021-02-09 CVE-2020-13585 9.8
TALOS-2020-1182 Accusoft ImageGear SGI RLE decompression out-of-bounds write vulnerability 2021-02-09 CVE-2020-13571 9.8
TALOS-2020-1176 Accusoft ImageGear TIFF index record out-of-bounds write vulnerability 2021-02-09 CVE-2020-13561 9.8
TALOS-2020-1183 Accusoft ImageGear GIF LZW decoder heap overflow vulnerability 2021-02-05 CVE-2020-13572 9.8
TALOS-2020-1191 SoftMaker Office PlanMaker Document Record 0x8010 out-of-bounds write vulnerability 2021-02-03 CVE-2020-13580 8.8
TALOS-2020-1197 SoftMaker Office PlanMaker Excel document record 0x00fc memory corruption vulnerability 2021-02-03 CVE-2020-13586 8.8
TALOS-2020-1190 SoftMaker Office PlanMaker Document Records 0x8011 and 0x820a integer overflow vulnerability 2021-02-03 CVE-2020-13579 8.8
TALOS-2020-1210 SoftMaker Office PlanMaker Excel document CEscherObject::ReadNativeProperties multiple heap buffer overflow vulnerabilities 2021-02-03 CVE-2020-27247, CVE-2020-27248, CVE-2020-27249,CVE-2020-27250,CVE-2020-28587 8.8
TALOS-2020-1192 SoftMaker Office PlanMaker Document Record 0x800d memory corruption vulnerability 2021-02-03 CVE-2020-13581 8.8
TALOS-2020-1008 Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Network Segment Denial of Service Vulnerability 2021-02-02 CVE-2020-6088 7.5
TALOS-2020-1177 phpGACL template multiple cross-site scripting vulnerabilities 2021-01-27 CVE-2020-13562, CVE-2020-13563, CVE-2020-13564 9.6
TALOS-2020-1180 OpenEMR GACL cross-site request forgery vulnerability 2021-01-27 CVE-2020-13569 8.8
TALOS-2020-1179 phpGACL database multiple SQL injection vulnerabilities 2021-01-27 CVE-2020-13566, CVE-2020-13568 8.8
TALOS-2020-1178 phpGACL return_page redirection open redirect vulnerability 2021-01-27 CVE-2020-13565 6.1
TALOS-2020-1194 Micrium uC-HTTP HTTP Server null pointer dereference denial-of-service vulnerability 2021-01-26 CVE-2020-13583 8.6
TALOS-2020-1193 Micrium uC-HTTP HTTP Server unchecked return value denial-of-service vulnerability 2021-01-26 CVE-2020-13582 8.6
TALOS-2020-1174 FreyrSCADA IEC-60879-5-104 server simulator traffic logging denial-of-service vulnerability 2021-01-11 CVE--2020-13559 5.9
TALOS-2020-1184 Rockwell Automation RSLinx classic ethernet/IP server denial-of-service vulnerability 2021-01-07 CVE-2020-13573 7.5
TALOS-2020-1188 Genivia gSOAP WS-Security plugin denial-of-service vulnerability 2021-01-05 CVE-2020-13577 7.5
TALOS-2020-1163 SoftMaker Office TextMaker Document Record 0x002a integer overflow vulnerability 2021-01-05 CVE-2020-13546 8.8
TALOS-2020-1189 Genivia gSOAP WS-Security plugin denial-of-service vulnerability 2021-01-05 CVE-2020-13578 7.5
TALOS-2020-1186 Genivia gSOAP WS-Addressing plugin denial-of-service vulnerability 2021-01-05 CVE-2020-13575 7.5
TALOS-2020-1162 SoftMaker Office TextMaker Document Record 0x003f integer conversion vulnerability 2021-01-05 CVE-2020-13545 8.8
TALOS-2020-1185 Genivia gSOAP WS-Security plugin denial-of-service vulnerability 2021-01-05 CVE-2020-13574 7.5
TALOS-2020-1161 SoftMaker Office TextMaker Document Record 0x001f sign-extension vulnerability 2021-01-05 CVE-2020-13544 8.8
TALOS-2020-1187 Genivia gSOAP WS-Addressing plugin code execution vulnerability 2021-01-05 CVE-2020-13576 9.8
TALOS-2020-1151 Win-911 mobile server platform privilege escalation vulnerability 2021-01-04 CVE-2020-13541 9.3
TALOS-2020-1150 Win-911 Enterprise Platform privilege escalation vulnerability 2021-01-04 CVE-2020-13539, CVE-2020-13540 9.3
TALOS-2020-1141 Microsoft Azure Sphere networkd mdns denial-of-service vulnerability 2020-12-18 -- 5.9
TALOS-2020-1116 NZXT CAM WinRing0x64 driver IRP 0x9c402088 privilege escalation vulnerability 2020-12-16 CVE-2020-13519 8.8
TALOS-2020-1112 NZXT CAM WinRing0x64 driver IRP 0x9c40a148 privilege escalation vulnerability 2020-12-16 CVE-2020-13515 8.8
TALOS-2020-1111 NZXT CAM WinRing0x64 Driver Privileged I/O Write IRPs Privilege Escalation Vulnerability 2020-12-16 CVE-2020-13512, CVE-2020-13513, CVE-2020-13514 8.8
TALOS-2020-1114 NZXT CAM WinRing0x64 Driver IRP 0x9c406104 information disclosure vulnerability 2020-12-16 CVE-2020-13517 6.5
TALOS-2020-1115 NZXT CAM WinRing0x64 driver IRP 0x9c402084 information disclosure vulnerability 2020-12-16 CVE-2020-13518 6.5
TALOS-2020-1110 NZXT CAM WinRing0x64 driver privileged I/O read IRPs information disclosure vulnerability 2020-12-16 CVE-2020-13509, CVE-2020-13511 6.5
TALOS-2020-1147 Kepware LinkMaster Service privilege escalation vulnerability 2020-12-16 CVE-2020-13535 9 .3
TALOS-2020-1113 NZXT CAM WinRing0x64 driver IRP 0x9c406144 information disclosure vulnerability 2020-12-16 CVE-2020-13516 6.5
TALOS-2020-1135 Lantronix XPort EDGE Web Manager CSRF vulnerability 2020-12-16 CVE-2020-13527 4.8
TALOS-2020-1136 Lantronix XPort EDGE Web Manager and telnet CLI cleartext transmission of sensitive information vulnerability 2020-12-16 CVE-2020-13528 3.1
TALOS-2020-1175 Foxit Reader JavaScript choice field format event use-after-free vulnerability 2020-12-09 CVE-2020-13560 8.8
TALOS-2020-1166 Foxit Reader Javascript Field fileSelect Use After Free Vulnerability 2020-12-09 CVE-2020-13548 8.0
TALOS-2020-1165 Foxit Reader JavaScript media openPlayer type confusion vulnerability 2020-12-09 CVE-2020-13547 8.8
TALOS-2020-1171 Foxit Reader JavaScript choice field use-after-free vulnerability 2020-12-09 CVE-2020-13557 8.8
TALOS-2020-1181 Foxit Reader JavaScript remove template use-after-free vulnerability 2020-12-09 CVE-2020-13570 7.5
TALOS-2020-1153 Microsoft Office ElementType code execution vulnerability 2020-12-08 CVE-2020-17123 8.8
TALOS-2020-1144 Schneider Electric EcoStruxure Control Expert APX project file processing code execution vulnerability 2020-12-08 CVE-2020-7560 8.6
TALOS-2020-1140 Schneider Electric EcoStruxure Control Expert PLC Simulator Modbus message processing remote code execution vulnerability 2020-12-08 CVE-2020-7559 10.0
TALOS-2020-1143 EIP Stack Group OpENer ethernet/IP server denial-of-service vulnerability 2020-12-02 CVE-2020-13530 7.5
TALOS-2020-1170 EIP Stack Group OpENer Ethernet/IP server out-of-bounds write vulnerability 2020-12-02 CVE-2020-13556 9.8
TALOS-2020-1155 Webkit WebSocket code execution vulnerability 2020-11-30 CVE-2020-13543 8.8
TALOS-2020-1195 Webkit ImageDecoderGStreamer use-after-free vulnerability 2020-11-30 CVE-2020-13584 8.8
TALOS-2020-1126 ProcessMaker sort parameter multiple SQL Injection Vulnerabilities 2020-11-17 CVE-2020-13525, CVE-2020-13526 6.4
TALOS-2020-1101 Pixar OpenUSD Binary File Format Compressed Value Reps Code Execution Vulnerabilities 2020-11-12 CVE-2020-6155 8.8
TALOS-2020-1094 Pixar OpenUSD binary file format compressed sections code execution vulnerabilities 2020-11-12 CVE-2020-6147, CVE-2020-6148, CVE-2020-6149, CVE-2020-6150, CVE-2020-6156, CVE-2020-13493 8.8
TALOS-2020-1104 Pixar OpenUSD binary file format offset seek information leak vulnerability 2020-11-12 CVE-2020-9973 4.3
TALOS-2020-1103 Pixar OpenUSD Binary File Format Token Strings Information Leak Vulnerability 2020-11-12 CVE-2020-13494 4.3
TALOS-2020-1120 Pixar OpenUSD Binary File Format Decompressed Path Rebuilding Memory corruption 2020-11-12 CVE-2020-13520 8.8
TALOS-2020-1125 Pixar OpenUSD binary file format specs memory corruption 2020-11-12 CVE-2020-13524 6.3
TALOS-2020-1105 Pixar OpenUSD binary file format index type values information leak vulnerability 2020-11-12 CVE-2020-13498,CVE-2020-13496,CVE-2020-13497 4.3
TALOS-2020-1145 Pixar OpenUSD SDF layer path remote code execution 2020-11-12 CVE-2020-13531 8.8
TALOS-2020-1154 LogicalDoc installation privilege escalation vulnerability 2020-11-10 CVE-2020-13542 9.3
TALOS-2020-1032 BIMx Desktop Viewer Resource Parsing Integer Overflow Vulnerability 2020-11-06 CVE-2020-6099 8.8
TALOS-2020-1156 Adobe Acrobat Reader DC form field format use after free 2020-11-05 CVE-2020-24437 8.8
TALOS-2020-1157 Adobe Acrobat Reader DC JavaScript submitForm heap buffer overflow redux 2020-11-05 CVE-2020-24435 8.8
TALOS-2020-1148 Moxa MXView series installation privilege escalation vulnerability 2020-11-03 CVE-2020-13537,CVE-2020-13536 9.3
TALOS-2020-1086 Synology SRM web interface session cookie HttpOnly flag information disclosure vulnerability 2020-10-30 CVE-2020-27658 7.5
