|
TALOS-2022-1461
|
Bachmann Visutec GmbH Atvise License registration information disclosure vulnerability
|
2022-06-15
|
CVE-2022-21184
|
5.9
|
|
TALOS-2022-1524
|
Blynk Blynk-Library BlynkConsole.h runCommand stack-based buffer overflow vulnerability
|
2022-06-15
|
CVE-2022-29496
|
9.0
|
|
TALOS-2022-1440
|
Anker Eufy Homebase 2 mips_collector appsrv_server use-after-free vulnerability
|
2022-06-15
|
CVE-2022-21806
|
10.0
|
|
TALOS-2022-1488
|
Open Automation Software Platform Engine SecureAddUser External config control vulnerability
|
2022-05-25
|
CVE-2022-26303
|
7.5
|
|
TALOS-2022-1491
|
Open Automation Software Platform Engine SecureConfigValues denial of service vulnerability
|
2022-05-25
|
CVE-2022-26026
|
7.5
|
|
TALOS-2022-1513
|
Open Automation Software OAS Platform REST API unauthenticated vulnerability
|
2022-05-25
|
CVE-2022-26833
|
9.4
|
|
TALOS-2022-1492
|
Open Automation Software Platform Engine SecureTransferFiles information disclosure vulnerability
|
2022-05-25
|
CVE-2022-26067
|
4.9
|
|
TALOS-2022-1490
|
Open Automation Software Platform Engine cleartext transmission of sensitive information vulnerability
|
2022-05-25
|
CVE-2022-26077
|
7.5
|
|
TALOS-2022-1489
|
Open Automation Software Platform Engine SecureAddSecurity external config control vulnerability
|
2022-05-25
|
CVE-2022-26043
|
7.5
|
|
TALOS-2022-1493
|
Open Automation Software Platform Engine SecureTransferFiles file write vulnerability
|
2022-05-25
|
CVE-2022-26082
|
9.1
|
|
TALOS-2022-1494
|
Open Automation Software Platform Engine SecureBrowseFile information disclosure vulnerability
|
2022-05-25
|
CVE-2022-27169
|
7.5
|
|
TALOS-2021-1435
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXABLE memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28181
|
8.5
|
|
TALOS-2021-1437
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_UNORDERED_ACCESS_VIEW_STRUCTURED memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28182
|
8.5
|
|
TALOS-2021-1436
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXRANGE memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28182
|
8.5
|
|
TALOS-2021-1438
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_RESOURCE_STRUCTURED memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28182
|
8.5
|
|
TALOS-2022-1478
|
InHand Networks InRouter302 daretools binary OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26042
|
9.9
|
|
TALOS-2022-1470
|
InHand Networks InRouter302 web interface session cookie information disclosure vulnerability
|
2022-05-10
|
CVE-2022-25172
|
7.5
|
|
TALOS-2022-1477
|
InHand Networks InRouter302 console inhand command execution vulnerability
|
2022-05-10
|
CVE-2022-25995
|
9.9
|
|
TALOS-2022-1500
|
InHand Networks InRouter302 console infactory_wlan command injection vulnerability
|
2022-05-10
|
CVE-2022-26075
|
9.9
|
|
TALOS-2022-1468
|
InHand Networks InRouter302 httpd upload.cgi file write vulnerability
|
2022-05-10
|
CVE-2022-21809
|
9.9
|
|
TALOS-2022-1471
|
InHand Networks InRouter302 httpd parse_ping_result API buffer overflow vulnerability
|
2022-05-10
|
CVE-2022-24910
|
8.2
|
|
TALOS-2022-1473
|
InHand Networks InRouter302 httpd wlscan_ASP OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26085
|
9.9
|
|
TALOS-2022-1472
|
InHand Networks InRouter302 router configuration import privilege escalation vulnerability
|
2022-05-10
|
CVE-2022-21182
|
7.4
|
|
TALOS-2022-1495
|
InHand Networks InRouter302 iburn firmware checks firmware update vulnerability
|
2022-05-10
|
CVE-2022-26510
|
9.9
|
|
TALOS-2022-1469
|
InHand Networks InRouter302 info.jsp cross-site scripting (XSS) vulnerability
|
2022-05-10
|
CVE-2022-21238
|
5.4
|
|
TALOS-2022-1476
|
InHand Networks InRouter302 console factory stack-based buffer overflow vulnerability
|
2022-05-10
|
CVE-2022-26002
|
9.1
|
|
TALOS-2022-1475
|
InHand Networks InRouter302 console factory OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26007
|
9.1
|
|
TALOS-2022-1474
|
InHand Networks InRouter302 router configuration export information disclosure vulnerability
|
2022-05-10
|
CVE-2022-26020
|
6.3
|
|
TALOS-2022-1496
|
InHand Networks InRouter302 console infactory hard-coded password vulnerability
|
2022-05-10
|
CVE-2022-27172
|
4.3
|
|
TALOS-2022-1499
|
InHand Networks InRouter302 console infactory_port OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26420
|
9.9
|
|
TALOS-2022-1481
|
InHand Networks InRouter302 libnvram.so nvram_import improper input validation vulnerabilities
|
2022-05-10
|
CVE-2022-26780,CVE-2022-26781,CVE-2022-26782
|
9.9
|
|
TALOS-2022-1501
|
InHand Networks InRouter302 console infactory_net command injection vulnerability
|
2022-05-10
|
CVE-2022-26518
|
9.9
|
|
TALOS-2021-1412
|
WPS Office HtmTableAlt use-after-free vulnerability
|
2022-05-09
|
CVE-2021-40399
|
8.8
|
|
TALOS-2022-1480
|
Anker Eufy Homebase 2 libxm_av.so DemuxCmdInBuffer buffer overflow vulnerability
|
2022-05-05
|
CVE-2022-26073
|
7.4
|
|
TALOS-2022-1479
|
Anker Eufy Homebase 2 libxm_av.so getpeermac() authentication bypass vulnerability
|
2022-05-05
|
CVE-2022-25989
|
7.1
|
|
TALOS-2022-1449
|
Accusoft ImageGear ioca_mys_rgb_allocate memory corruption vulnerability
|
2022-05-02
|
CVE-2022-22137
|
9.8
|
|
TALOS-2022-1465
|
Accusoft ImageGear IGXMPXMLParser::parseDelimiter stack-based buffer overflow vulnerability
|
2022-05-02
|
CVE-2022-23400
|
7.1
|
|
TALOS-2021-1411
|
Accusoft ImageGear parse_raster_data out-of-bounds write vulnerability
|
2022-03-31
|
CVE-2021-40398
|
8.1
|
|
TALOS-2021-1434
|
Sound Exchange libsox sphere.c start_read() heap-based buffer overflow vulnerability
|
2022-03-23
|
CVE-2021-40426
|
10.0
|
|
TALOS-2022-1464
|
Leadtools fltSaveCMP integer overflow vulnerability
|
2022-03-15
|
CVE-2022-21154
|
8.8
|
|
TALOS-2021-1433
|
Webroot Secure Anywhere IOCTL GetProcessCommand and B_03 out-of-bounds read vulnerability
|
2022-03-15
|
CVE-2021-40425,CVE-2021-40424
|
7.1
|
|
TALOS-2022-1443
|
Lansweeper lansweeper EchoAssets.aspx SQL injection vulnerability
|
2022-02-28
|
CVE-2022-21234
|
9.1
|
|
TALOS-2022-1441
|
Lansweeper lansweeper HelpdeskSetupActions SQL injection vulnerability
|
2022-02-28
|
CVE-2022-22149
|
9.1
|
|
TALOS-2022-1442
|
Lansweeper WebUserActions.aspx Stored XSS vulnerability
|
2022-02-28
|
CVE-2022-21145
|
9.1
|
|
TALOS-2022-1467
|
MZ Automation GmbH libiec61850 parseNormalModeParameters denial of service vulnerability
|
2022-02-28
|
CVE-2022-21159
|
7.5
|
|
TALOS-2021-1413
|
Gerbv RS-274X aperture macro outline primitive out-of-bounds read vulnerability
|
2022-02-28
|
CVE-2021-40400
|
9.3
|
|
TALOS-2021-1431
|
Swift Sensors Gateway device password generation authentication bypass vulnerability
|
2022-02-28
|
CVE-2021-40422
|
10.0
|
|
TALOS-2021-1416
|
Gerbv RS-274X aperture macro multiple outline primitives out-of-bounds read vulnerability
|
2022-02-28
|
CVE-2021-40402
|
9.3
|
|
TALOS-2022-1444
|
Lansweeper lansweeper AssetActions.aspx SQL injection vulnerability
|
2022-02-28
|
CVE-2022-21210
|
6.6
|
|
TALOS-2021-1377
|
Accusoft ImageGear JPEG-JFIF Scan header parser out-of-bounds write vulnerability
|
2022-02-23
|
CVE-2021-21949
|
9.8
|
|
TALOS-2021-1362
|
Accusoft ImageGear DecoderStream::Append heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21914
|
9.8
|
|
TALOS-2021-1375
|
Accusoft ImageGear JPEG-JFIF lossless Huffman parser heap-based buffer overflow vulnerabilities
|
2022-02-23
|
CVE-2021-21947,CVE-2021-21946
|
9.8
|
|
TALOS-2021-1373
|
Accusoft ImageGear XWD parser::xwdread_pixmapformat_0_or_1 heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21943
|
9.8
|
|
TALOS-2021-1368
|
Accusoft ImageGear XWD parser heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21939
|
9.8
|
|
TALOS-2021-1367
|
Accusoft ImageGear Palette box parser heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21938
|
9.8
|
|
TALOS-2021-1371
|
Accusoft ImageGear TIFF YCbCr image parser out-of-bounds write vulnerability
|
2022-02-23
|
CVE-2021-21942
|
9.8
|
|
TALOS-2021-1374
|
Accusoft ImageGear TIFF parser heap-based buffer overflow vulnerabilities
|
2022-02-23
|
CVE-2021-21945,CVE-2021-21944
|
9.8
|
|
TALOS-2022-1453
|
KiCad EDA Gerber Viewer gerber and excellon coordinates parsing stack-based buffer overflow vulnerability
|
2022-02-16
|
CVE-2022-23804,CVE-2022-23803
|
7.8
|
|
TALOS-2022-1460
|
KiCad EDA Gerber Viewer gerber and excellon GCode/Dcode parsing stack-based buffer overflow vulnerability
|
2022-02-16
|
CVE-2022-23947,CVE-2022-23946
|
7.8
|
|
TALOS-2021-1386
|
Hancom Office 2020 Hword HwordApp.dll SectorLoc heap-based buffer overflow
|
2022-02-15
|
CVE-2021-21958
|
7.8
|
|
TALOS-2021-1393
|
Texas Instruments CC3200 SimpleLink Solution HTTP Server /ping.html information disclosure vulnerability
|
2022-02-15
|
CVE-2021-21966
|
5.3
|
|
TALOS-2021-1401
|
Moxa MXView Series Web Application authentication bypass vulnerability
|
2022-02-11
|
CVE-2021-40390
|
10.0
|
|
TALOS-2021-1403
|
Moxa MXView Series Web Application information disclosure vulnerability
|
2022-02-11
|
CVE-2021-40392
|
5.3
|
|
TALOS-2021-1396
|
Sealevel Systems, Inc. SeaConnect 370W HandleSeaCloudMessage out-of-bounds write vulnerabilities
|
2022-02-01
|
CVE-2021-21970,CVE-2021-21969
|
3.7
|
|
TALOS-2021-1395
|
Sealevel Systems, Inc. SeaConnect 370W OTA update task file overwrite vulnerability
|
2022-02-01
|
CVE-2021-21968
|
8.1
|
|
TALOS-2021-1394
|
Sealevel Systems, Inc. SeaConnect 370W OTA update task out-of-bounds write vulnerability
|
2022-02-01
|
CVE-2021-21967
|
6.5
|
|
TALOS-2021-1406
|
Eclipse Foundation Paho MQTTClient-C library readPacket out-of-bounds write vulnerability
|
2022-02-01
|
CVE-2021-41036
|
9.8
|
|
TALOS-2021-1397
|
Sealevel Systems, Inc. SeaConnect 370W URL_decode out-of-bounds write vulnerability
|
2022-02-01
|
CVE-2021-21971
|
3.7
|
|
TALOS-2021-1388
|
Sealevel Systems, Inc. SeaConnect 370W MQTTS Certificate Validation vulnerability
|
2022-02-01
|
CVE-2021-21959
|
7.7
|
|
TALOS-2021-1392
|
Sealevel Systems, Inc. SeaConnect 370W Modbus/SeaMAX Remote Configuration denial of service vulnerabilities
|
2022-02-01
|
CVE-2021-21965,CVE-2021-21964
|
8.6
|
|
TALOS-2021-1390
|
Sealevel Systems, Inc. SeaConnect 370W OTA Update "u-download" heap-based buffer overflow vulnerability
|
2022-02-01
|
CVE-2021-21962
|
9.0
|
|
TALOS-2021-1389
|
Sealevel Systems, Inc. SeaConnect 370W LLMNR/NBNS stack-based buffer overflow vulnerabilities
|
2022-02-01
|
CVE-2021-21960,CVE-2021-21961
|
10.0
|
|
TALOS-2021-1391
|
Sealevel Systems, Inc. SeaConnect 370W Web Server information disclosure vulnerability
|
2022-02-01
|
CVE-2021-21963
|
7.4
|
|
TALOS-2021-1417
|
Gerbv pick-and-place rotation parsing use of uninitialized variable vulnerability
|
2022-01-31
|
CVE-2021-40403
|
5.8
|
|
TALOS-2021-1429
|
Foxit Reader deletePages use-after-free vulnerability
|
2022-01-31
|
CVE-2021-40420
|
8.8
|
|
TALOS-2021-1415
|
Gerbv RS-274X aperture definition tokenization use-after-free vulnerability
|
2022-01-31
|
CVE-2021-40401
|
10.0
|
|
TALOS-2022-1439
|
Foxit Reader getPageNthWordQuads mishandled exception vulnerability
|
2022-01-31
|
CVE-2022-22150
|
8.8
|
|
TALOS-2021-1398
|
Google Chrome MediaStreamTrackGenerator use after free vulnerability
|
2022-01-27
|
CVE-2021-38008
|
8.3
|
|
TALOS-2022-1445
|
Reolink RLC-410W device TestEmail out-of-bounds write vulnerability
|
2022-01-26
|
CVE-2022-21217
|
9.1
|
|
TALOS-2021-1423
|
Reolink RLC-410W cgiserver.cgi session creation denial of service vulnerability
|
2022-01-26
|
CVE-2021-40406
|
7.5
|
|
TALOS-2022-1450
|
Reolink RLC-410W netserver recv_command denial of service vulnerability
|
2022-01-26
|
CVE-2022-21801
|
8.6
|
|
TALOS-2022-1448
|
Reolink RLC-410W hardcoded TLS key information disclosure vulnerability
|
2022-01-26
|
CVE-2022-21199
|
7.5
|
|
TALOS-2021-1421
|
Reolink RLC-410W cgiserver.cgi JSON command parser denial of service vulnerabilities
|
2022-01-26
|
CVE-2021-44354,CVE-2021-44355, CVE-2021-44356, CVE-2021-44357, CVE-2021-44358, CVE-2021-44359, CVE-2021-44360, CVE-2021-44361, CVE-2021-44362, CVE-2021-44363, CVE-2021-44364, CVE-2021-44365, CVE-2021-44366, CVE-2021-44367, CVE-2021-44368, CVE-2021-44369, CVE-2021-44370, CVE-2021-44371, CVE-2021-44372, CVE-2021-44373, CVE-2021-44374, CVE-2021-44375, CVE-2021-44376, CVE-2021-44377, CVE-2021-44378, CVE-2021-44379, CVE-2021-44380, CVE-2021-44381, CVE-2021-44382, CVE-2021-44383, CVE-2021-44384, CVE-2021-44385, CVE-2021-44386, CVE-2021-44387, CVE-2021-44388, CVE-2021-44389, CVE-2021-44390, CVE-2021-44391, CVE-2021-44392, CVE-2021-44393, CVE-2021-44394, CVE-2021-44395, CVE-2021-44396, CVE-2021-44397, CVE-2021-44398, CVE-2021-44399, CVE-2021-44400,CVE-2021-44401, CVE-2021-44402,CVE-2021-44403,CVE-2021-44404,CVE-2021-44405, CVE-2021-44406, CVE-2021-44407, CVE-2021-44408, CVE-2021-44409, CVE-2021-44410, CVE-2021-44411, CVE-2021-44412, CVE-2021-44413, CVE-2021-44414, CVE-2021-44415, CVE-2021-44416, CVE-2021-44417, CVE-2021-44418, CVE-2021-44419
|
8.6
|
|
TALOS-2021-1422
|
Reolink RLC-410W cgiserver.cgi Upgrade API denial of service vulnerability
|
2022-01-26
|
CVE-2021-40405
|
7.7
|
|
TALOS-2022-1446
|
Reolink RLC-410W web server misconfiguration information disclosure vulnerability
|
2022-01-26
|
CVE-2022-21236
|
8.1
|
|
TALOS-2022-1451
|
Reolink RLC-410W netserver parse_command_list memory corruption vulnerability
|
2022-01-26
|
CVE-2022-21796
|
9.3
|
|
TALOS-2022-1447
|
Reolink RLC-410W "update" firmware checks firmware update vulnerability
|
2022-01-26
|
CVE-2022-21134
|
8.3
|
|
TALOS-2021-1424
|
Reolink RLC-410W device network settings OS command injection vulnerabilities
|
2022-01-26
|
CVE-2021-40407,CVE-2021-40408, CVE-2021-40409, CVE-2021-40410,CVE-2021-40411,CVE-2021-40412
|
9.1
|
|
TALOS-2021-1420
|
Reolink RLC-410W cgiserver.cgi Login authentication bypass vulnerability
|
2022-01-26
|
CVE-2021-40404
|
5.3
|
|
TALOS-2021-1428
|
Reolink RLC-410W "factory" binary firmware update vulnerability
|
2022-01-26
|
CVE-2021-40419
|
10.0
|
|
TALOS-2021-1432
|
Reolink RLC-410W cgiserver.cgi command parser denial of service vulnerability
|
2022-01-26
|
CVE-2021-40423
|
7.5
|
|
TALOS-2021-1425
|
Reolink RLC-410W cgiserver.cgi cgi_check_ability improper access control vulnerabilities
|
2022-01-26
|
CVE-2021-40413, CVE-2021-40414, CVE-2021-40415,CVE-2021-40416
|
7.1
|
|
TALOS-2021-1414
|
Apple macOS ImageIO DDS image out-of-bounds read vulnerability
|
2022-01-25
|
CVE-2021-30939
|
5.3
|
|
TALOS-2021-1408
|
Advantech DeviceOn/iService 1.1.7 Server installation privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40396
|
8.8
|
|
TALOS-2021-1409
|
Advantech WISE-PaaS/OTA 3.0.9 Server installation privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40397
|
8.8
|
|
TALOS-2021-1400
|
Advantech DeviceOn/iEdge Server 1.0.2 privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40389
|
8.8
|
|
TALOS-2021-1399
|
Advantech SQ Manager Server 1.0.6 privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40388
|
8.8
|
|
TALOS-2021-1387
|
Adobe Acrobat Reader Javascript event.richValue use-after-free vulnerability
|
2022-01-11
|
CVE-2021-44710
|
8.8
|
|
TALOS-2021-1372
|
Google Chrome WebRTC RTPSenderVideoFrameTransformerDelegate memory corruption vulnerability
|
2022-01-10
|
CVE-2021-37979
|
7.1
|
|
TALOS-2021-1376
|
AnyCubic Chitubox AnyCubic Plugin readDatHeadVec heap-based buffer overflow vulnerability
|
2022-01-10
|
CVE-2021-21948
|
7.8
|
|
TALOS-2021-1354
|
Garrett Metal Detectors iC Module CMA run_server_6877 authentication bypass vulnerability
|
2021-12-20
|
CVE-2021-21902
|
7.5
|
|
TALOS-2021-1355
|
Garrett Metal Detectors iC Module CMA check_udp_crc strcpy stack-based buffer overflow vulnerability
|
2021-12-20
|
CVE-2021-21903
|
9.8
|
|
TALOS-2021-1357
|
Garrett Metal Detectors iC Module CMA CLI readfile stack-based buffer overflow vulnerabilities
|
2021-12-20
|
CVE-2021-21905,CVE-2021-21906
|
8.2
|
|
TALOS-2021-1426
|
Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame decoding heap-based buffer overflow vulnerability
|
2021-12-20
|
CVE-2021-40417
|
9.8
|
|
TALOS-2021-1358
|
Garrett Metal Detectors iC Module CMA CLI getenv command directory traversal vulnerability
|
2021-12-20
|
CVE-2021-21907
|
4.9
|
|
TALOS-2021-1356
|
Garrett Metal Detectors iC Module CMA CLI setenv command directory traversal vulnerability
|
2021-12-20
|
CVE-2021-21904
|
9.1
|
|
TALOS-2021-1359
|