TALOS-2020-1066 Synology SRM QuickConnect iptables network misconfiguration vulnerability 2020-10-29 CVE-2020-27655 6.5
TALOS-2020-1059 Synology SRM web interface session cookie secure flag Information Disclosure Vulnerability 2020-10-29 CVE-2020-27651 8.3
TALOS-2020-1065 Synology SRM lbd service Command Execution Vulnerability 2020-10-29 CVE-2020-27654, CVE-2020-11117 9.6
TALOS-2020-1058 Synology SRM QuickConnect authentication Information Disclosure Vulnerability 2020-10-29 CVE-2020-27649 8.3
TALOS-2020-1061 Synology SRM QuickConnect HTTP connection Information Disclosure Vulnerability 2020-10-29 CVE-2020-27653 8.3
TALOS-2020-1060 Synology QuickConnect servers HTTP redirection Information Disclosure Vulnerability 2020-10-29 None 8.3
TALOS-2020-1071 Synology SRM dnsExit DDNS provider information disclosure vulnerability 2020-10-29 CVE-2020-27656-CVE-2020-27657 4.0
TALOS-2020-1064 Synology QuickConnect servers network misconfiguration vulnerability 2020-10-29 -- 6.5
TALOS-2020-1123 Google Chrome DrawElementsInstanced information leak vulnerability 2020-10-22 CVE-2020-6555 6.8
TALOS-2020-1127 Google Chrome WebGL Buffer11::getBufferStorage Code Execution Vulnerability 2020-10-20 CVE-2020-6542 8.3
TALOS-2020-1046 F2fs-Tools F2fs.Fsck filesystem checking Information Disclosure Vulnerability 2020-10-14 CVE-2020-6104 4.4
TALOS-2020-1049 F2fs-Tools F2fs.Fsck dev_read Information Disclosure Vulnerability 2020-10-14 CVE-2020-6107 4.4
TALOS-2020-1047 F2fs-Tools F2fs.Fsck Multiple Devices Code Execution Vulnerability 2020-10-14 CVE-2020-6105 8.2
TALOS-2020-1050 F2fs-Tools F2fs.Fsck fsck_chk_orphan_node Code Execution Vulnerability 2020-10-14 CVE-2020-6108 8.2
TALOS-2020-1048 F2fs-Tools F2fs.Fsck init_node_manager Information Disclosure Vulnerability 2020-10-14 CVE-2020-6106 4.4
TALOS-2020-1102 AMD ATIKMDAG.SYS D3DKMTEscape handler Denial of Service Vulnerability 2020-10-13 CVE-2020-12933 7.1
TALOS-2020-1007 Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Data Segment Denial of Service Vulnerability 2020-10-13 CVE-2020-6086, CVE-2020-6087 7.5
TALOS-2020-1057 Allen-Bradley MicroLogix 1100 programmable logic controller systems IPv4 denial-of-service vulnerability 2020-10-13 CVE-2020-6111 7.5
TALOS-2020-1005 Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Port Segment Denial of Service Vulnerability 2020-10-13 CVE-2020-6083 7.5
TALOS-2020-1006 Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Logical Segment Denial of Service Vulnerability 2020-10-13 CVE-2020-6084, CVE-2020-6085 7.5
TALOS-2020-1119 AMD ATIKMDAG.SYS D3DKMTCreateAllocation handler denial-of-service vulnerability 2020-10-07 CVE-2020-12911 7.1
TALOS-2020-1124 Apple Safari/Webkit aboutBlankURL() code execution vulnerability 2020-09-30 CVE-2020-9951 8.8
TALOS-2020-1034 NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV_SAT code execution vulnerability 2020-09-30 CVE‑2020‑5981 8.5
TALOS-2020-1035 NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV code execution vulnerability 2020-09-30 CVE‑2020‑5981 8.5
TALOS-2020-1038 NVIDIA D3D10 Driver nvwgf2umx_cfg.dll nvwg DCL_CONSTANT_BUFFER code execution vulnerability 2020-09-30 CVE‑2020‑5981 8.5
TALOS-2020-1037 NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MUL code execution vulnerability 2020-09-30 CVE‑2020‑5981 8.5
TALOS-2020-1139 Microsoft Azure Sphere Pluton SIGN_WITH_TENANT_ATTESTATION_KEY memory corruption vulnerability 2020-09-23 None 9.3
TALOS-2020-1130 Microsoft Azure Sphere Littlefs truncate information disclosure vulnerability 2020-09-23 None 7.1
TALOS-2020-1129 Microsoft Azure Sphere Littlefs Quota denial of service vulnerability 2020-09-23 CVE-2020-16986 9.0
TALOS-2020-1106 Aveva eDNA Enterprise data historian CHaD.asmx multiple SQL injection vulnerabilities 2020-09-23 CVE-2020-13501,CVE-2020-13499,CVE-2020-13500 9.8
TALOS-2020-1134 Microsoft Azure Sphere Normal World application PACKET_MMAP unsigned code execution vulnerability 2020-09-23 None 5.5
TALOS-2020-1068 Nitro Pro XRefTable Entry Missing Object Code Execution Vulnerability 2020-09-15 CVE-2020-6115 8.8
TALOS-2020-1062 Nitro Pro PDF JPEG2000 Stripe Sub-sample Decoding Out-of-bounds Write Code Execution Vulnerability 2020-09-15 CVE-2020-6112 8.8
TALOS-2020-1084 Nitro Pro PDF ICCBased ColorSpace Stroke Color Code Execution Vulnerability 2020-09-15 CVE-2020-6146 8.8
TALOS-2020-1070 Nitro Pro Indexed ColorSpace Rendering Code Execution Vulnerability 2020-09-15 CVE-2020-6116 8.8
TALOS-2020-1063 Nitro Pro PDF Object Stream Parsing Number of Objects Remote Code Execution Vulnerability 2020-09-15 CVE-2020-6113 8.8
TALOS-2020-1092 Google Chrome PDFium Javascript Active Document Memory Corruption Vulnerability 2020-09-14 CVE-2020-6513 6.3
TALOS-2020-1098 Microsoft Windows 10 CLFS.sys ValidateRegionBlocks privilege escalation vulnerability 2020-09-08 CVE-2020-1115 8.8
TALOS-2020-1096 Accusoft ImageGear DICOM parse_dicom_meta_info code execution vulnerability 2020-09-01 CVE-2020-6152 9.8
TALOS-2020-1095 Accusoft ImageGear TIFF handle_COMPRESSION_PACKBITS memory corruption vulnerability 2020-09-01 CVE-2020-6151 8.1
TALOS-2020-1078 OS4Ed openSIS Validator.php SQL injection vulnerability 2020-08-31 CVE-2020-6135 6.4
TALOS-2020-1083 OS4Ed openSIS install remote code execution vulnerability 2020-08-31 CVE-2020-6143, CVE-2020-6144 10.0
TALOS-2020-1074 OS4Ed openSIS GetSchool.php SQL injection Vulnerability 2020-08-31 CVE-2020-6125 6.4
TALOS-2020-1079 OS4Ed openSIS DownloadWindow.php SQL injection vulnerability 2020-08-31 CVE-2020-6136 6.4
TALOS-2020-1080 OS4Ed openSIS Password Reset Multiple SQL injection vulnerabilities 2020-08-31 CVE-2020-6137, CVE-2020-6138, CVE-2020-6139, CVE-2020-6140 9.8
TALOS-2020-1077 OS4Ed openSIS id parameter multiple SQL injection vulnerabilities 2020-08-31 CVE-2020-6132, CVE-2020-6133, CVE-2020-6134 6.4
TALOS-2020-1072 OS4Ed openSIS CheckDuplicateStudent.php page SQL injection vulnerability 2020-08-31 CVE-2020-6117,CVE-2020-6119,CVE-2020-6121,CVE-2020-6118,CVE-2020-6120,CVE-2020-6122 6.4
TALOS-2020-1081 OS4Ed openSIS login SQL injection vulnerability 2020-08-31 CVE-2020-6141 9.8
TALOS-2020-1073 OS4Ed openSIS email parameter SQL injection vulnerability 2020-08-31 CVE-2020-6123, CVE-2020-6124 6.4
TALOS-2020-1076 OS4Ed openSIS course_period_id parameter multiple SQL injection vulnerabilities 2020-08-31 CVE-2020-6129, CVE-2020-6130, CVE-2020-6131 6.4
TALOS-2020-1075 OS4Ed openSIS CoursePeriodModal.php page multiple SQL injection vulnerabilities 2020-08-31 CVE-2020-6126, CVE-2020-6127, CVE-2020-6128 6.4
TALOS-2020-1082 OS4Ed openSIS Modules.php remote code execution vulnerability 2020-08-31 CVE-2020-6142 9.9
TALOS-2020-1036 NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV2 code execution vulnerability 2020-08-30 CVE‑2020‑5981 8.5
TALOS-2020-1029 atftpd daemon Denial of Service Vulnerability 2020-08-26 CVE-2020-6097 7.5
TALOS-2020-1128 Microsoft Azure Sphere Normal World application READ_IMPLIES_EXEC personality unsigned code execution vulnerability 2020-08-24 CVE-2020-16984 6.2
TALOS-2020-1133 Microsoft Azure Sphere Capability access control privilege escalation vulnerability 2020-08-24 None 8.1
TALOS-2020-1138 Microsoft Azure Sphere Normal World application /proc/thread-self/mem unsigned code execution vulnerability 2020-08-24 CVE-2020-16987 6.2
TALOS-2020-1085 Google Chrome WebGL code execution vulnerability 2020-08-24 CVE-2020-6492 8.3
TALOS-2020-1137 Microsoft Azure Sphere uid_map UID uniqueness privilege escalation vulnerability 2020-08-24 CVE-2020-16993 8.1
TALOS-2020-1100 Internet Systems Consortium's BIND TCP Receive Buffer Length Assertion Check Denial of Service Vulnerability 2020-08-20 CVE-2020-8620 7.5
TALOS-2020-1091 ERPNext frappe.desk.reportview.get SQL injection vulnerability 2020-08-18 CVE-2020-6145 6.4
TALOS-2020-1122 SoftPerfect RAM Disk spvve.sys 0x222024 information disclosure vulnerability 2020-08-04 CVE-2020-13523 3.8
TALOS-2020-1121 SoftPerfect RAM Disk spvve.sys 0x222004 arbitrary file deletion vulnerability 2020-08-04 CVE-2020-13522 8.8
TALOS-2020-1117 Microsoft Azure Sphere asynchronous ioctl denial-of-service vulnerability 2020-07-31 CVE-2020-35609 7.1
TALOS-2020-1089 Microsoft Azure Sphere kernel message ring buffer Information Disclosure Vulnerability 2020-07-31 CVE-2020-16990 4.3