Garrett Metal Detectors iC Module CMA CLI del[env] command directory traversal vulnerabilities
|
2021-12-20
|
CVE-2021-21908,CVE-2021-21909
|
6.0
|
|
TALOS-2021-1353
|
Garrett Metal Detectors iC Module CMA check_udp_crc memcpy stack-based buffer overflow vulnerability
|
2021-12-20
|
CVE-2021-21901
|
9.8
|
|
TALOS-2021-1427
|
Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame parsing uninitialized uuid object vulnerability
|
2021-12-20
|
CVE-2021-40418
|
9.8
|
|
TALOS-2021-1384
|
Dream Report ODS Remote Connector privilege escalation vulnerability
|
2021-12-06
|
CVE-2021-21957
|
8.8
|
|
TALOS-2021-1405
|
Gerbv RS-274X aperture macro outline primitive integer overflow vulnerability
|
2021-12-06
|
CVE-2021-40394
|
10.0
|
|
TALOS-2021-1404
|
Gerbv RS-274X format aperture macro variables out-of-bounds write vulnerability
|
2021-12-06
|
CVE-2021-40393
|
10.0
|
|
TALOS-2021-1352
|
Google Chrome Blink setBaseAndExtent use after free vulnerability
|
2021-11-30
|
CVE-2021-30625
|
8.3
|
|
TALOS-2021-1379
|
Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_RSA_KEY_REQUEST authentication bypass vulnerability
|
2021-11-29
|
CVE-2021-21952
|
9.4
|
|
TALOS-2021-1381
|
Anker Eufy Homebase 2 home_security wifi_country_code_update command execution vulnerability
|
2021-11-29
|
CVE-2021-21954
|
9.9
|
|
TALOS-2021-1382
|
Anker Eufy Homebase 2 home_security get_aes_key_info_by_packetid() authentication bypass vulnerability
|
2021-11-29
|
CVE-2021-21955
|
7.7
|
|
TALOS-2021-1378
|
Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_SERVER_LIST_REQUEST out-of-bounds write vulnerability
|
2021-11-29
|
CVE-2021-21950,CVE-2021-21951
|
10.0
|
|
TALOS-2021-1380
|
Anker Eufy Homebase 2 home_security process_msg() authentication bypass vulnerability
|
2021-11-29
|
CVE-2021-21953
|
7.7
|
|
TALOS-2021-1365
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'user_list' page
|
2021-11-22
|
CVE-2021-21920,CVE-2021-21921, CVE-2021-21922,CVE-2021-21923
|
7.7
|
|
TALOS-2021-1366
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'device_list' page
|
2021-11-22
|
CVE-2021-21924,CVE-2021-21925,CVE-21926,CVE-2021-21927,CVE-2021-21928,CVE-2021-21929,CVE-2021-21930,CVE-2021-21931,CVE-2021-21932,CVE-2021-21933,CVE-2021-21934,CVE-2021-21935,CVE-2021-21936,CVE-2021-21937
|
7.7
|
|
TALOS-2021-1360
|
Advantech R-SeeNet installation privilege escalation vulnerability
|
2021-11-22
|
CVE-2021-21910, CVE-2021-21911, CVE-2021-21912
|
8.8
|
|
TALOS-2021-1364
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'company_list' page
|
2021-11-22
|
CVE-2021-21918,CVE-2021-21919
|
7.7
|
|
TALOS-2021-1363
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'group_list' page
|
2021-11-22
|
CVE-2021-21915,CVE-2021-21916,CVE-2021-21917
|
7.7
|
|
TALOS-2021-1383
|
CloudLinux Inc Imunify360 Ai-Bolit php unserialize vulnerability
|
2021-11-22
|
CVE-021-21956
|
8.2
|
|
TALOS-2021-1351
|
LibreCad libdxfrw dxfRW::processLType() use-after-free vulnerability
|
2021-11-17
|
CVE-2021-21900
|
8.8
|
|
TALOS-2021-1349
|
LibreCad libdxfrw dwgCompressor::decompress18() out-of-bounds write vulnerability
|
2021-11-17
|
CVE-2021-21898
|
8.8
|
|
TALOS-2021-1350
|
LibreCad libdxfrw dwgCompressor::copyCompBytes21 heap-based buffer overflow vulnerability
|
2021-11-17
|
CVE-2021-21899
|
8.8
|
|
TALOS-2021-1348
|
Google Chrome WebRTC addIceCandidate use after free vulnerability
|
2021-11-16
|
CVE-2021-30602
|
8.3
|
|
TALOS-2021-1337
|
Lantronix PremierWave 2050 Web Manager FsTFtp directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21894,CVE-2021-21895
|
9.1
|
|
TALOS-2021-1332
|
Lantronix PremierWave 2050 Web Manager SslGenerateCertificate OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21888
|
9.1
|
|
TALOS-2021-1325
|
Lantronix PremierWave 2050 Web Manager Wireless Network Scanner OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21881
|
9.9
|
|
TALOS-2021-1324
|
Lantronix PremierWave 2050 Web Manager FsCopyFile directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21880
|
7.2
|
|
TALOS-2021-1323
|
Lantronix PremierWave 2050 Web Manager File Upload directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21879
|
9.9
|
|
TALOS-2021-1330
|
Lantronix PremierWave 2050 Web Manager FSBrowsePage directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21886
|
4.3
|
|
TALOS-2021-1322
|
Lantronix PremierWave 2050 Web Manager Applications and FsBrowse local file inclusion vulnerability
|
2021-11-15
|
CVE-2021-21878
|
4.9
|
|
TALOS-2021-1314
|
Lantronix PremierWave 2050 Web Manager SSL Credential Upload OS command injection vulnerabilities
|
2021-11-15
|
CVE-2021-21873,CVE-2021-21874,CVE-2021-21875
|
9.1
|
|
TALOS-2021-1315
|
Lantronix PremierWave 2050 Web Manager FsTFtp OS command injection vulnerabilities
|
2021-11-15
|
CVE-2021-21876,CVE-2021-21877
|
9.1
|
|
TALOS-2021-1329
|
Lantronix PremierWave 2050 Web Manager FsMove directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21885
|
7.2
|
|
TALOS-2021-1312
|
Lantronix PremierWave 2050 Web Manager Diagnostics: Traceroute OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21872
|
9.9
|
|
TALOS-2021-1335
|
Lantronix PremierWave 2050 Web Manager FsUnmount stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21892
|
9.9
|
|
TALOS-2021-1334
|
Lantronix PremierWave 2050 Web Manager FsBrowseClean stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21890,CVE-2021-21891
|
9.1
|
|
TALOS-2021-1333
|
Lantronix PremierWave 2050 Web Manager Ping stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21889
|
9.9
|
|
TALOS-2021-1328
|
Lantronix PremierWave 2050 Web Manager SslGenerateCSR OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21884
|
9.1
|
|
TALOS-2021-1326
|
Lantronix PremierWave 2050 Web Manager FsUnmount OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21882
|
9.9
|
|
TALOS-2021-1331
|
Lantronix PremierWave 2050 Web Manager SslGenerateCSR stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21887
|
9.1
|
|
TALOS-2021-1327
|
Lantronix PremierWave 2050 Web Manager Diagnostics: Ping OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21883
|
9.9
|
|
TALOS-2021-1338
|
Lantronix PremierWave 2050 Web Manager FsBrowseClean directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21896
|
4.9
|
|
TALOS-2021-1342
|
Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests image validation signature check bypass vulnerability
|
2021-11-09
|
CVE-2021-42300
|
6.0
|
|
TALOS-2021-1340
|
Microsoft Azure Sphere Kernel GPIO_GET_PIN_ACCESS_CONTROL_USER information disclosure vulnerability
|
2021-11-09
|
CVE-2021-41375
|
4.4
|
|
TALOS-2021-1344
|
Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging 1BL firmware downgrade vulnerability
|
2021-11-09
|
--
|
6.0
|
|
TALOS-2021-1341
|
Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging stage-without-manifest denial of service vulnerability
|
2021-11-09
|
--
|
6.0
|
|
TALOS-2021-1347
|
Microsoft Azure Sphere Pluton concurrent syscalls denial of service vulnerability
|
2021-11-09
|
--
|
6.2
|
|
TALOS-2021-1339
|
Microsoft Azure Sphere Kernel GPIO_SET_PIN_CONFIG_IOCTL information disclosure vulnerability
|
2021-11-09
|
CVE-2021-41374
|
6.7
|
|
TALOS-2021-1343
|
Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests offset calculation out-of-bounds read vulnerability
|
2021-11-09
|
CVE-2021-41376
|
2.3
|
|
TALOS-2021-1402
|
Gerbv drill format T-code tool number out-of-bounds write vulnerability
|
2021-11-04
|
CVE-2021-40391
|
10.0
|
|
TALOS-2021-1318
|
ZTE MF971R sms_cmd_status_info cross-site scripting vulnerability
|
2021-10-18
|
CVE-2021-21746
|
6.1
|
|
TALOS-2021-1316
|
ZTE MF971R goform_get_cmd_process Config Control External config control vulnerability
|
2021-10-18
|
CVE-2021-21744
|
5.4
|
|
TALOS-2021-1321
|
ZTE MF971R STK_PROCESS stack-based buffer overflow vulnerability
|
2021-10-18
|
CVE-2021-21749
|
8.3
|
|
TALOS-2021-1317
|
ZTE MF971R Referer authentication bypass vulnerability
|
2021-10-18
|
CVE-2021-21745
|
4.7
|
|
TALOS-2021-1313
|
ZTE MF971R HTTP_HOST CRLF Injection vulnerability
|
2021-10-18
|
CVE-2021-21743
|
6.3
|
|
TALOS-2021-1320
|
ZTE MF971R ADB_MODE_SWITCH stack-based buffer overflow vulnerability
|
2021-10-18
|
CVE-2021-21748
|
9.6
|
|
TALOS-2021-1319
|
ZTE MF971R xmlclient cross-site scripting vulnerability
|
2021-10-18
|
CVE-2021-21747
|
6.1
|
|
TALOS-2021-1266
|
Nitro Pro PDF JavaScript TimeOutObject double free vulnerability
|
2021-10-13
|
CVE-2021-21797
|
8.8
|
|
TALOS-2021-1265
|
Nitro Pro PDF JavaScript local_file_path Object use-after-free vulnerability
|
2021-10-13
|
CVE-2021-21796
|
8.8
|
|
TALOS-2021-1259
|
Microsoft Office Excel 2019/365 ConditionalFormatting code execution vulnerability
|
2021-10-12
|
CVE-2021-40474
|
8.8
|
|
TALOS-2021-1369
|
Anker Eufy Homebase 2 pushMuxer processRtspInfo heap buffer overflow vulnerability
|
2021-10-11
|
CVE-2021-21940
|
10.0
|
|
TALOS-2021-1370
|
Anker Eufy Homebase 2 pushMuxer CreatePushThread use-after-free vulnerability
|
2021-10-11
|
CVE-2021-21941
|
10.0
|
|
TALOS-2021-1361
|
D-LINK DIR-3040 WiFi Smart Mesh information disclosure vulnerability
|
2021-09-23
|
CVE-2021-21913
|
10.0
|
|
TALOS-2021-1309
|
Microsoft Azure Sphere Security Monitor SMSyscallPeripheralAcquire information disclosure vulnerability
|
2021-09-14
|
CVE-2021-36956
|
4.4
|
|
TALOS-2021-1267
|
Nitro Pro PDF JavaScript document.flattenPages JSStackFrame stack-based use-after-free vulnerability
|
2021-09-13
|
CVE-2021-21798
|
8.8
|
|
TALOS-2021-1346
|
Ribbonsoft dxflib DL_Dxf::handleLWPolylineData heap-based buffer overflow vulnerability
|
2021-09-07
|
CVE-2021-21897
|
8.8
|
|
TALOS-2021-1295
|
Disc Soft Ltd Daemon Tools Pro ISO Parsing memory corruption vulnerability
|
2021-08-17
|
CVE-2021-21832
|
8.1
|
|
TALOS-2021-1298
|
GPAC Project Advanced Content MPEG-4 Decoding multiple integer truncation vulnerabilities
|
2021-08-16
|
CVE-2021-21859,CVE-2021-21860,CVE-2021-21861,CVE-2021-21862
|
8.8
|
|
TALOS-2021-1299
|
GPAC Project Advanced Content MPEG-4 Decoding multiple integer addition overflow vulnerabilities
|
2021-08-16
|
CVE-2021-21853, CVE-2021-21854,CVE-2021-21855,CVE-2021-21856,CVE-2021-21857,CVE-2021-21858
|
8.8
|
|
TALOS-2021-1297
|
GPAC Project on Advanced Content library MPEG-4 Decoding multiple multiplication integer overflow vulnerabilities
|
2021-08-16
|
CVE-2021-21834, CVE-2021-21835, CVE-2021-21836, CVE-2021-21837, CVE-2021-21838, CVE-2021-21839, CVE-2021-21840, CVE-2021-21841, CVE-2021-21842, CVE-2021-21843, CVE-2021-21844, CVE-2021-21845, CVE-2021-21846, CVE-2021-21847, CVE-2021-21848, CVE-2021-21849, CVE-2021-21850, CVE-2021-21851, CVE-2021-21852
|
8.8
|
|
TALOS-2021-1279
|
AT&T Labs Xmill XML parsing CreateLabelOrAttrib memory corruption vulnerability
|
2021-08-11
|
CVE-2021-21811
|
8.1
|
|
TALOS-2021-1280
|
AT&T Labs Xmill multiple command line parsing vulnerabilities
|
2021-08-10
|
CVE-2021-21812, CVE-2021-21813, CVE-2021-21814, CVE-2021-21815
|
7.8
|
|
TALOS-2021-1345
|
Mozilla Firefox MediaCacheStream::NotifyDataReceived use-after-free vulnerability
|
2021-08-10
|
CVE-2021-29985
|
8.8
|
|
TALOS-2021-1290
|
AT&T Labs Xmill XML decompression PlainTextUncompressor::UncompressItem heap-based buffer overflow vulnerability
|
2021-08-10
|
CVE-2021-21825
|
8.1
|
|
TALOS-2021-1311
|
Microsoft Azure Sphere Security Monitor SECTION_ABIDepends denial of service vulnerability
|
2021-08-10
|
CVE-2021-26430
|
6.0
|
|
TALOS-2021-1310
|
Microsoft Azure Sphere Security Monitor SMSyscallWriteBlockToStageImage information disclosure vulnerability
|
2021-08-10
|
CVE-2021-26428
|
4.4
|
|
TALOS-2021-1291
|
AT&T Labs Xmill XML decompression DecodeTreeBlock multiple heap-based buffer overflow vulnerabilities
|
2021-08-10
|
CVE-2021-21826, CVE-2021-21827, CVE-2021-21828
|
8.1
|
|
TALOS-2021-1278
|
AT&T Labs Xmill XML parsing ParseAttribs memory corruption vulnerability
|
2021-08-10
|
CVE-2021-21810
|
8.1
|
|
TALOS-2021-1293
|
AT&T Labs Xmill XML decompression LabelDict::Load heap-based buffer overflow vulnerability
|
2021-08-10
|
CVE-2021-21830
|
8.1
|
|
TALOS-2021-1292
|
AT&T Labs Xmill XML decompression EnumerationUncompressor::UncompressItem heap-based buffer overflow vulnerability
|
2021-08-10
|
CVE-2021-21829
|
8.1
|
|
TALOS-2020-1212
|
tinyobjloader LoadObj improper array index validation vulnerability
|
2021-07-30
|
CVE-2020-28589
|
9.6
|
|
TALOS-2021-1336
|
Foxit Reader Field OnFocus event use-after-free vulnerability
|
2021-07-27
|
CVE-2021-21893
|
8.8
|
|
TALOS-2021-1307
|
Foxit Reader FileAttachment annotation use-after-free vulnerability redux
|
2021-07-27
|
CVE-2021-21870
|
8.8
|
|
TALOS-2021-1294
|
Foxit Reader removeField use-after-free vulnerability
|
2021-07-27
|
CVE-2021-21831
|
8.8
|
|
TALOS-2021-1302
|
CODESYS Development System PackageManagement.plugin ExtensionMethods.Clone() Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21865
|
8.8
|
|
TALOS-2021-1303
|
CODESYS Development System ObjectManager.plugin ProfileInformation.ProfileData Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21866
|
8.8
|
|
TALOS-2021-1300
|
CODESYS Development System ComponentModel Profile.FromFile() Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21863
|
8.8
|
|
TALOS-2021-1305
|
CODESYS Development System ObjectManager.plugin Project.get_MissingTypes() Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21868
|
8.8
|
|
TALOS-2021-1306
|
CODESYS Development System Engine.plugin ProfileInformation ProfileData Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21869
|
8.8
|
|
TALOS-2021-1304
|
CODESYS Development System ObjectManager.plugin ObjectStream.ProfileByteArray Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21867
|
8.8
|
|
TALOS-2021-1301
|
CODESYS Development System ComponentModel ComponentManager.StartupCultureSettings Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21864
|
7.8
|
|
TALOS-2021-1271
|
Advantech R-SeeNet ssh_form.php Reflected XSS vulnerability
|
2021-07-15
|
CVE-2021-21800
|
9.6
|
|
TALOS-2021-1270
|
Advantech R-SeeNet telnet_form.php Reflected XSS vulnerability
|
2021-07-15
|
CVE-2021-21799
|
9.6
|
|
TALOS-2021-1284
|
D-LINK DIR-3040 Libcli command injection vulnerability
|
2021-07-15
|
CVE-2021-21819
|
9.1
|
|
TALOS-2021-1282
|
D-LINK DIR-3040 Zebra IP routing manager information disclosure vulnerability
|
2021-07-15
|
CVE-2021-21817
|
7.5
|
|
TALOS-2021-1285
|
D-LINK DIR-3040 Libcli test environment hard-coded password vulnerability
|
2021-07-15
|
CVE-2021-21820
|
10.0
|
|
TALOS-2021-1273
|
Advantech R-SeeNet options.php local file inclusion (LFI) vulnerability
|
2021-07-15
|
CVE-2021-21804
|
8.1
|
|
TALOS-2021-1272
|
Advantech R-SeeNet device_graph_page.php Multiple Reflected XSS vulnerabilities
|
2021-07-15
|
CVE-2021-21801, CVE-2021-21802, CVE-2021-21803
|
9.6
|
|
TALOS-2021-1281
|
D-LINK DIR-3040 Syslog information disclosure vulnerability
|
2021-07-15
|
CVE-2021-21816
|
6.5
|
|
TALOS-2021-1283
|
D-LINK DIR-3040 Syslog information disclosure vulnerability
|
2021-07-15
|
CVE-2021-21818
|
6.5
|
|
TALOS-2021-1274
|
Advantech R-SeeNet ping.php OS Command Injection vulnerability
|
2021-07-15
|
CVE-2021-21805
|
9.8
|
|
TALOS-2021-1252
|
IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c40a148 vulnerability
|
2021-07-07
|
CVE-2021-21785
|
6.5
|
|
TALOS-2021-1255
|
IOBit Advanced SystemCare Ultimate Privileged I/O Read vulnerabilities
|
2021-07-07
|
CVE-2021-21790, CVE-2021-21791, CVE-2021-21792
|
6.5
|
|
TALOS-2021-1254
|
IOBit Advanced SystemCare ultimate privileged I/O write vulnerabilities
|
2021-07-07
|
CVE-2021-21787, CVE-2021-21788,CVE-2021-21789
|
8.8
|
|
TALOS-2021-1253
|
IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c406144 vulnerability
|
2021-07-07
|
CVE-2021-21786
|
8.8
|
|
TALOS-2021-1308
|
PowerISO DMG File Format Handler memory corruption vulnerability
|
2021-06-28
|
CVE-2021-21871
|
8.8
|
|
TALOS-2021-1243
|
Linux Kernel Arm SIGPAGE information disclosure vulnerability
|
2021-06-25
|
CVE-2021-21781
|
4.0
|
|
TALOS-2021-1277
|
Moodle spellchecker plugin command execution vulnerability
|
2021-06-22
|
CVE-2021-21809
|
8.2
|
|
TALOS-2021-1234
|
EIP Stack Group OpENer Ethernet/IP UDP handler information disclosure vulnerability
|
2021-06-16
|
CVE-2021-21777
|
8.6
|
|
TALOS-2021-1288
|
Komoot GmbH Komoot Friend finder information disclosure vulnerability
|
2021-06-09
|
CVE-2021-21823
|
5.3
|
|
TALOS-2021-1251