TALOS-2020-1132 Microsoft Azure Sphere mtd character device driver privilege escalation vulnerability 2020-07-31 CVE-2020-16982 8.1
TALOS-2020-1090 Microsoft Azure Sphere Normal World application ptrace unsigned code execution vulnerability 2020-07-31 CVE-2020-16991 6.2
TALOS-2020-1093 Microsoft Azure Sphere Normal World application /proc/self/mem unsigned code execution vulnerability 2020-07-31 CVE-2020-16994 6.2
TALOS-2020-1118 Microsoft Azure Sphere AF_AZSPIO socket memory corruption vulnerability 2020-07-31 CVE-2020-16970 8.1
TALOS-2020-1131 Microsoft Azure Sphere ASXipFS inode type privilege escalation vulnerability 2020-07-31 None 8.1
TALOS-2020-1030 freeDiameter freeDiameterd Denial of Service Vulnerability 2020-07-28 CVE-2020-6098 7.5
TALOS-2020-1069 Siemens LOGO! Web Server Code Execution Vulnerability 2020-07-15 CVE-2020-7593 10.0
TALOS-2020-0979 Intel IGC64.DLL shader functionality ATOMIC_ADD code execution vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1036 8.5
TALOS-2020-0978 Intel IGC64.DLL Shader Functionality DCL_OUTPUT code execution vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1032 8.5
TALOS-2020-1042 AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality RESOURCE Code Execution Vulnerability 2020-07-14 CVE-2020-6102 8.5
TALOS-2020-0981 Intel IGC64.DLL shader functionality realloc code execution vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1041 8.5
TALOS-2020-1043 AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality ROUND_NI Code Execution Vulnerability 2020-07-14 CVE-2020-6103 8.5
TALOS-2020-0980 Intel IGC64.DLL shader functionality DCL_INDEXABLETEMP code execution vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1040 8.5
TALOS-2020-0983 Intel IGC64.DLL Shader Functionality hull shader denial of service vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1043 6.3
TALOS-2020-1040 AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality MOV REG Code Execution Vulnerability 2020-07-14 CVE-2020-6100 8.5
TALOS-2020-1041 AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality DCL_OUTPUT Code Execution Vulnerability 2020-07-14 CVE-2020-6101 8.5
TALOS-2020-0982 Intel IGC64.DLL Shader Functionality HeapReAlloc code execution vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1042 8.5
TALOS-2020-1067 Glacies IceHRM Admin Reports SQL injection Vulnerability 2020-07-10 CVE-2020-6114 6.6
TALOS-2020-1044 Google Chrome PDFium Javascript Regexp Memory Corruption Vulnerability 2020-07-02 CVE-2020-6458 8.8
TALOS-2020-1088 Mozilla Firefox URL mPath Information Disclosure Vulnerability 2020-07-01 CVE-2020-12418 6.5
TALOS-2020-1009 Leadtools Image Parser Animated Icon Code Execution Vulnerability 2020-07-01 CVE-2020-6089 8.8
TALOS-2019-0971 NVIDIA NVWGF2UMX_CFG.DLL shader functionality denial-of-service vulnerability 2020-06-24 CVE-2020-5965 8.5
TALOS-2020-1053 Mozilla Firefox SharedWorkerService Code Execution Vulnerability 2020-06-10 CVE-2020-12405 8.8
TALOS-2020-1045 Microsoft Office Excel HTML and XML Table Code Execution Vulnerability 2020-06-10 CVE-2020-1225 8.8
TALOS-2020-1027 Microsoft Office Excel PivotField code execution vulnerability 2020-06-10 CVE-2020-1226 8.8
TALOS-2020-1010 WAGO PFC 200 Web-Based Management (WBM) Code Execution Vulnerability 2020-06-10 CVE-2020-6090 9.1
TALOS-2020-1024 Siemens LOGO! TDE service "NFSAccess" Delete Denial of Service Vulnerability 2020-06-09 CVE-2020-7589 9.3
TALOS-2020-1025 Siemens LOGO! TDE service "DELETEPROG" Denial of Service Vulnerability 2020-06-09 CVE-2020-7589 9.3
TALOS-2020-1026 Siemens LOGO! TDE service "NFSAccess" Upload File Write Vulnerability 2020-06-09 CVE-2020-7589 7.5
TALOS-2020-1056 Zoom Client Application Chat Code Snippet Remote Code Execution Vulnerability 2020-06-03 CVE-2020-6110 8.0
TALOS-2020-1055 Zoom client application chat Giphy arbitrary file write 2020-06-03 CVE-2020-6109 8.5
TALOS-2020-1214 Webkit fireEventListeners use-after-free vulnerability 2020-06-02 CVE-2021-21806 8.8
TALOS-2019-0957 VMware Workstation 15 shader functionality round_ni denial of service vulnerability 2020-06-01 CVE-2020-3958 6.5
TALOS-2020-1019 GNU glibc ARMv7 memcpy() memory corruption vulnerability 2020-05-21 CVE-2020-6096 8.1
TALOS-2020-1011 Epson EB-1470Ui ESPON Web Control Authentication Bypass Vulnerability 2020-05-21 CVE-2020-6091 9.8
TALOS-2020-1014 Nitro Pro PDF Javascript XML error handling Information Disclosure Vulnerability 2020-05-18 CVE-2020-6093 6.5
TALOS-2020-1087 Synology SRM SafeAccess 1.2.1-0220 code execution Vvulnerability 2020-05-18 CVE-2020-27659, CVE-2020-27660 8.3
TALOS-2020-0997 Nitro PRO PDF nested pages remote code execution vulnerability 2020-05-18 CVE-2020-6074 8.8
TALOS-2020-1013 Nitro Pro PDF Pattern Object Code Execution Vulnerability 2020-05-18 CVE-2020-6092 8.8
TALOS-2020-1028 Adobe Acrobat Reader DC Annotation Destroy Remote Code Execution 2020-05-12 CVE-2020-9607 8.8
TALOS-2020-1015 Microsoft Office Excel s_Schema Code Execution Vulnerability 2020-05-12 CVE-2020-0901 8.8
TALOS-2020-1031 Adobe Acrobat Reader DC Javascript submitForm Remote Code Execution Vulnerability 2020-05-12 CVE-2020-9609 8.8
TALOS-2020-1051 Synology SRM DHCP monitor hostname parsing Denial of Service Vulnerability 2020-05-06 CVE-2019-11823 7.4
TALOS-2020-1003 3S-Smart Software Solutions GmbH CODESYS Runtime PLC_Task Code Execution Vulnerability 2020-05-06 CVE-2020-6081 9.9
TALOS-2020-0999 Accusoft ImageGear ICO icoread code execution vulnerability 2020-05-05 CVE-2020-6076 9.8
TALOS-2020-1033 Windows 10 Insider Preview Fast win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability Regression 2020-05-05 -- 8.4
TALOS-2020-0998 Accusoft ImageGear PNG store_data_buffer size computation code execution vulnerability 2020-05-05 CVE-2020-6075 9.8
TALOS-2020-1004 Accusoft ImageGear ICO ico_read buffer size computation code execution vulnerability 2020-05-05 CVE-2020-6082 9.8
TALOS-2020-1017 Accusoft ImageGear TIFF fill_in_raster buffer copy operation code execution vulnerability 2020-05-05 CVE-2020-6094 9.8
TALOS-2020-1211 Linux Kernel /proc/pid/syscall information disclosure vulnerability 2020-04-27 CVE-2020-28588 4.0
TALOS-2020-1218 Prusa Research PrusaSlicer _3MF_Importer::_handle_end_model() use-after-free vulnerability 2020-04-21 CVE-2020-28594 8.8
TALOS-2020-1052 Zoom Communications Registered Users Enumeration 2020-04-21 -- 6.5
TALOS-2020-1158 Synology DSM AppArmor synosearchagent misconfiguration vulnerability 2020-04-19 CVE-2021-26563 6.7
TALOS-2020-1012 Microsoft Media Foundation CQTMetadataKeysAtom GetKeyForIndex Information Disclosure Vulnerability 2020-04-14 CVE-2020-0939 6.5
TALOS-2020-0988 F2fs-tools fsck.f2fs sanity_check_area_boundary code execution vulnerability 2020-04-09 CVE-2020-6070 6.7
TALOS-2019-0897 3S-Smart Software Solutions CODESYS GatewayService memory corruption vulnerability 2020-03-25 CVE-2019-5105 7.5
TALOS-2020-1039 NVIDIA D3D10 Driver nvwgf2umx_cfg.dll nvwg FTOI code execution vulnerability 2020-03-25 CVE‑2020‑5981 8.5
TALOS-2019-0914 Intel Raid Web Console 3 DISCOVERY Denial of Service 2020-03-24 CVE-2020-8688 7.5
TALOS-2019-0894 Intel Raid Web Console 3 add server denial-of-service vulnerability 2020-03-24 CVE-2020-8688 7.5
TALOS-2020-1001 Videolabs libmicrodns 0.1.0 mdns_recv return value denial-of-service vulnerability 2020-03-23 CVE-2020-6078 7.5
TALOS-2020-0996 Videolabs libmicrodns 0.1.0 TXT record RDATA-parsing denial-of-service vulnerability 2020-03-23 CVE-2020-6073 7.5
TALOS-2020-1002 Videolabs libmicrodns 0.1.0 resource allocation denial-of-service vulnerabilities 2020-03-23 CVE-2020-6079, CVE-2020-6080 7.5
TALOS-2020-0994 Videolabs libmicrodns 0.1.0 resource record recursive label uncompression denial-of-service vulnerability 2020-03-23 CVE-2020-6071 7.5
TALOS-2020-1000 Videolabs libmicrodns 0.1.0 message-parsing bounds denial-of-service vulnerability 2020-03-23 CVE-2020-6077 7.5
TALOS-2020-0995 Videolabs libmicrodns 0.1.0 rr_decode return value remote code execution vulnerability 2020-03-23 CVE-2020-6072 9.8
TALOS-2020-1018 GStreamer gst-rtsp-server GstRTSPAuth Denial of Service Vulnerability 2020-03-23 CVE-2020-6095 7.5