|
Google Chrome WebAudio blink::AudioNodeOutput::Pull code execution vulnerability
|
2021-06-08
|
CVE-2021-30522
|
8.3
|
|
TALOS-2021-1269
|
Apple macOS SMB server directory query arbitrary file access
|
2021-06-02
|
CVE-2021-30721
|
4.3
|
|
TALOS-2021-1238
|
Webkit WebCore::GraphicsContext use-after-free vulnerability
|
2021-06-02
|
CVE-2021-21779
|
6.8
|
|
TALOS-2021-1246
|
Apple macOS SMB server TREE_CONNECT stack buffer overflow vulnerability
|
2021-06-02
|
CVE-2020-10005
|
8.5
|
|
TALOS-2021-1260
|
Apple macOS SMB server directory query request integer overflow vulnerability
|
2021-06-02
|
CVE-2021-30717
|
7.5
|
|
TALOS-2021-1258
|
Apple macOS SMB server IOCTL request uninitialized stack variable vulnerability
|
2021-06-02
|
CVE-2021-30712
|
4.2
|
|
TALOS-2021-1268
|
Apple macOS SMB server create file request uninitialized memory disclosure
|
2021-06-02
|
CVE-2021-30722
|
6.5
|
|
TALOS-2021-1263
|
Apple macOS SMB server lock request infinite loop
|
2021-06-02
|
CVE-2021-30716
|
6.5
|
|
TALOS-2021-1229
|
Webkit ImageLoader dispatchPendingErrorEvent use-after-free vulnerability
|
2021-06-02
|
CVE-2021-21775
|
6.8
|
|
TALOS-2021-1275
|
Accusoft ImageGear DICOM parse_dicom_meta_info integer overflow vulnerability
|
2021-06-01
|
CVE-2021-21807
|
9.8
|
|
TALOS-2021-1289
|
Accusoft ImageGear JPG Handle_JPEG420 out-of-bounds write vulnerability
|
2021-06-01
|
CVE-2021-21824
|
8.1
|
|
TALOS-2021-1286
|
Accusoft ImageGear PDF process_fontname stack-based buffer overflow vulnerability
|
2021-06-01
|
CVE-2021-21821
|
9.8
|
|
TALOS-2021-1257
|
Accusoft ImageGear JPG sof_nb_comp header processing out-of-bounds write vulnerability
|
2021-06-01
|
CVE-2021-21793
|
9.8
|
|
TALOS-2021-1261
|
Accusoft ImageGear TIF bits_per_sample processing out-of-bounds write vulnerability
|
2021-06-01
|
CVE-2021-21794
|
9.8
|
|
TALOS-2021-1276
|
Accusoft ImageGear PNG png_palette_process memory corruption vulnerability
|
2021-06-01
|
CVE-2021-21808
|
8.1
|
|
TALOS-2021-1296
|
Accusoft ImageGear TIF IP_planar_raster_unpack improper array index validation vulnerability
|
2021-06-01
|
CVE-2021-21833
|
9.8
|
|
TALOS-2021-1230
|
Trend Micro, Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability
|
2021-05-24
|
CVE-2021-32457
|
7.8
|
|
TALOS-2021-1241
|
Trend Micro Inc. Home Network Security SFTP log collection server hard-coded password vulnerability
|
2021-05-24
|
CVE-2021-32459
|
4.9
|
|
TALOS-2021-1231
|
Trend Micro Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability
|
2021-05-24
|
CVE-2021-32458
|
7.8
|
|
TALOS-2021-1237
|
Apple macOS SMB server signature verification information disclosure vulnerability
|
2021-05-19
|
CVE-2021-1878
|
7.1
|
|
TALOS-2021-1235
|
Google Chrome AudioDelayDSPKernel::ProcessKRate heap-based buffer overflow vulnerability
|
2021-05-19
|
CVE-2021-21160
|
8.8
|
|
TALOS-2021-1233
|
Adobe Acrobat Reader DC JavaScript search query code execution vulnerability
|
2021-05-11
|
CVE-2021-28562
|
8.0
|
|
TALOS-2021-1287
|
Foxit Reader FileAttachment annotation use-after-free vulnerability
|
2021-05-06
|
CVE-2021-21822
|
8.8
|
|
TALOS-2020-1142
|
Systemd DHCP client denial-of-service vulnerability
|
2021-04-26
|
CVE-2020-13529
|
6.1
|
|
TALOS-2021-1236
|
MZ Automation GmbH lib60870.NET ASDU message processing denial of service vulnerability
|
2021-04-26
|
CVE-2021-21778
|
7.5
|
|
TALOS-2021-1240
|
Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability
|
2021-04-22
|
None
|
7.4
|
|
TALOS-2021-1239
|
Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability
|
2021-04-22
|
None
|
7.4
|
|
TALOS-2020-1219
|
Prusa Research PrusaSlicer Obj.cpp load_obj() out-of-bounds write vulnerability
|
2021-04-21
|
CVE-2020-28595
|
8.8
|
|
TALOS-2020-1222
|
Prusa Research PrusaSlicer Admesh stl_fix_normal_directions() out-of-bounds write vulnerability
|
2021-04-21
|
CVE-2020-28598
|
8.8
|
|
TALOS-2020-1220
|
Prusa Research PrusaSlicer Objparser::objparse() stack-based buffer overflow vulnerability
|
2021-04-21
|
CVE-2020-28596
|
8.8
|
|
TALOS-2020-1160
|
Synology QuickConnect servers HTTP redirection Information Disclosure Vulnerability
|
2021-04-19
|
CVE-2021-26564, CVE-2021-26565, CVE-2021-26566
|
8.3
|
|
TALOS-2020-1159
|
Synology DSM synoagentregisterd server finder out-of-bounds write vulnerability
|
2021-04-19
|
CVE-2021-26560, CVE-2021-26561, CVE-2021-26562
|
9.4
|
|
TALOS-2020-1217
|
Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability
|
2021-04-15
|
CVE-2020-28593
|
8.1
|
|
TALOS-2020-1216
|
Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability
|
2021-04-15
|
CVE-2020-28592
|
8.1
|
|
TALOS-2021-1249
|
Microsoft Azure Sphere Linux namespace ptrace unsigned code execution vulnerability
|
2021-04-13
|
CVE-2021-27074
|
6.2
|
|
TALOS-2020-1205
|
OpenClinic GA web portal multiple SQL injection vulnerabilities in 'patientslist.do' page
|
2021-04-13
|
CVE-2020-27229, CVE-2020-27230, CVE-2020-27231
|
6.4
|
|
TALOS-2020-1206
|
OpenClinic GA Web portal SQL injection vulnerability in 'manageServiceStocks.jsp' page
|
2021-04-13
|
CVE-2020-27232
|
6.4
|
|
TALOS-2021-1250
|
Microsoft Azure Sphere mqueue inode initialization kernel code execution vulnerability
|
2021-04-13
|
CVE-2021-27080
|
9.3
|
|
TALOS-2021-1262
|
Microsoft Azure Sphere Kernel pwm_ioctl_apply_state kfree() code execution vulnerability
|
2021-04-13
|
CVE-2021-28460
|
8.1
|
|
TALOS-2021-1247
|
Microsoft Azure Sphere mount namespace unsigned code execution vulnerability
|
2021-04-13
|
CVE-2021-27074
|
6.2
|
|
TALOS-2020-1204
|
OpenClinic GA installation privilege escalation vulnerability
|
2021-04-13
|
CVE-2020-27228
|
8.8
|
|
TALOS-2020-1202
|
OpenClinic GA web portal SQL injection vulnerability in 'statistics/quickFile.jsp' page
|
2021-04-13
|
CVE-2020-27226
|
6.4
|
|
TALOS-2020-1207
|
OpenClinic GA web portal multiple SQL injection vulnerabilities in the 'getAssets.jsp' page
|
2021-04-13
|
CVE-2020-27233, CVE-2020-27234, CVE-2020-27235, CVE-2020-27236, CVE-2020-27237, CVE-2020-27238, CVE-2020-27239, CVE-2020-27240, CVE-2020-27241
|
6.4
|
|
TALOS-2020-1208
|
OpenClinic GA web portal multiple SQL injection vulnerabilities in 'listImmoLabels.jsp' page
|
2021-04-13
|
CVE-2020-27242, CVE-2020-27243, CVE-2020-27244, CVE-2020-27245, CVE-2020-27246
|
6.4
|
|
TALOS-2020-1203
|
OpenClinic GA unauthenticated command injection vulnerability
|
2021-04-13
|
CVE-2020-27227
|
10.0
|
|
TALOS-2020-1146
|
Dream Report platform privilege escalation vulnerability
|
2021-04-08
|
CVE-2020-13532, CVE-2020-13533, CVE-2020-13534
|
9.3
|
|
TALOS-2020-1198
|
Rukovoditel Project Management App SQL injection vulnerability in the 'forms_fields_rules/rules' page
|
2021-04-08
|
CVE-2020-13587
|
5.4
|
|
TALOS-2020-1199
|
Rukovoditel Project Management App multiple SQL injection vulnerabilities in the 'entities/fields' page
|
2021-04-08
|
CVE-2020-13588, CVE-2020-13589, CVE-2020-13599
|
5.4
|
|
TALOS-2020-1201
|
Rukovoditel Project Management App application SQL injection vulnerability in the 'global_lists/choices' page
|
2021-04-08
|
CVE-2020-13592
|
5.4
|
|
TALOS-2020-1200
|
Rukovoditel Project Management App application SQL injection vulnerability in the 'access_rules/rules_form' page
|
2021-04-08
|
CVE-2020-13591
|
5.4
|
|
TALOS-2021-1227
|
Accusoft ImageGear TIFF Header count processing out-of-bounds write vulnerability
|
2021-03-30
|
CVE-2021-21773
|
8.1
|
|
TALOS-2021-1244
|
Accusoft ImageGear SGI format buffer size processing out-of-bounds write vulnerability
|
2021-03-30
|
CVE-2021-21782
|
9.8
|
|
TALOS-2021-1232
|
Accusoft ImageGear SGI Format Buffer Size Processing out-of-bounds write vulnerability
|
2021-03-30
|
CVE-2021-21776
|
9.8
|
|
TALOS-2021-1245
|
Genivia gSOAP WS-Addressing plugin code execution vulnerability redux
|
2021-03-24
|
CVE-2021-21783
|
9.8
|
|
TALOS-2021-1264
|
Accusoft ImageGear PSD read_icc_icCurve_data heap-based buffer overflow vulnerability
|
2021-03-16
|
CVE-2021-21795
|
9.8
|
|
TALOS-2020-1226
|
3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability
|
2021-03-10
|
CVE-2021-21772
|
8.1
|
|
TALOS-2021-1248
|
Accusoft ImageGear JPG format SOF marker processing out-of-bounds write vulnerability
|
2021-03-02
|
CVE-2021-21784
|
9.8
|
|
TALOS-2020-1213
|
Slic3r libslic3r Obj File TriangleMesh::TriangleMesh() out-of-bounds read vulnerability
|
2021-02-24
|
CVE-2020-28590
|
8.6
|
|
TALOS-2020-1225
|
CGAL libcgal multiple code execution vulnerabilities in Nef polygon-parsing code
|
2021-02-24
|
CVE-2020-28601,CVE-2020-28602,CVE-2020-28603,CVE-2020-28604,CVE-2020-28605,CVE-2020-28606,CVE-2020-28607,CVE-2020-28608,CVE-2020-28609,CVE-2020-28610,CVE-2020-28611,CVE-2020-28612,CVE-2020-28613,CVE-2020-28614,CVE-2020-28615,CVE-2020-28616, CVE-2020-28617,CVE-2020-28618,CVE-2020-28619,CVE-2020-28620, CVE-2020-28621,CVE-2020-28622,CVE-2020-28623,CVE-2020-28624,CVE-2020-28625,CVE-2020-28626,CVE-2020-28627,CVE-2020-28628,CVE-2020-28629,CVE-2020-28630,CVE-2020-28631,CVE-2020-28632,CVE-2020-28633,CVE-2020-28634,CVE-2020-28635,CVE-2020-28636,CVE-2020-35628,CVE-2020-35629,CVE-2020-35630, CVE-2020-35631,CVE-2020-35632,CVE-2020-35633,CVE-2020-35634,CVE-2020-35635,CVE-2020-35636
|
10.0
|
|
TALOS-2020-1224
|
Openscad import_stl.cc:import_stl() out-of-bounds stack write vulnerability
|
2021-02-23
|
CVE-2020-28600
|
8.8
|
|
TALOS-2020-1223
|
Openscad import_stl.cc:import_stl() stack-based buffer overflow vulnerability
|
2021-02-23
|
CVE-2020-28599
|
8.8
|
|
TALOS-2020-1167
|
Sytech XL reporter installation privilege escalation vulnerability
|
2021-02-19
|
CVE-2020-13549
|
8.8
|
|
TALOS-2020-1169
|
Advantech WebAccess/SCADA installation privilege escalation vulnerability
|
2021-02-16
|
CVE-2020-13551, CVE-2020-13552, CVE-2020-13553, CVE-2020-13554, CVE-2020-13555
|
8.8
|
|
TALOS-2020-1168
|
Advantech WebAccess/SCADA installation local file inclusion
|
2021-02-16
|
CVE-2020-13550
|
7.7
|
|
TALOS-2020-1176
|
Accusoft ImageGear TIFF index record out-of-bounds write vulnerability
|
2021-02-09
|
CVE-2020-13561
|
9.8
|
|
TALOS-2020-1182
|
Accusoft ImageGear SGI RLE decompression out-of-bounds write vulnerability
|
2021-02-09
|
CVE-2020-13571
|
9.8
|
|
TALOS-2020-1196
|
Accusoft ImageGear PSD Header processing out-of-bounds write vulnerability
|
2021-02-09
|
CVE-2020-13585
|
9.8
|
|
TALOS-2020-1183
|
Accusoft ImageGear GIF LZW decoder heap overflow vulnerability
|
2021-02-05
|
CVE-2020-13572
|
9.8
|
|
TALOS-2020-1210
|
SoftMaker Office PlanMaker Excel document CEscherObject::ReadNativeProperties multiple heap buffer overflow vulnerabilities
|
2021-02-03
|
CVE-2020-27247, CVE-2020-27248, CVE-2020-27249,CVE-2020-27250,CVE-2020-28587
|
8.8
|
|
TALOS-2020-1191
|
SoftMaker Office PlanMaker Document Record 0x8010 out-of-bounds write vulnerability
|
2021-02-03
|
CVE-2020-13580
|
8.8
|
|
TALOS-2020-1190
|
SoftMaker Office PlanMaker Document Records 0x8011 and 0x820a integer overflow vulnerability
|
2021-02-03
|
CVE-2020-13579
|
8.8
|
|
TALOS-2020-1192
|
SoftMaker Office PlanMaker Document Record 0x800d memory corruption vulnerability
|
2021-02-03
|
CVE-2020-13581
|
8.8
|
|
TALOS-2020-1197
|
SoftMaker Office PlanMaker Excel document record 0x00fc memory corruption vulnerability
|
2021-02-03
|
CVE-2020-13586
|
8.8
|
|
TALOS-2020-1008
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Network Segment Denial of Service Vulnerability
|
2021-02-02
|
CVE-2020-6088
|
7.5
|
|
TALOS-2020-1178
|
phpGACL return_page redirection open redirect vulnerability
|
2021-01-27
|
CVE-2020-13565
|
6.1
|
|
TALOS-2020-1180
|
OpenEMR GACL cross-site request forgery vulnerability
|
2021-01-27
|
CVE-2020-13569
|
8.8
|
|
TALOS-2020-1177
|
phpGACL template multiple cross-site scripting vulnerabilities
|
2021-01-27
|
CVE-2020-13562, CVE-2020-13563, CVE-2020-13564
|
9.6
|
|
TALOS-2020-1179
|
phpGACL database multiple SQL injection vulnerabilities
|
2021-01-27
|
CVE-2020-13566, CVE-2020-13568
|
8.8
|
|
TALOS-2020-1194
|
Micrium uC-HTTP HTTP Server null pointer dereference denial-of-service vulnerability
|
2021-01-26
|
CVE-2020-13583
|
8.6
|
|
TALOS-2020-1193
|
Micrium uC-HTTP HTTP Server unchecked return value denial-of-service vulnerability
|
2021-01-26
|
CVE-2020-13582
|
8.6
|
|
TALOS-2020-1174
|
FreyrSCADA IEC-60879-5-104 server simulator traffic logging denial-of-service vulnerability
|
2021-01-11
|
CVE--2020-13559
|
5.9
|
|
TALOS-2020-1184
|
Rockwell Automation RSLinx classic ethernet/IP server denial-of-service vulnerability
|
2021-01-07
|
CVE-2020-13573
|
7.5
|
|
TALOS-2020-1162
|
SoftMaker Office TextMaker Document Record 0x003f integer conversion vulnerability
|
2021-01-05
|
CVE-2020-13545
|
8.8
|
|
TALOS-2020-1187
|
Genivia gSOAP WS-Addressing plugin code execution vulnerability
|
2021-01-05
|
CVE-2020-13576
|
9.8
|
|
TALOS-2020-1188
|
Genivia gSOAP WS-Security plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13577
|
7.5
|
|
TALOS-2020-1161
|
SoftMaker Office TextMaker Document Record 0x001f sign-extension vulnerability
|
2021-01-05
|
CVE-2020-13544
|
8.8
|
|
TALOS-2020-1186
|
Genivia gSOAP WS-Addressing plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13575
|
7.5
|
|
TALOS-2020-1189
|
Genivia gSOAP WS-Security plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13578
|
7.5
|
|
TALOS-2020-1185
|
Genivia gSOAP WS-Security plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13574
|
7.5
|
|
TALOS-2020-1163
|
SoftMaker Office TextMaker Document Record 0x002a integer overflow vulnerability
|
2021-01-05
|
CVE-2020-13546
|
8.8
|
|
TALOS-2020-1150
|
Win-911 Enterprise Platform privilege escalation vulnerability
|
2021-01-04
|
CVE-2020-13539, CVE-2020-13540
|
9.3
|
|
TALOS-2020-1151
|
Win-911 mobile server platform privilege escalation vulnerability
|
2021-01-04
|
CVE-2020-13541
|
9.3
|
|
TALOS-2020-1141
|
Microsoft Azure Sphere networkd mdns denial-of-service vulnerability
|
2020-12-18
|
--
|
5.9
|
|
TALOS-2020-1115
|
NZXT CAM WinRing0x64 driver IRP 0x9c402084 information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13518
|
6.5
|
|
TALOS-2020-1112
|
NZXT CAM WinRing0x64 driver IRP 0x9c40a148 privilege escalation vulnerability
|
2020-12-16
|
CVE-2020-13515
|
8.8
|
|
TALOS-2020-1136
|
Lantronix XPort EDGE Web Manager and telnet CLI cleartext transmission of sensitive information vulnerability
|
2020-12-16
|
CVE-2020-13528
|
3.1
|
|
TALOS-2020-1111
|
NZXT CAM WinRing0x64 Driver Privileged I/O Write IRPs Privilege Escalation Vulnerability
|
2020-12-16
|
CVE-2020-13512, CVE-2020-13513, CVE-2020-13514
|
8.8
|
|
TALOS-2020-1110
|
NZXT CAM WinRing0x64 driver privileged I/O read IRPs information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13509, CVE-2020-13511
|
6.5
|
|
TALOS-2020-1116
|
NZXT CAM WinRing0x64 driver IRP 0x9c402088 privilege escalation vulnerability
|
2020-12-16
|
CVE-2020-13519
|
8.8
|
|
TALOS-2020-1135
|
Lantronix XPort EDGE Web Manager CSRF vulnerability
|
2020-12-16
|
CVE-2020-13527
|
4.8
|
|
TALOS-2020-1113
|
NZXT CAM WinRing0x64 driver IRP 0x9c406144 information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13516
|
6.5
|
|
TALOS-2020-1147
|
Kepware LinkMaster Service privilege escalation vulnerability
|
2020-12-16
|
CVE-2020-13535
|
9 .3
|
|
TALOS-2020-1114
|
NZXT CAM WinRing0x64 Driver IRP 0x9c406104 information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13517
|
6.5
|
|
TALOS-2020-1181
|
Foxit Reader JavaScript remove template use-after-free vulnerability
|
2020-12-09
|
CVE-2020-13570
|
7.5
|
|
TALOS-2020-1171
|
Foxit Reader JavaScript choice field use-after-free vulnerability
|
2020-12-09
|
CVE-2020-13557
|
8.8
|
|
TALOS-2020-1175
|
Foxit Reader JavaScript choice field format event use-after-free vulnerability
|
2020-12-09
|
CVE-2020-13560
|
8.8
|
|
TALOS-2020-1166
|
Foxit Reader Javascript Field fileSelect Use After Free Vulnerability
|
2020-12-09
|
CVE-2020-13548
|
8.0
|
|
TALOS-2020-1165
|
Foxit Reader JavaScript media openPlayer type confusion vulnerability
|
2020-12-09
|
CVE-2020-13547
|
8.8
|
|
TALOS-2020-1144
|
Schneider Electric EcoStruxure Control Expert APX project file processing code execution vulnerability
|
2020-12-08
|
CVE-2020-7560
|
8.6
|
|
TALOS-2020-1153
|
Microsoft Office ElementType code execution vulnerability
|
2020-12-08
|
CVE-2020-17123
|
8.8
|
|
TALOS-2020-1140
|
Schneider Electric EcoStruxure Control Expert PLC Simulator Modbus message processing remote code execution vulnerability