TALOS-2020-1016 Microsoft Windows 10 Kernel SetMapMode MM_HIENGLISH information disclosure vulnerability 2020-03-10 CVE-2020-0791 7.3
TALOS-2019-0962 WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Command Injection Vulnerabilities 2020-03-09 CVE-2019-5167, CVE-2019-5168, CVE-2019-5169, CVE-2019-5170, CVE-2019-5171, CVE-2019-5172, CVE-2019-5173, CVE-2019-5174, CVE-2019-5175 8.8
TALOS-2019-0963 WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Code Execution Vulnerabilities 2020-03-09 CVE-2019-5176, CVE-2019-5177, CVE-2019-5178, CVE-2019-5179, CVE-2019-5180, CVE-2019-5181, CVE-2019-5182 8.8
TALOS-2019-0950 WAGO PFC200 Cloud Connectivity TimeoutUnconfirmed Command Injection Vulnerability 2020-03-09 CVE-2019-5157 7.2
TALOS-2019-0965 WAGO PFC200 iocheckd service "I/O-Check" cache gateway Memory Corruption Vulnerability 2020-03-09 CVE-2019-5184 7.0
TALOS-2019-0966 WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Memory Corruption Vulnerabilities 2020-03-09 CVE-2019-5185, CVE-2019-5186 7.0
TALOS-2019-0924 WAGO PFC100/200 Web-Based Management (WBM) Authentication Timing Information Disclosure Vulnerability 2020-03-09 CVE-2019-5135 5.3
TALOS-2019-0899 WAGO e!Cockpit network communication cleartext transmission vulnerability 2020-03-09 CVE-2019-5107 7.5
TALOS-2019-0923 WAGO PFC100/200 Web-Based Management (WBM) Authentication Regex Information Disclosure Vulnerability 2020-03-09 CVE-2019-5134 5.3
TALOS-2019-0952 WAGO e!COCKPIT file path improper input validation vulnerability 2020-03-09 CVE-2019-5159 8.6
TALOS-2019-0948 WAGO PFC200 Cloud Connectivity Multiple Command Injection Vulnerabilities 2020-03-09 CVE-2019-5155 7.2
TALOS-2019-0939 WAGO PFC100/200 Web-Based Management (WBM) FastCGI configuration insufficient resource pool denial of service 2020-03-09 CVE-2019-5149 5.3
TALOS-2019-0949 WAGO PFC200 Cloud Connectivity TimeoutPrepared Command Injection Vulnerability 2020-03-09 CVE-2019-5156 7.2
TALOS-2019-0953 WAGO PFC200 Cloud Connectivity Improper Host Validation Vulnerability 2020-03-09 CVE-2019-5160 9.1
TALOS-2019-0954 WAGO PFC200 Cloud Connectivity Remote Code Execution Vulnerability 2020-03-09 CVE-2019-5161 9.1
TALOS-2019-0969 Zoom conference room connector service insufficient session invalidation 2020-03-05 -- 6.4
TALOS-2020-1221 Epignosis eFront LMS Password Reset authentication bypass vulnerability 2020-03-03 CVE-2020-28597 9.8
TALOS-2020-1172 Webkit AudioSourceProviderGStreamer use-after-free vulnerability 2020-03-03 CVE-2020-13558 8.8
TALOS-2020-1173 Synology DSM findhostd unencrypted credentials disclosure vulnerability 2020-02-25 -- 8.0
TALOS-2019-0932 Moxa AWK-3131A iw_console conio_writestr Remote Code Execution Vulnerability 2020-02-24 CVE-2019-5143 8.8
TALOS-2020-1215 Slic3r libslic3r AMF File AMFParserContext::endElement() out-of-bounds read vulnerability 2020-02-24 CVE-2020-28591 8.6
TALOS-2019-0931 Moxa AWK-3131A WAP Hostname Command Injection Vulnerability 2020-02-24 CVE-2019-5142 7.2
TALOS-2019-0938 Moxa AWK-3131A ServiceAgent denial-of-service vulnerability 2020-02-24 CVE-2019-5148 7.5
TALOS-2019-0960 Moxa AWK-3131A iw_webs hostname Authentication Bypass Vulnerability 2020-02-24 CVE-2019-5165 8.0
TALOS-2019-0929 Moxa AWK-3131A iw_webs DecryptScriptFile file name Command Injection Vulnerability 2020-02-24 CVE-2019-5140 8.8
TALOS-2019-0926 Moxa AWK-3131A ServiceAgent Use of Hard-coded Cryptographic Key 2020-02-24 CVE-2019-5137 7.5
TALOS-2019-0955 Moxa AWK-3131A iw_webs Account Settings Improper Access Control Vulnerability 2020-02-24 CVE-2019-5162 9.9
TALOS-2019-0927 Moxa AWK-3131A Encrypted Diagnostic Script Command Injection Vulnerability 2020-02-24 CVE-2019-5138 9.9
TALOS-2019-0930 Moxa AWK-3131A iw_webs iw_serverip Parameter Command Injection Vulnerability 2020-02-24 CVE-2019-5141 8.8
TALOS-2019-0925 Moxa AWK-3131A iw_console Privilege Escalation Vulnerability 2020-02-24 CVE-2019-5136 8.8
TALOS-2019-0944 Moxa AWK-3131A iw_webs User Configuration Remote Code Execution Vulnerability 2020-02-24 CVE-2019-5153 9.9
TALOS-2019-0928 Moxa AWK-3131A multiple iw_* utilities Use of Hard-coded Credentials Vulnerability 2020-02-24 CVE-2019-5139 6.2
TALOS-2020-0985 CoTURN HTTP Server POST-parsing denial-of-service vulnerability 2020-02-18 CVE-2020-6062 5.9
TALOS-2020-0984 CoTURN HTTP Server POST-parsing information leak vulnerability 2020-02-18 CVE-2020-6061 7.0
TALOS-2019-0967 Apple Safari FontFaceSet Remote Code Execution Vulnerability 2020-02-12 CVE-2020-3868 8.8
TALOS-2019-0968 Microsoft Office Excel Ordinal43 code execution vulnerability 2020-02-11 CVE-2020-0759 8.8
TALOS-2019-0959 Adobe Acrobat Reader DC Javascript Field Name Information Leak 2020-02-11 CVE-2020-3744 6.8
TALOS-2019-0970 Windows 10 win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability 2020-02-11 CVE-2020-0731 8.4
TALOS-2019-0946 Microsoft Media Foundation IMFASFSplitter::Initialize Code Execution Vulnerability 2020-02-11 CVE-2020-0738 8.8
TALOS-2020-0987 Accusoft ImageGear PCX uncompress_scan_line buffer copy operation code execution vulnerability 2020-02-10 CVE-2020-6064 9.8
TALOS-2020-0990 Accusoft ImageGear JPEG SOFx Code Execution Vulnerability 2020-02-10 CVE-2020-6066 9.8
TALOS-2020-0991 Accusoft ImageGear TIFF tifread code execution vulnerability 2020-02-10 CVE-2020-6067 9.8
TALOS-2020-0986 Accusoft ImageGear PCX uncompress_scan_line buffer size computation code execution vulnerability 2020-02-10 CVE-2020-6063 9.8
TALOS-2020-0993 Accusoft ImageGear JPEG jpegread precision code execution vulnerability 2020-02-10 CVE-2020-6069 9.8
TALOS-2020-0989 Accusoft ImageGear BMP bmp_parsing buffer size computation code execution vulnerability 2020-02-10 CVE-2020-6065 9.8
TALOS-2019-0972 Accusoft ImageGear TIFF TIF_read_stripdata code execution vulnerability 2020-02-05 CVE-2019-5187 9.8
TALOS-2020-0975 Mini-SNMPD decode_cnt information leak vulnerability 2020-02-03 CVE-2020-6058 8.2
TALOS-2020-0977 Mini-SNMPD socket disconnect denial-of-service vulnerability 2020-02-03 CVE-2020-6060 7.5
TALOS-2020-0976 Mini-SNMPD decode_int Information Leak Vulnerability 2020-02-03 CVE-2020-6059 8.2
TALOS-2020-0992 Accusoft ImageGear PNG pngread width code execution vulnerability 2020-01-27 CVE-2020-6068 9.8
TALOS-2019-0937 AMD ATI Radeon ATIDXX64.DLL MAD shader functionality denial-of-service vulnerability 2020-01-21 CVE-2019-5146 8.6
TALOS-2019-0936 AMD ATI Radeon ATIDXX64.DLL MOVC shader functionality denial-of-service vulnerability 2020-01-21 CVE-2019-5147 8.6
TALOS-2019-0913 AMD ATI Radeon ATIDXX64.DLL shader functionality constant buffer denial-of-service vulnerability 2020-01-21 CVE-2019-5124 8.6
TALOS-2019-0964 AMD ATI Radeon ATIDXX64.DLL shader functionality VTABLE remote code execution vulnerability 2020-01-21 CVE-2019-5183 9.0
TALOS-2019-0915 Foxit PDF Reader Javascript Field Action Validate Remote Code Execution Vulnerability 2020-01-16 CVE-2019-5126 8.8
TALOS-2019-0934 Foxit PDF Reader JavaScript field keystroke action remote code execution vulnerability 2020-01-16 CVE-2019-5145 8.8
TALOS-2019-0935 Foxit PDF Reader Javascript createTemplate Invalid Page Code Execution Vulnerability 2020-01-16 CVE-2019-5130 8.0
TALOS-2019-0920 Foxit PDF Reader JavaScript field action OnBlur remote code execution vulnerability 2020-01-16 CVE-2019-5131 8.8
TALOS-2019-0973 E2fsprogs e2fsck rehash.c mutate_name() Code Execution Vulnerability 2020-01-07 CVE-2019-5188 7.5
TALOS-2019-0853 OpenCV JSON persistence parser buffer overflow vulnerability 2020-01-02 CVE-2019-5064 8.8
TALOS-2019-0852 OpenCV XML Persistence Parser Buffer Overflow Vulnerability 2020-01-02 CVE-2019-5063 8.8
TALOS-2019-0874 WAGO PFC200 iocheckd service "I/O-Check" ReadPCBManuNum remote code execution vulnerability 2019-12-16 CVE-2019-5082 10.0
TALOS-2019-0870 WAGO PFC200 iocheckd service "I/O-Check" Erase Denial of Service Vulnerability 2019-12-16 CVE-2019-5078 10.0
TALOS-2019-0873 WAGO PFC200 iocheckd service "I/O-Check" ReadPCBManuNum remote code execution vulnerability 2019-12-16 CVE-2019-5081 10.0
TALOS-2019-0869 WAGO PFC200 iocheckd service "I/O-Check" MAC Address overwrite Denial of Service Vulnerability 2019-12-16 CVE-2019-5077 10.0
TALOS-2019-0863 WAGO PFC200 iocheckd service "I/O-Check" BC_ProductLabel remote code execution vulnerability 2019-12-16 CVE-2019-5074 9.8