|
2020-12-08
|
CVE-2020-7559
|
10.0
|
|
TALOS-2020-1143
|
EIP Stack Group OpENer ethernet/IP server denial-of-service vulnerability
|
2020-12-02
|
CVE-2020-13530
|
7.5
|
|
TALOS-2020-1170
|
EIP Stack Group OpENer Ethernet/IP server out-of-bounds write vulnerability
|
2020-12-02
|
CVE-2020-13556
|
9.8
|
|
TALOS-2020-1155
|
Webkit WebSocket code execution vulnerability
|
2020-11-30
|
CVE-2020-13543
|
8.8
|
|
TALOS-2020-1195
|
Webkit ImageDecoderGStreamer use-after-free vulnerability
|
2020-11-30
|
CVE-2020-13584
|
8.8
|
|
TALOS-2020-1126
|
ProcessMaker sort parameter multiple SQL Injection Vulnerabilities
|
2020-11-17
|
CVE-2020-13525, CVE-2020-13526
|
6.4
|
|
TALOS-2020-1125
|
Pixar OpenUSD binary file format specs memory corruption
|
2020-11-12
|
CVE-2020-13524
|
6.3
|
|
TALOS-2020-1103
|
Pixar OpenUSD Binary File Format Token Strings Information Leak Vulnerability
|
2020-11-12
|
CVE-2020-13494
|
4.3
|
|
TALOS-2020-1104
|
Pixar OpenUSD binary file format offset seek information leak vulnerability
|
2020-11-12
|
CVE-2020-9973
|
4.3
|
|
TALOS-2020-1120
|
Pixar OpenUSD Binary File Format Decompressed Path Rebuilding Memory corruption
|
2020-11-12
|
CVE-2020-13520
|
8.8
|
|
TALOS-2020-1105
|
Pixar OpenUSD binary file format index type values information leak vulnerability
|
2020-11-12
|
CVE-2020-13496, CVE-2020-13497, CVE-2020-13498
|
4.3
|
|
TALOS-2020-1094
|
Pixar OpenUSD binary file format compressed sections code execution vulnerabilities
|
2020-11-12
|
CVE-2020-6147, CVE-2020-6148, CVE-2020-6149, CVE-2020-6150, CVE-2020-6156, CVE-2020-13493
|
8.8
|
|
TALOS-2020-1101
|
Pixar OpenUSD Binary File Format Compressed Value Reps Code Execution Vulnerabilities
|
2020-11-12
|
CVE-2020-6155
|
8.8
|
|
TALOS-2020-1145
|
Pixar OpenUSD SDF layer path remote code execution
|
2020-11-12
|
CVE-2020-13531
|
8.8
|
|
TALOS-2020-1154
|
LogicalDoc installation privilege escalation vulnerability
|
2020-11-10
|
CVE-2020-13542
|
9.3
|
|
TALOS-2020-1032
|
BIMx Desktop Viewer Resource Parsing Integer Overflow Vulnerability
|
2020-11-06
|
CVE-202-6099
|
8.8
|
|
TALOS-2020-1156
|
Adobe Acrobat Reader DC form field format use after free
|
2020-11-05
|
CVE-2020-24437
|
8.8
|
|
TALOS-2020-1157
|
Adobe Acrobat Reader DC JavaScript submitForm heap buffer overflow redux
|
2020-11-05
|
CVE-2020-24435
|
8.8
|
|
TALOS-2020-1148
|
Moxa MXView series installation privilege escalation vulnerability
|
2020-11-04
|
CVE-2020-13536, CVE-2020-13537
|
9.3
|
|
TALOS-2020-1058
|
Synology SRM QuickConnect authentication Information Disclosure Vulnerability
|
2020-10-29
|
CVE-2020-27648, CVE-2020-27649
|
8.3
|
|
TALOS-2020-1060
|
Synology QuickConnect servers HTTP redirection Information Disclosure Vulnerability
|
2020-10-29
|
--
|
8.3
|
|
TALOS-2020-1059
|
Synology SRM web interface session cookie secure flag Information Disclosure Vulnerability
|
2020-10-29
|
CVE-2020-27651
|
8.3
|
|
TALOS-2020-1071
|
Synology SRM dnsExit DDNS provider information disclosure vulnerability
|
2020-10-29
|
CVE-2020-27656-CVE-2020-27657
|
4.0
|
|
TALOS-2020-1066
|
Synology SRM QuickConnect iptables network misconfiguration vulnerability
|
2020-10-29
|
CVE-2020-27655
|
6.5
|
|
TALOS-2020-1064
|
Synology QuickConnect servers network misconfiguration vulnerability
|
2020-10-29
|
--
|
6.5
|
|
TALOS-2020-1065
|
Synology SRM lbd service Command Execution Vulnerability
|
2020-10-29
|
CVE-2020-27654, CVE-2020-11117
|
9.6
|
|
TALOS-2020-1086
|
Synology SRM web interface session cookie HttpOnly flag information disclosure vulnerability
|
2020-10-29
|
CVE-2020-27658
|
7.5
|
|
TALOS-2020-1061
|
Synology SRM QuickConnect HTTP connection Information Disclosure Vulnerability
|
2020-10-29
|
CVE-2020-27652, CVE-2020-27653
|
8.3
|
|
TALOS-2020-1127
|
Google Chrome WebGL Buffer11::getBufferStorage Code Execution Vulnerability
|
2020-10-20
|
CVE-2020-6542
|
8.3
|
|
TALOS-2020-1049
|
F2fs-Tools F2fs.Fsck dev_read Information Disclosure Vulnerability
|
2020-10-14
|
CVE-2020-6107
|
4.4
|
|
TALOS-2020-1046
|
F2fs-Tools F2fs.Fsck filesystem checking Information Disclosure Vulnerability
|
2020-10-14
|
CVE-2020-6104
|
4.4
|
|
TALOS-2020-1048
|
F2fs-Tools F2fs.Fsck init_node_manager Information Disclosure Vulnerability
|
2020-10-14
|
CVE-2020-6106
|
4.4
|
|
TALOS-2020-1047
|
F2fs-Tools F2fs.Fsck Multiple Devices Code Execution Vulnerability
|
2020-10-14
|
CVE-2020-6105
|
8.2
|
|
TALOS-2020-1050
|
F2fs-Tools F2fs.Fsck fsck_chk_orphan_node Code Execution Vulnerability
|
2020-10-14
|
CVE-2020-6108
|
8.2
|
|
TALOS-2020-1007
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Data Segment Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-6086, CVE-2020-6087
|
7.5
|
|
TALOS-2020-1102
|
AMD ATIKMDAG.SYS D3DKMTEscape handler Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-12933
|
7.1
|
|
TALOS-2020-1123
|
Google Chrome DrawElementsInstanced information leak vulnerability
|
2020-10-13
|
CVE-2020-6555
|
6.8
|
|
TALOS-2020-1005
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Port Segment Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-6083
|
7.5
|
|
TALOS-2020-1057
|
Allen-Bradley MicroLogix 1100 programmable logic controller systems IPv4 denial-of-service vulnerability
|
2020-10-13
|
CVE-2020-6111
|
7.5
|
|
TALOS-2020-1006
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Logical Segment Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-6084, CVE-2020-6085
|
7.5
|
|
TALOS-2020-1139
|
Microsoft Azure Sphere Pluton SIGN_WITH_TENANT_ATTESTATION_KEY memory corruption vulnerability
|
2020-10-06
|
--
|
9.3
|
|
TALOS-2020-1134
|
Microsoft Azure Sphere Normal World application PACKET_MMAP unsigned code execution vulnerability
|
2020-10-06
|
CVE-2020-35608
|
5.5
|
|
TALOS-2020-1119
|
AMD ATIKMDAG.SYS D3DKMTCreateAllocation handler denial-of-service vulnerability
|
2020-10-06
|
CVE-2020-12911
|
7.1
|
|
TALOS-2020-1130
|
Microsoft Azure Sphere Littlefs truncate information disclosure vulnerability
|
2020-10-06
|
CVE-2020-16985
|
7.1
|
|
TALOS-2020-1129
|
Microsoft Azure Sphere Littlefs Quota denial of service vulnerability
|
2020-10-06
|
CVE-2020-16986
|
9.0
|
|
TALOS-2020-1038
|
NVIDIA D3D10 Driver nvwgf2umx_cfg.dll nvwg DCL_CONSTANT_BUFFER code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
|
TALOS-2020-1037
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MUL code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
|
TALOS-2020-1034
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV_SAT code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
|
TALOS-2020-1035
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
|
TALOS-2020-1106
|
Aveva eDNA Enterprise data historian CHaD.asmx multiple SQL injection vulnerabilities
|
2020-09-23
|
CVE-2020-13499, CVE-2020-13500, CVE-2020-13501
|
9.8
|
|
TALOS-2020-1124
|
Apple Safari/Webkit aboutBlankURL() code execution vulnerability
|
2020-09-17
|
CVE-2020-9951
|
8.8
|
|
TALOS-2020-1063
|
Nitro Pro PDF Object Stream Parsing Number of Objects Remote Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6113
|
8.8
|
|
TALOS-2020-1068
|
Nitro Pro XRefTable Entry Missing Object Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6115
|
8.8
|
|
TALOS-2020-1062
|
Nitro Pro PDF JPEG2000 Stripe Sub-sample Decoding Out-of-bounds Write Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6112
|
8.8
|
|
TALOS-2020-1084
|
Nitro Pro PDF ICCBased ColorSpace Stroke Color Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6146
|
8.8
|
|
TALOS-2020-1070
|
Nitro Pro Indexed ColorSpace Rendering Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6116
|
8.8
|
|
TALOS-2020-1092
|
Google Chrome PDFium Javascript Active Document Memory Corruption Vulnerability
|
2020-09-14
|
CVE-2020-6513
|
6.3
|
|
TALOS-2020-1098
|
Microsoft Windows 10 CLFS.sys ValidateRegionBlocks privilege escalation vulnerability
|
2020-09-08
|
CVE-2020-1115
|
8.8
|
|
TALOS-2020-1095
|
Accusoft ImageGear TIFF handle_COMPRESSION_PACKBITS memory corruption vulnerability
|
2020-09-01
|
CVE-2020-6151
|
8.1
|
|
TALOS-2020-1078
|
OS4Ed openSIS Validator.php SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6135
|
6.4
|
|
TALOS-2020-1077
|