TALOS-2019-0871 WAGO PFC200 iocheckd service "I/O-Check" ReadPSN remote code execution vulnerability 2019-12-16 CVE-2019-5079 10.0
TALOS-2019-0872 WAGO PFC200 iocheckd service "I/O-Check" factory restore denial-of-service vulnerability 2019-12-16 CVE-2019-5080 10.0
TALOS-2019-0862 WAGO PFC200 iocheckd service "I/O-Check" external tool information exposure vulnerability 2019-12-16 CVE-2019-5073 5.3
TALOS-2019-0864 WAGO PFC200 iocheckd service "I/O-Check" get_coupler_details remote code execution vulnerability 2019-12-16 CVE-2019-5075 9.8
TALOS-2019-0933 Kakadu Software SDK ATK marker code execution vulnerability 2019-12-11 CVE-2019-5144 8.1
TALOS-2019-0943 Apple Safari SVG Marker Element baseVal Remote Code Execution Vulnerability 2019-12-11 CVE-2019-8846 8.8
TALOS-2019-0849 W1.fi hostapd CAM table denial-of-service vulnerability 2019-12-11 CVE-2019-5061 7.4
TALOS-2019-0850 W1.fi hostapd deauthentication denial-of-service vulnerability 2019-12-11 CVE-2019-5062 7.4
TALOS-2019-0900 Linux kernel CAM table denial-of-service vulnerability 2019-12-11 CVE-2019-5108 7.4
TALOS-2019-0947 Adobe Acrobat Reader DC Javascript gotoNamedDest information leak vulnerability 2019-12-10 CVE-2019-16463 6.8
TALOS-2019-0882 LEADTOOLS libltdic.so DICOM LDicomNet::receive information disclosure vulnerability 2019-12-10 CVE-2019-5090 9.1
TALOS-2019-0884 LEADTOOLS DICOM UI Parsing Code Execution Vulnerability 2019-12-10 CVE-2019-5092 8.8
TALOS-2019-0883 LEADTOOLS libltdic.so LDicomAssociate::SetBinary denial-of-service vulnerability 2019-12-10 CVE-2019-5091 7.5
TALOS-2019-0895 Microsoft Remote Desktop Services (RDP7) Windows XP Multiple Information Leak Vulnerabilities 2019-12-10 CVE-2019-1489 5.3
TALOS-2019-0901 Microsoft Remote Desktop Services (RDP8) license negotiation denial-of-service vulnerability 2019-12-10 CVE-2019-1453 7.5
TALOS-2019-0945 LEADTOOLS JPEG2000 Isot parsing Memory Corruption Vulnerability 2019-12-10 CVE-2019-5154 8.8
TALOS-2019-0885 LEADTOOLS libltdic.so DICOM LDicomNet::SendData Code Execution Vulnerability 2019-12-10 CVE-2019-5093 8.1
TALOS-2019-0877 LEADTOOLS libltdic.so DICOM receive code execution vulnerability 2019-12-10 CVE-2019-5085 9.8
TALOS-2019-0890 AMD ATI Radeon ATIDXX64.DLL shader functionality sincos denial-of-service vulnerability 2019-12-05 CVE-2019-5098 8.6
TALOS-2019-0958 Shadowsocks-libev ss-manager add_server Code Execution Vulnerability 2019-12-03 CVE-2019-5164 7.8
TALOS-2019-0956 Shadowsocks-libev ss-server UdpRelay Denial-of-Service Vulnerability 2019-12-03 CVE-2019-5163 5.9
TALOS-2019-0942 Shadowsocks-libev ss-server Stream Cipher Information Disclosure Vulnerability 2019-12-03 CVE-2019-5152 7.4
TALOS-2019-0875 Accusoft ImageGear TIFF TIF_decode_thunderscan code execution vulnerability 2019-12-02 CVE-2019-5083 9.8
TALOS-2019-0888 EmbedThis GoAhead web server code execution vulnerability 2019-12-02 CVE-2019-5096 9.8
TALOS-2019-0904 Forma LMS 2.2.1 /appLms/ajax.server.php filter_cat and filter_status parameters SQL injections 2019-12-02 CVE-2019-5111 - CVE-2019-5112 7.4
TALOS-2019-0903 Forma LMS 2.2.1 /appCore/index.php users parameter SQL injections 2019-12-02 CVE-2019-5110 7.4
TALOS-2019-0902 Forma LMS 2.2.1 ajax.adm_server.php dir parameter SQL injections 2019-12-02 CVE-2019-5109 7.4
TALOS-2019-0865 Accusoft ImageGear PNG IHDR width code execution vulnerability 2019-12-02 CVE-2019-5076 9.8
TALOS-2019-0889 EmbedThis GoAhead web server denial-of-service vulnerability 2019-12-02 CVE-2019-5097 5.3
TALOS-2019-0922 Accusoft ImageGear BMP code execution vulnerability 2019-12-02 CVE-2019-5133 9.8
TALOS-2019-0921 Accusoft ImageGear GEM Raster Code Execution Vulnerability 2019-12-02 CVE-2019-5132 9.8
TALOS-2019-0878 xcftools flattenIncrementally tiles walk code execution vulnerability 2019-11-21 CVE-2019-5086 7.5
TALOS-2019-0861 Tenda AC9 /goform/WanParameterSetting Command Injection Vulnerability 2019-11-21 CVE-2019-5071-CVE-2019-5072 7.8
TALOS-2019-0879 xcftools flattenIncrementally rows allocation code execution vulnerability 2019-11-20 CVE-2019-5087 8.8
TALOS-2019-0893 OpenWrt ustream-ssl certificate verification information leak vulnerability 2019-11-15 CVE-2019-5101 - CVE-2019-5102 4.0
TALOS-2019-0790 Exhibitor UI command injection vulnerability 2019-11-13 CVE-2019-5029 9.8
TALOS-2019-0845 Intel IGC64.DLL shader functionality DCL_INDEXABLE_TEMP denial-of-service vulnerability 2019-11-13 CVE-2019-14574 8.5
TALOS-2019-0886 Microsoft Office Excel WorksheetOptions Code Execution Vulnerability 2019-11-12 CVE-2019-1448 8.8
TALOS-2019-0912 Microsoft Media Foundation CMP4MetadataHandler AddQTMetadata Code Execution Vulnerability 2019-11-12 CVE-2019-1430 8.8
TALOS-2019-0891 LEADTOOLS CMP-parsing code execution vulnerability 2019-11-05 CVE-2019-5099 8.8
TALOS-2019-0876 LEADTOOLS TIF ImageWidth code execution vulnerability 2019-11-05 CVE-2019-5084 8.8
TALOS-2019-0916 LEADTOOLS JPEG2000 j2pc Parsing Remote Code Execution Vulnerability 2019-11-05 CVE-2019-5125 8.8
TALOS-2019-0892 LEADTOOLS BMP Parsing Remote Code Execution Vulnerability 2019-11-05 CVE-2019-5100 8.8
TALOS-2019-0881 Investintech Able2Extract professional JPEG decoding code execution vulnerability 2019-11-04 CVE-2019-5089 8.8
TALOS-2019-0880 Investintech Able2Extract Professional BMP decoding biClrUsed code execution vulnerability 2019-11-04 CVE-2019-5088 8.8
TALOS-2019-0940 YouPHPTube /objects/video.php getVideo search code execution vulnerability 2019-10-30 CVE-2019-5150 8.9
TALOS-2019-0941 YouPHPTube /objects/video.php getVideo videoName code execution vulnerability 2019-10-30 CVE-2019-5151 10.0
TALOS-2019-0848 VMware Fusion 11 Shader Functionality Denial Of Service 2019-10-28 CVE-2019-5536 6.5
TALOS-2019-0857 X11 Mesa 3D Graphics Library shared memory permissions vulnerability 2019-10-23 CVE-2019-5068 5.1
TALOS-2019-0907 YouPHPTube /objects/videoAddNew.json.php SQL injection vulnerability 2019-10-17 CVE-2019-5116 7.4
TALOS-2019-0908 YouPHPTube /objects/subscribe.json.php SQL injection vulnerability 2019-10-17 CVE-2019-5117 7.4
TALOS-2019-0911 YouPHPTube /objects/pluginSwitch.json.php Multiple SQL Injection Vulnerabilities 2019-10-17 CVE-2019-5121 - CVE-2019-5123 7.4
TALOS-2019-0909 YouPHPTube /objects/subscribeNotify.json.php user_id SQL injection vulnerability 2019-10-17 CVE-2019-5119 7.4
TALOS-2019-0917 YouPHPTube Encoder base64Url multiple command injections 2019-10-17 CVE-2019-5127 - CVE-2019-5129 10.0
TALOS-2019-0906 YouPHPTube /objects/commentAddNew.json.php comments_id SQL injection vulnerability 2019-10-17 CVE-2019-5114 7.4
TALOS-2019-0910 YouPHPTube /plugin/AD_Server/view/campaignsVideos.json.php id SQL injection vulnerability 2019-10-17 CVE-2019-5120 7.4
TALOS-2019-0860 Adobe Acrobat Reader DC text field value remote code execution vulnerability redux 2019-10-15 CVE-2019-8183 8.8
TALOS-2019-0819 NitroPDF Page Kids Remote Code Execution Vulnerability 2019-10-09 CVE-2019-5050 8.8
TALOS-2019-0816 NitroPDF CharProcs Remote Code Execution Vulnerability 2019-10-09 CVE-2019-5047 7.5
TALOS-2019-0817 NitroPDF ICCBased Color Space Remote Code Execution Vulnerability 2019-10-09 CVE-2019-5048 8.8
TALOS-2019-0814 NitroPDF jpeg2000 ssizDepth Remote Code Execution Vulnerability 2019-10-09 CVE-2019-5045 8.8
TALOS-2019-0830 NitroPDF Stream Length Memory Corruption Vulnerability 2019-10-09 CVE-2019-5053 7.5
TALOS-2019-0815 NitroPDF jpeg2000 yTsiz Remote Code Execution Vulnerability 2019-10-09 CVE-2019-5046 8.8
TALOS-2019-0823 Schneider Electric Modicon M580 FTP incomplete firmware update denial-of-service vulnerability 2019-10-08 CVE-2019-6842 4.9
TALOS-2019-0851 Schneider Electric Modicon M580 TFTP server information disclosure vulnerability 2019-10-08 CVE-2019-6851 7.5
TALOS-2019-0868 Schneider Electric Modicon M580 UMAS REST API readbolarray information disclosure vulnerability 2019-10-08 CVE-2019-6850 7.5
TALOS-2019-0847 Schneider Electric Modicon M580 outdated firmware image FTP upgrade denial-of-service vulnerability 2019-10-08 CVE-2019-6847 4.9
TALOS-2019-0825 Schneider Electric Modicon M580 Mismatched Firmware Image FTP Upgrade Denial of Service Vulnerability 2019-10-08 CVE-2019-6844 4.9
TALOS-2019-0827 Schneider Electric Modicon M580 FTP cleartext authentication vulnerability 2019-10-08 CVE-2019-6846 5.9
TALOS-2019-0822 Schneider Electric Modicon M580 FTP firmware update loader service denial-of-service vulnerability 2019-10-08 CVE-2019-6841 4.9
TALOS-2019-0866 Schneider Electric Modicon M580 UMAS REST API getcominfo denial-of-service vulnerability 2019-10-08 CVE-2019-6848 8.6
TALOS-2019-0826 Schneider Electric Modicon M580 UMAS cleartext data transmission vulnerability 2019-10-08 CVE-2019-6845 5.9
TALOS-2019-0824 Schneider Electric Modicon M580 malformed firmware image FTP upgrade denial-of-service vulnerability 2019-10-08 CVE-2019-6843 4.9
TALOS-2019-0867 Schneider Electric Modicon M580 UMAS REST API getcominfo information disclosure vulnerability 2019-10-08 CVE-2019-6849 7.5
TALOS-2019-0793 Foxit PDF Reader JavaScript Array.includes remote code execution vulnerability 2019-09-30 CVE-2019-5031 8.8
TALOS-2019-0887 E2fsprogs quotaio_tree.c report_tree() code execution vulnerability 2019-09-24 CVE-2019-5094 7.5
TALOS-2019-0855 Aspose.PDF for C++ LZWDecode filter predictor remote code execution vulnerability 2019-09-17 CVE-2019-5066 9.8
TALOS-2019-0856 Aspose.PDF for C++ parent generation remote code execution vulnerability 2019-09-17 CVE-2019-5067 9.8
TALOS-2019-0809 Aspose.PDF for C++ Remote Code Execution Vulnerability 2019-09-17 CVE-2019-5042 8.8
TALOS-2019-0840 Atlassian Jira Worklog Information Disclosure Vulnerability 2019-09-16 CVE-2019-8445 4.3
TALOS-2019-0835 Atlassian Jira CSRF Protections Bypass Vulnerability 2019-09-16 CVE-2019-14998 5.4
TALOS-2019-0839 Atlassian Jira issueTable username information disclosure vulnerability 2019-09-16 CVE-2019-8446 5.3
TALOS-2019-0837 Atlassian Jira issue attachment name information disclosure vulnerability 2019-09-16 CVE-2019-14995 5.3
TALOS-2019-0833 Atlassian Jira WikiRenderer parser XSS vulnerability 2019-09-16 CVE-2019-8444 7.4
TALOS-2019-0836 Atlassian Jira Issue Key Information Disclosure Vulnerability 2019-09-16 CVE-2019-14995 5.3
TALOS-2019-0818 AMD ATI Radeon ATIDXX64.DLL shader functionality remote code execution vulnerability 2019-09-16 CVE-2019-5049 9.0
TALOS-2019-0834 Atlassian Jira CSRF Login Vulnerability 2019-09-16 CVE-2019-15002 3.5
TALOS-2019-0838 Atlassian Jira Tempo plugin issue summary information disclosure vulnerability 2019-09-16 CVE-2019-5095 4.3
TALOS-2019-0832 NETGEAR N300 WNR2000v5 unauthenticated host access point daemon denial-of-service vulnerability 2019-09-09 CVE-2019-5055 7.5
TALOS-2019-0831 NETGEAR N300 WNR2000v5 unauthenticated HTTP denial-of-service vulnerability 2019-09-09 CVE-2019-5054 7.5
TALOS-2019-0854 Blynk inc. Blynk-Library BlynkProtocol<Transp>::processInput() information disclosure vulnerability 2019-09-04 CVE-2019-5065 5.3
TALOS-2019-0858 Epignosis eFront LMS PHP deserialization code execution vulnerability 2019-09-03 CVE-2019-5069 8.8
TALOS-2019-0859 Epignosis eFront LMS unauthenticated SQL injection vulnerability 2019-09-03 CVE-2019-5070 6.5
TALOS-2019-0794 Aspose Aspose.Cells for C++ LabelSst Code Execution Vulnerability 2019-08-20 CVE-2019-5032 9.8
TALOS-2019-0795 Aspose Aspose.Cells for C++ Number Code Execution Vulnerability 2019-08-20 CVE-2019-5033 9.8
TALOS-2019-0805 Aspose Aspose.Words for C++ EnumMetaInfo Code Execution Vulnerability 2019-08-20 CVE-2019-5041 9.8
TALOS-2019-0800 Nest Labs Nest Cam IQ Indoor WeaveCASEEngine::DecodeCertificateInfo denial-of-service vulnerability 2019-08-19 CVE-2019-5037 7.5
TALOS-2019-0798 Nest Labs Nest Cam IQ Indoor Weave PASE pairing brute force vulnerability 2019-08-19 CVE-2019-5035 9.0
TALOS-2019-0803 Nest Labs Openweave Weave DecodeMessageWithLength Information Disclosure Vulnerability 2019-08-19 CVE-2019-5040 8.2
TALOS-2019-0799 Nest Labs Nest Cam IQ Indoor Weave KeyError denial-of-service vulnerability 2019-08-19 CVE-2019-5036 7.5
TALOS-2019-0797 Nest Labs Nest Cam IQ Indoor Weave Legacy Pairing Information Disclosure Vulnerability 2019-08-19 CVE-2019-5034 5.3
TALOS-2019-0801 Nest Labs Openweave Weave tool Print-TLV code execution vulnerability 2019-08-19 CVE-2019-5038 7.5
TALOS-2019-0810 Nest Labs Nest Cam IQ Indoor Weave TCP connection denial-of-service vulnerability 2019-08-19 CVE-2019-5043 5.3
TALOS-2019-0802 Nest Labs Openweave Weave ASN1Writer PutValue Code Execution Vulnerability 2019-08-19 CVE-2019-5039 7.5
TALOS-2018-0736 Schneider Electric Modicon M580 UMAS read strategy denial-of-service vulnerability 2019-08-13 CVE-2019-6809 7.5
TALOS-2019-0807 Schneider Electric Modicon M580 UMAS Function Code 0x29 Denial of Service Vulnerability 2019-08-13 CVE-2019-6829 7.5
TALOS-2019-0808 Schneider Electric Modicon M580 HTTP Request Denial of Service Vulnerability 2019-08-13 CVE-2019-6830 5.9
TALOS-2019-0806 Schneider Electric Modicon M580 UMAS Read System Coils and Registers Denial of Service Vulnerability 2019-08-13 CVE-2019-6828 7.5
TALOS-2019-0829 MongoDB Server session reuse vulnerability 2019-08-06 CVE-2019-2386 7.1
TALOS-2019-0813 NVIDIA NVWGF2UMX_CFG.DLL Shader functionality DCL_INDEXABLETEMP code execution vulnerability 2019-08-05 CVE-2019- 5685 9.0
TALOS-2019-0812 NVIDIA NVWGF2UMX_CFG.DLL Shader functionality DCL_INDEXABLETEMP code execution vulnerability 2019-08-05 CVE-2019-5685 9.0
TALOS-2019-0779 NVIDIA NVWGF2UMX_CFG.DLL shader functionality code execution vulnerability 2019-08-05 CVE‑2019‑5684 9.0
TALOS-2019-0757 VMware Workstation 15 pixel shader functionality denial of service vulnerability 2019-08-05 CVE‑2019‑5521 6.5
TALOS-2019-0781 Yara Object Lookup Denial of Service Vulnerability 2019-07-30 CVE-2019-5020 6.5
TALOS-2019-0843 SDL_image XPM image color code code execution vulnerability 2019-07-29 CVE-2019-5059 8.8
TALOS-2019-0841 SDL_image PCX Image Code execution Vulnerability 2019-07-29 CVE-2019-5057 8.8
TALOS-2019-0842 SDL_image XCF Image Code Execution Vulnerability 2019-07-29 CVE-2019-5058 8.8
TALOS-2019-0844 SDL_image XPM image colorhash parsing Code Execution Vulnerability 2019-07-29 CVE-2019-5060 8.8
TALOS-2019-0821 Simple DirectMedia Layer SDL2_image IMG_LoadPCX_RW signed comparison code execution vulnerability 2019-07-02 CVE-2019-5052 8.8
TALOS-2019-0820 Simple DirectMedia Layer SDL2_image IMG_LoadPCX_RW code execution vulnerability 2019-07-02 CVE-2019-5051 8.8
TALOS-2019-0791 Google V8 Array.prototype Memory Corruption Vulnerability 2019-07-01 CVE-2019-5831 7.5
TALOS-2019-0776 KCodes NetUSB unauthenticated remote kernel information disclosure vulnerability 2019-06-17 CVE-2019-5017 5.8
TALOS-2019-0775 KCodes NetUSB unauthenticated remote kernel arbitrary memory read vulnerability 2019-06-14 CVE-2019-5016 10.0
TALOS-2018-0740 Schneider Electric Modicon M580 UMAS strategy read information disclosure vulnerability 2019-06-10 CVE-2018-7848 7.5
TALOS-2019-0771 Schneider Electric UnityPro PLC simulator remote code execution vulnerability 2019-06-10 CVE-2019-6808 10.0
TALOS-2019-0768 Schneider Electric Modicon M580 UMAS write system coils and holding registers denial-of-service vulnerability 2019-06-10 CVE-2018-7857 7.5
TALOS-2018-0738 Schneider Electric Modicon M580 UMAS memory block read denial-of-service vulnerability 2019-06-10 CVE-2018-7843 7.5
TALOS-2019-0769 Schneider Electric Modicon M580 UMAS read system blocks and bits information disclosure vulnerability 2019-06-10 CVE-2019-6806 7.5
TALOS-2019-0767 Schneider Electric Modicon M580 UMAS memory block write denial-of-service vulnerability 2019-06-10 CVE-2018-7856 7.5
TALOS-2019-0770 Schneider Electric Modicon M580 UMAS write system bits and blocks denial-of-service vulnerability 2019-06-10 CVE-2019-6807 7.5
TALOS-2019-0766 Schneider Electric Modicon M580 UMAS set breakpoint denial-of-service vulnerability 2019-06-10 CVE-2018-7855 7.5
TALOS-2019-0764 Schneider Electric Modicon M580 UMAS function code 0x28 denial-of-service vulnerability 2019-06-10 CVE-2018-7853 7.5
TALOS-2018-0742 Schneider Electric Modicon M580 UMAS Strategy File Write Vulnerability 2019-06-10 CVE-2018-7847 9.8
TALOS-2018-0741 Schneider Electric Modicon M580 UMAS Improper Authentication Vulnerability 2019-06-10 CVE-2018-7842 7.5
TALOS-2018-0735 Schneider Electric Modicon M580 UMAS release reservation denial-of-service vulnerability 2019-06-10 CVE-2018-7846 5.3
TALOS-2019-0765 Schneider Electric Modicon M580 UMAS function code 0x65 denial-of-service vulnerability 2019-06-10 CVE-2018-7854 7.5
TALOS-2018-0743 Schneider Electric Modicon M580 UnityPro reliance on untrusted inputs vulnerability 2019-06-10 CVE-2018-7850 7.5
TALOS-2019-0763 Schneider Electric Modicon M580 UMAS function code 0x6d multiple denial-of-service vulnerabilities 2019-06-10 CVE-2018-7852 7.5
TALOS-2018-0737 Schneider Electric Modicon M580 UMAS strategy transfer denial-of-service vulnerability 2019-06-10 CVE-2018-7849 7.5
TALOS-2018-0745 Schneider Electric Modicon M580 UMAS Read Memory Block Out Of Bounds Information Disclosure Vulnerability 2019-06-10 CVE-2018-7845 7.5
TALOS-2018-0739 Schneider Electric Modicon M580 UMAS read memory block information disclosure vulnerability 2019-06-10 CVE-2018-7844 7.5
TALOS-2019-0787 Jenkins Artifactory Plugin information disclosure vulnerability 2019-06-04 CVE-2019-10321 - CVE-2019-10322 7.7
TALOS-2019-0846 Jenkins Artifactory Plugin fillCredentialsIdItems information disclosure vulnerability 2019-06-04 CVE-2019-10323 4.3
TALOS-2019-0784 PaX read_kmem denial of service vulnerability 2019-05-29 CVE-2019-5023 5.3
TALOS-2019-0760 Wacom update helper tool startProcess privilege escalation vulnerability 2019-05-16 CVE-2019-5012 7.8
TALOS-2019-0761 Wacom update helper tool start/stopLaunchDProcess privilege escalation vulnerability 2019-05-16 CVE-2019-5013 7.1
TALOS-2019-0778 Adobe Acrobat Reader DC OCGs state change remote code execution vulnerability 2019-05-14 CVE-2019-7761 8.8
TALOS-2019-0796 Adobe Acrobat Reader DC app.thermometer Remote Code Execution Vulnerability 2019-05-14 CVE-2019-7831 8.0
TALOS-2019-0792 Antenna House Rainbow PDF Office server document converter TxMasterStyleAtom parsing code execution vulnerability 2019-05-14 CVE-2019-5030 8.8
TALOS-2018-0687 Anker Roav A1 Dashcam HTTP Path Overflow Code Execution Vulnerability 2019-05-13 CVE-2018-4016 8.0
TALOS-2018-0689 Novatek NT9665X HTTP Upload Firmware Update Vulnerability 2019-05-13 CVE-2018-4018 10.0
TALOS-2018-0688 Anker Roav A1 Dashcam Wifi AP Default Credential Vulnerability 2019-05-13 CVE-2018-4017 7.1
TALOS-2018-0701 Novatek NT9665X HFS Recv buffer overflow code execution vulnerability 2019-05-13 CVE-2018-4029 10.0
TALOS-2018-0695 Novatek NT9665X XML_UploadFile path overflow code execution vulnerability 2019-05-13 CVE-2018-4023 10.0
TALOS-2018-0698 Novatek NT9665X XML_GetScreen Strncmp denial-of-service vulnerability 2019-05-13 CVE-2018-4026 7.5
TALOS-2018-0685 Anker Roav A1 Dashcam WifiCmd 9999 Code Execution Vulnerability 2019-05-13 CVE-2018-4014 8.0
TALOS-2018-0697 Novatek NT9665X XML_GetRawEncJpg denial-of-service vulnerability 2019-05-13 CVE-2018-4025 7.5
TALOS-2018-0696 Novatek NT9665X XML_GetThumbNail denial-of-service vulnerability 2019-05-13 CVE-2018-4024 7.5
TALOS-2018-0700 Novatek NT9665X HFS Overwrite denial-of-service vulnerability 2019-05-13 CVE-2018-4028 5.3
TALOS-2018-0699 Novatek NT9665X XML_UploadFile WifiCmd denial-of-service vulnerability 2019-05-13 CVE-2018-4027 5.3
TALOS-2019-0777 Sqlite3 Window Function Remote Code Execution Vulnerability 2019-05-09 CVE-2019-5018 8.1
TALOS-2019-0772 Winco Fireworks FireFly Bluetooth Low Energy Improper Access Control Vulnerability 2019-05-08 CVE-2019-5014 6.5
TALOS-2019-0782 Alpine Linux Docker Image root User Hard-Coded Credential Vulnerability 2019-05-08 CVE-2019-5021 9.8
TALOS-2019-0783 Jenkins Swarm Plugin XML external entities information disclosure vulnerability 2019-05-06 CVE-2019-10309 6.1
TALOS-2019-0786 Jenkins Ansible Tower Plugin information disclosure vulnerability 2019-05-06 CVE-2019-10310 7.7
TALOS-2019-0788 Jenkins GitLab Plugin Information Disclosure Vulnerability 2019-05-06 CVE-2019-10300 7.7
TALOS-2018-0754 Sierra Wireless AirLink ES450 ACEManager Information Exposure Vulnerability 2019-04-25 CVE-2018-4069 5.9
TALOS-2018-0749 Sierra Wireless AirLink ES450 ACEManager upload.cgi Unverified Password Change Vulnerability 2019-04-25 CVE-2018-4064 8.5
TALOS-2018-0753 Sierra Wireless AirLink ES450 ACEManager Information Disclosure Vulnerability 2019-04-25 CVE-2018-4068 5.3
TALOS-2018-0748 Sierra Wireless AirLink ES450 ACEManager upload.cgi Remote Code Execution Vulnerability 2019-04-25 CVE-2018-4063 9.9
TALOS-2018-0756 Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Set_Task.cgi Permission Assignment Vulnerability 2019-04-25 CVE-2018-4072, CVE-2018-4073 9.9
TALOS-2018-0755 Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Get_Task.cgi Information Disclosure Vulnerability 2019-04-25 CVE-2018-4070, CVE-2018-4071 7.7
TALOS-2018-0752 Sierra Wireless AirLink ES450 ACEManager template_load.cgi Information Disclosure Vulnerability 2019-04-25 CVE-2018-4067 5.0
TALOS-2018-0750 Sierra Wireless AirLink ES450 ACEManager ping_result.cgi Cross-Site Scripting Vulnerability 2019-04-25 CVE-2018-4065 6.1
TALOS-2018-0751 Sierra Wireless AirLink ES450 ACEManager Cross-Site Request Forgery Vulnerability 2019-04-25 CVE-2018-4066 6.4
TALOS-2018-0746 Sierra Wireless AirLink ES450 ACEManager iplogging.cgi command injection vulnerability 2019-04-25 CVE-2018-4061 9.9
TALOS-2018-0747 Sierra Wireless AirLink ES450 SNMPD hard-coded credentials vulnerability 2019-04-25 CVE-2018-4062 7.7
TALOS-2018-0693 Symantec Endpoint Protection Small Business Edition ccSetx86.sys 0x224844 kernel memory information disclosure vulnerability 2019-04-23 CVE-2018-18366 4.3
TALOS-2019-0762 VMware Workstation 15 vertex shader functionality denial-of-service vulnerability 2019-04-15 CVE-2019-5516 6.5
TALOS-2018-0676 Shimo VPN helper tool deleteConfig denial-of-service vulnerability 2019-04-15 CVE-2018-4007 9.0
TALOS-2018-0674 Shimo VPN helper tool configureRoutingWithCommand privilege escalation vulnerability 2019-04-15 CVE-2018-4005 9.3
TALOS-2018-0673 Shimo VPN Helper Tool disconnectService denial-of-service vulnerability 2019-04-15 CVE-2018-4004 7.1
TALOS-2018-0677 Shimo VPN helper tool RunVpncScript privilege escalation vulnerability 2019-04-15 CVE-2018-4008 9.3
TALOS-2018-0675 Shimo VPN helper tool writeConfig privilege escalation vulnerability 2019-04-15 CVE-2018-4006 9.3
TALOS-2018-0678 Shimo VPN helper tool code-signing privilege escalation vulnerability 2019-04-15 CVE-2018-4009 8.8
TALOS-2019-0774 Adobe Acrobat Reader DC text field value remote code execution vulnerability — redux 2019-04-09 CVE-2019-7125 8.8
TALOS-2019-0785 Capsule Technologies SmartLinx Neuron 2 restricted environment protection mechanism failure vulnerability 2019-04-08 CVE-2019-5024 7.6
TALOS-2018-0722 GOG Galaxy updater temp directory insecure file permissions local privilege elevation vulnerability 2019-03-26 CVE-2018-4048 9.3
TALOS-2018-0727 GOG Galaxy Games privileged helper denial-of-service vulnerability 2019-03-26 CVE-2018-4053 6.2
TALOS-2018-0726 GOG Galaxy Games fillProcessInformationForPids information leak vulnerability 2019-03-26 CVE-2018-4052 6.2
TALOS-2018-0724 GOG Galaxy Games changeFolderPermissionsAtPath privilege escalation vulnerability 2019-03-26 CVE-2018-4050 7.1
TALOS-2018-0725 GOG Galaxy Games createFolderAtPath privilege escalation vulnerability 2019-03-26 CVE-2018-4051 7.1
TALOS-2018-0647 Nouveau Display Driver Remote Denial of Service 2019-03-26 CVE-2018-3979 7.4
TALOS-2018-0723 GOG Galaxy Games directory insecure file permissions local privilege elevation vulnerability 2019-03-26 CVE-2018-4049 9.3
TALOS-2018-0640 GOG Galaxy service insecure file permissions local privilege elevation vulnerability 2019-03-26 CVE-2018-3974 9.3
TALOS-2018-0627 CUJO Smart Firewall static DHCP hostname command injection vulnerability 2019-03-19 CVE-2018-3963 9.0
TALOS-2018-0633 Das U-Boot verified boot bypass 2019-03-19 CVE-2018-3968 8.2
TALOS-2018-0703 CUJO Smart Firewall threatd hostname reputation check code execution vulnerability 2019-03-19 CVE-2018-4031 9.0
TALOS-2018-0681 CUJO Smart Firewall mdnscap mDNS SRV record denial-of-service vulnerability 2019-03-19 CVE-2018-4011 6.5
TALOS-2018-0702 CUJO Smart Firewall safe browsing Host header-parsing firewall bypass vulnerability 2019-03-19 CVE-2018-4030 5.3
TALOS-2018-0672 CUJO Smart Firewall mdnscap mDNS character-strings code execution vulnerability 2019-03-19 CVE-2018-4003 8.3
TALOS-2018-0653 CUJO Smart Firewall mdnscap mDNS record parsing code execution vulnerability 2019-03-19 CVE-2018-3985 8.3
TALOS-2018-0671 CUJO Smart Firewall mdnscap mDNS label compression denial-of-service vulnerability 2019-03-19 CVE-2018-4002 5.3
TALOS-2018-0634 CUJO Smart Firewall dhcpd.conf verified boot bypass 2019-03-19 CVE-2018-3969 8.2
TALOS-2019-0759 CleanMyMac X incomplete update patch privilege escalation vulnerability 2019-03-11 CVE-2019-5011 7.1
TALOS-2019-0961 WAGO PFC200 iocheckd service "I/O-Check" cache DNS code execution vulnerability 2019-03-09 CVE-2019-5166 8.8
TALOS-2019-0951 WAGO e!COCKPIT Firmware Downgrade Vulnerability 2019-03-09 CVE-2019-5158 8.6
TALOS-2019-0898 WAGO e!Cockpit authentication hard-coded encryption key vulnerability 2019-03-09 CVE-2019-5106 6.2
TALOS-2019-0773 Pixar Renderman Install Helper Privilege Escalation Vulnerability 2019-03-07 CVE-2019-5015 9.0
TALOS-2019-0780 Antenna House Rainbow PDF Office server document converter getSummaryInformation NumProperties code execution vulnerability 2019-02-28 CVE-2019-5019 8.8
TALOS-2017-0509 McAfee GetSusp VersionInfo Parsing Denial of Service Vulnerability 2019-02-20 CVE-2018-6687 6.5
TALOS-2018-0682 AutoDesk AutoCAD 2019 LinetypeTableRecord Code Execution Vulnerability 2019-02-14 CVE-2019-7360 8.8
TALOS-2018-0680 AutoDesk AutoCAD 2019 cell margin code execution vulnerability 2019-02-14 CVE-2019-7359 8.8
TALOS-2018-0670 AutoDesk AutoCAD 2019 DXF-parsing code execution vulnerability 2019-02-14 CVE-2019-7358 8.8
TALOS-2018-0714 Adobe Acrobat Reader DC text field "comb" property remote code execution vulnerability 2019-02-12 CVE-2019-7039 8.8
TALOS-2018-0655 Rakuten Viber Android Secret Chats Information Disclosure Vulnerability 2019-02-07 CVE-2018-3987 4.2
TALOS-2018-0642 ACD Systems Canvas Draw 5 IO metadata out-of-bounds write code execution vulnerability 2019-01-30 CVE-2018-3976 8.8
TALOS-2018-0648 ACD Systems Canvas Draw 5 huff table out-of-bounds write code execution vulnerability 2019-01-30 CVE-2018-3980 8.8
TALOS-2018-0638 ACD Systems Canvas Draw 4 FillSpan Out of Bounds Write Code Execution Vulnerability 2019-01-30 CVE-2018-3973 8.8
TALOS-2018-0649 ACD Systems Canvas Draw 5 Resolution_Set out-of-bounds write code execution vulnerability 2019-01-30 CVE-2018-3981 8.8
TALOS-2018-0658 WIBU-SYSTEMS WibuKey.sys 0x8200E804 pool corruption privilege escalation vulnerability 2019-01-28 CVE-2018-3990 9.3
TALOS-2019-0758 Python.org CPython X509 certificate parsing denial-of-service vulnerability 2019-01-28 CVE-2019-5010 5.9
TALOS-2018-0657 WIBU-SYSTEMS WibuKey.sys 0x8200E804 kernel memory information disclosure vulnerability 2019-01-28 CVE-2018-3989 4.3
TALOS-2018-0659 WIBU-SYSTEMS WibuKey network server management WkbProgramLow remote code execution vulnerability 2019-01-28 CVE-2018-3991 10.0
TALOS-2019-0919 Bitdefender BOX 2 bootstrap download_image command injection vulnerability 2019-01-21 CVE-2019-17095, CVE-2019-17096 9.0
TALOS-2019-0918 Bitdefender BOX 2 bootstrap update_setup command execution vulnerability 2019-01-21 CVE-2019-17102 9.0
TALOS-2018-0728 Pixar Renderman install helper privilege escalation vulnerability 2019-01-14 CVE-2018-4054 9.0
TALOS-2018-0729 Pixar Renderman Install Helper Arbitrary File Read Privilege Escalation Vulnerability 2019-01-14 CVE-2018-4055 7.1
TALOS-2018-0615 Apple IntelHD5000 Graphics Process Token Privilege Escalation Vulnerability 2019-01-08 CVE-2018-4421 8.8
TALOS-2018-0614 Apple IntelHD5000 Graphics Delete Resource Privilege Escalation Vulnerability 2019-01-03 CVE-2018-4456, CVE-2018-4451 8.8
TALOS-2018-0626 Foxit PDF Reader XFA xdpContent information leak vulnerability 2019-01-03 CVE-2018-3956 6.8
TALOS-2018-0709 CleanMyMac X removeKextAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4036 7.1
TALOS-2018-0718 Clean My Mac X removePackageWithID privilege escalation vulnerability 2019-01-02 CVE-2018-4044 7.1
TALOS-2018-0707 CleanMyMac X removeItemAtPath Privilege Escalation Vulnerability 2019-01-02 CVE-2018-4034 7.1
TALOS-2018-0708 CleanMyMac X truncateFileAtPath Privilege Escalation Vulnerability 2019-01-02 CVE-2018-4035 7.1
TALOS-2018-0716 Clean My Mac X removeLaunchdAgentAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4042 7.1
TALOS-2018-0719 Clean My Mac X securelyRemoveItemAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4045 7.1
TALOS-2018-0706 CleanMyMac X moveToTrashItemAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4033 7.1
TALOS-2018-0715 Clean My Mac X enableLaunchdAgentAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4041 7.1
TALOS-2018-0721 Clean My Mac X disableLaunchdAgentAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4047 7.1
TALOS-2018-0720 Clean My Mac X pleaseTerminate denial-of-service vulnerability 2019-01-02 CVE-2018-4046 7.1
TALOS-2018-0710 CleanMyMac X removeDiagnosticLogs privilege escalation vulnerability 2019-01-02 CVE-2018-4037 7.1
TALOS-2018-0705 CleanMyMac X moveItemAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4032 7.1
TALOS-2018-0717 Clean My Mac X removeASL Privilege Escalation Vulnerability 2019-01-02 CVE-2018-4043 7.1
TALOS-2018-0654 Telegram Android Secret Chats Information Disclosure Vulnerability 2018-12-21 CVE-2018-3986 4.2
TALOS-2018-0686 Webroot BrightCloud SDK HTTP connection unsafe defaults vulnerability 2018-12-17 CVE-2018-4015 8.1
TALOS-2018-0683 Webroot BrightCloud SDK HTTP headers-parsing code execution vulnerability 2018-12-17 CVE-2018-4012 9.0
TALOS-2018-0704 Adobe Acrobat Reader DC Text Field Value Remote Code Execution Vulnerability 2018-12-11 CVE-2018-19716 8.8
TALOS-2018-0643 Facebook WhatsApp Desktop Multiple Web Connection Notice Bypass Vulnerability 2018-12-10 -- 6.0
TALOS-2018-0656 Signal Messenger Android self deleting messages Information Disclosure Vulnerability 2018-12-06 CVE-2018-3988 3.3
TALOS-2018-0690 Netgate pfSense system_advanced_misc.php multiple remote command injection vulnerabilities 2018-12-03 CVE-2018-4019, CVE-2018-4020, CVE-2018-4021 7.2
TALOS-2018-0711 Atlantis Word Processor open document format unchecked NewAnsiString length remote code execution vulnerability 2018-11-20 CVE-2018-4038 8.8
TALOS-2018-0713 Atlantis Word Processor rich text format uninitialized TAutoList remote code execution vulnerability 2018-11-20 CVE-2018-4040 8.8
TALOS-2018-0712 Atlantis Word Processor Huffman table code length remote code execution vulnerability 2018-11-20 CVE-2018-4039 8.8
TALOS-2018-0618 TP-Link TL-R600VPN HTTP server information disclosure vulnerability 2018-11-19 CVE-2018-3949 7.5
TALOS-2018-0617 TP-Link TL-R600VPN HTTP server denial-of-service vulnerability 2018-11-19 CVE-2018-3948 7.5
TALOS-2018-0619 TP-Link TL-R600VPN HTTP server ping address remote code execution vulnerability 2018-11-19 CVE-2018-3950 7.2
TALOS-2018-0620 TP-Link TL-R600VPN HTTP Server fs directory Remote Code Execution Vulnerability 2018-11-19 CVE-2018-3951 7.2
TALOS-2018-0566 Yi Technology Home Camera 27US Firmware Downgrade Vulnerability 2018-10-31 CVE-2018-3891 5.7
TALOS-2018-0584 Yi Technology Home Camera 27US Firmware 7z CRC Collision Vulnerability 2018-10-31 CVE-2018-3920 7.6
TALOS-2018-0580 Yi Technology Home Camera 27US cloudAPI SSID Code Execution Vulnerability 2018-10-31 CVE-2018-3910 8.8
TALOS-2018-0601 Yi Technology Home Camera 27US nonce reuse authentication bypass vulnerability 2018-10-31 CVE-2018-3934 9.0
TALOS-2018-0572 Yi Technology Home Camera 27US QR Code Base64 Code Execution Vulnerability 2018-10-31 CVE-2018-3900 9.1
TALOS-2018-0595 Yi Technology Home Camera 27US notice_to denial-of-service vulnerability 2018-10-31 CVE-2018-3928 7.5
TALOS-2018-0645 Simple DirectMedia Layer SDL2_Image do_layer_surface code execution vulnerability 2018-10-31 CVE-2018-3977 8.8
TALOS-2018-0571 Yi Technology Home Camera 27US QR Code trans_info Code Execution Vulnerability 2018-10-31 CVE-2018-3898, CVE-2018-3899 8.3
TALOS-2018-0616 Yi Technology Home Camera 27US p2p_tnp cleartext data transmission vulnerability 2018-10-31 CVE-2018-3947 9.0
TALOS-2018-0602 Yi Technology Home Camera 27US CRCDec denial-of-service vulnerability 2018-10-31 CVE-2018-3935 7.5
TALOS-2018-0565 Yi Technology Home Camera 27US Firmware Update Code Execution Vulnerability 2018-10-31 CVE-2018-3890 7.6
TALOS-2018-0567 Yi Technology Home Camera 27US TimeSync Code Execution Vulnerability