OS4Ed openSIS id parameter multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6132, CVE-2020-6133, CVE-2020-6134
|
6.4
|
|
TALOS-2020-1080
|
OS4Ed openSIS Password Reset Multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6137, CVE-2020-6138, CVE-2020-6139, CVE-2020-6140
|
9.8
|
|
TALOS-2020-1079
|
OS4Ed openSIS DownloadWindow.php SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6136
|
6.4
|
|
TALOS-2020-1074
|
OS4Ed openSIS GetSchool.php SQL injection Vulnerability
|
2020-08-31
|
CVE-2020-6125
|
6.4
|
|
TALOS-2020-1083
|
OS4Ed openSIS install remote code execution vulnerability
|
2020-08-31
|
CVE-2020-6143, CVE-2020-6144
|
10.0
|
|
TALOS-2020-1072
|
OS4Ed openSIS CheckDuplicateStudent.php page SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6117, CVE-2020-6118, CVE-2020-6119, CVE-2020-6120, CVE-2020-6121, CVE-2020-6122
|
6.4
|
|
TALOS-2020-1073
|
OS4Ed openSIS email parameter SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6123, CVE-2020-6124
|
6.4
|
|
TALOS-2020-1076
|
OS4Ed openSIS course_period_id parameter multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6129, CVE-2020-6130, CVE-2020-6131
|
6.4
|
|
TALOS-2020-1075
|
OS4Ed openSIS CoursePeriodModal.php page multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6126, CVE-2020-6127, CVE-2020-6128
|
6.4
|
|
TALOS-2020-1082
|
OS4Ed openSIS Modules.php remote code execution vulnerability
|
2020-08-31
|
CVE-2020-6142
|
9.9
|
|
TALOS-2020-1081
|
OS4Ed openSIS login SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6141
|
9.8
|
|
TALOS-2020-1036
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV2 code execution vulnerability
|
2020-08-30
|
CVE‑2020‑5981
|
8.5
|
|
TALOS-2020-1029
|
atftpd daemon Denial of Service Vulnerability
|
2020-08-26
|
CVE-2020-6097
|
7.5
|
|
TALOS-2020-1138
|
Microsoft Azure Sphere Normal World application /proc/thread-self/mem unsigned code execution vulnerability
|
2020-08-24
|
CVE-2020-16987
|
6.2
|
|
TALOS-2020-1133
|
Microsoft Azure Sphere Capability access control privilege escalation vulnerability
|
2020-08-24
|
CVE-2020-16992
|
8.1
|
|
TALOS-2020-1128
|
Microsoft Azure Sphere Normal World application READ_IMPLIES_EXEC personality unsigned code execution vulnerability
|
2020-08-24
|
CVE-2020-16984
|
6.2
|
|
TALOS-2020-1085
|
Google Chrome WebGL code execution vulnerability
|
2020-08-24
|
CVE-2020-6492
|
8.3
|
|
TALOS-2020-1137
|
Microsoft Azure Sphere uid_map UID uniqueness privilege escalation vulnerability
|
2020-08-24
|
CVE-2020-16993
|
8.1
|
|
TALOS-2020-1100
|
Internet Systems Consortium's BIND TCP Receive Buffer Length Assertion Check Denial of Service Vulnerability
|
2020-08-20
|
CVE-2020-8620
|
7.5
|
|
TALOS-2020-1091
|
ERPNext frappe.desk.reportview.get SQL injection vulnerability
|
2020-08-04
|
CVE-2020-6145
|
6.4
|
|
TALOS-2020-1122
|
SoftPerfect RAM Disk spvve.sys 0x222024 information disclosure vulnerability
|
2020-08-04
|
CVE-2020-13523
|
3.8
|
|
TALOS-2020-1121
|
SoftPerfect RAM Disk spvve.sys 0x222004 arbitrary file deletion vulnerability
|
2020-08-04
|
CVE-2020-13522
|
8.8
|
|
TALOS-2020-1117
|
Microsoft Azure Sphere asynchronous ioctl denial-of-service vulnerability
|
2020-07-31
|
CVE-2020-35609
|
7.1
|
|
TALOS-2020-1131
|
Microsoft Azure Sphere ASXipFS inode type privilege escalation vulnerability
|
2020-07-31
|
CVE-2020-16982
|
8.1
|
|
TALOS-2020-1118
|
Microsoft Azure Sphere AF_AZSPIO socket memory corruption vulnerability
|
2020-07-31
|
CVE-2020-16970
|
8.1
|
|
TALOS-2020-1093
|
Microsoft Azure Sphere Normal World application /proc/self/mem unsigned code execution vulnerability
|
2020-07-31
|
CVE-2020-16994
|
6.2
|
|
TALOS-2020-1132
|
Microsoft Azure Sphere mtd character device driver privilege escalation vulnerability
|
2020-07-31
|
CVE-2020-16982
|
8.1
|
|
TALOS-2020-1089
|
Microsoft Azure Sphere kernel message ring buffer Information Disclosure Vulnerability
|
2020-07-31
|
CVE-2020-16990
|
4.3
|
|
TALOS-2020-1090
|
Microsoft Azure Sphere Normal World application ptrace unsigned code execution vulnerability
|
2020-07-31
|
CVE-2020-16991
|
6.2
|
|
TALOS-2020-1030
|
freeDiameter freeDiameterd Denial of Service Vulnerability
|
2020-07-28
|
CVE-2020-6098
|
7.5
|
|
TALOS-2020-1069
|
Siemens LOGO! Web Server Code Execution Vulnerability
|
2020-07-15
|
CVE-2020-7593
|
10.0
|
|
TALOS-2020-1041
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality DCL_OUTPUT Code Execution Vulnerability
|
2020-07-14
|
CVE-2020-6101
|
8.5
|
|
TALOS-2020-1042
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality RESOURCE Code Execution Vulnerability
|
2020-07-14
|
CVE-2020-6102
|
8.5
|
|
TALOS-2020-1040
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality MOV REG Code Execution Vulnerability
|
2020-07-14
|
CVE-2020-6100
|
8.5
|
|
TALOS-2020-1043
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality ROUND_NI Code Execution Vulnerability
|
2020-07-14
|
CVE-2020-6103
|
8.5
|
|
TALOS-2020-0983
|
Intel IGC64.DLL Shader Functionality hull shader denial of service vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1043
|
6.3
|
|
TALOS-2020-0981
|
Intel IGC64.DLL shader functionality realloc code execution vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1041
|
8.5
|
|
TALOS-2020-0979
|
Intel IGC64.DLL shader functionality ATOMIC_ADD code execution vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1036
|
8.5
|
|
TALOS-2020-0978
|
Intel IGC64.DLL Shader Functionality DCL_OUTPUT code execution vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1032
|
8.5
|
|
TALOS-2020-0980
|
Intel IGC64.DLL shader functionality DCL_INDEXABLETEMP code execution vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1040
|
8.5
|
|
TALOS-2020-0982
|
Intel IGC64.DLL Shader Functionality HeapReAlloc code execution vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1042
|
8.5
|
|
TALOS-2020-1067
|
Glacies IceHRM Admin Reports SQL injection Vulnerability
|
2020-07-10
|
CVE-2020-6114
|
6.6
|
|
TALOS-2020-1044
|
Google Chrome PDFium Javascript Regexp Memory Corruption Vulnerability
|
2020-07-02
|
CVE-2020-6458
|
8.8
|
|
TALOS-2020-1088
|
Mozilla Firefox URL mPath Information Disclosure Vulnerability
|
2020-07-01
|
CVE-2020-12418
|
6.5
|
|
TALOS-2020-1009
|
Leadtools Image Parser Animated Icon Code Execution Vulnerability
|
2020-07-01
|
CVE-2020-6089
|
8.8
|
|
TALOS-2019-0971
|
NVIDIA NVWGF2UMX_CFG.DLL shader functionality denial-of-service vulnerability
|
2020-06-24
|
CVE-2020-5965
|
8.5
|
|
TALOS-2020-1096
|
Accusoft ImageGear DICOM parse_dicom_meta_info code execution vulnerability
|
2020-06-23
|
CVE-2020-6152
|
9.8
|
|
TALOS-2020-1010
|
WAGO PFC 200 Web-Based Management (WBM) Code Execution Vulnerability
|
2020-06-10
|
CVE-2020-6090
|
9.1
|
|
TALOS-2020-1045
|
Microsoft Office Excel HTML and XML Table Code Execution Vulnerability
|
2020-06-10
|
CVE-2020-1225
|
8.8
|
|
TALOS-2020-1027
|
Microsoft Office Excel PivotField code execution vulnerability
|
2020-06-10
|
CVE-2020-1226
|
8.8
|
|
TALOS-2020-1053
|
Mozilla Firefox SharedWorkerService Code Execution Vulnerability
|
2020-06-10
|
CVE-2020-12405
|
8.8
|
|
TALOS-2020-1026
|
Siemens LOGO! TDE service "NFSAccess" Upload File Write Vulnerability
|
2020-06-09
|
CVE-2020-7589
|
7.5
|
|
TALOS-2020-1025
|
Siemens LOGO! TDE service "DELETEPROG" Denial of Service Vulnerability
|
2020-06-09
|
CVE-2020-7589
|
9.3
|
|
TALOS-2020-1024
|
Siemens LOGO! TDE service "NFSAccess" Delete Denial of Service Vulnerability
|
2020-06-09
|
CVE-2020-7589
|
9.3
|
|
TALOS-2020-1055
|
Zoom client application chat Giphy arbitrary file write
|
2020-06-03
|
CVE-2020-6109
|
8.5
|
|
TALOS-2020-1056
|
Zoom Client Application Chat Code Snippet Remote Code Execution Vulnerability
|
2020-06-03
|
CVE-2020-6110
|
8.0
|
|
TALOS-2020-1214
|
Webkit fireEventListeners use-after-free vulnerability
|
2020-06-02
|
CVE-2021-21806
|
8.8
|
|
TALOS-2019-0957
|
VMware Workstation 15 shader functionality round_ni denial of service vulnerability
|
2020-06-01
|
CVE-2020-3958
|
6.5
|
|
TALOS-2020-1019
|
GNU glibc ARMv7 memcpy() memory corruption vulnerability
|
2020-05-21
|
CVE-2020-6096
|
8.1
|
|
TALOS-2020-1011
|
Epson EB-1470Ui ESPON Web Control Authentication Bypass Vulnerability
|
2020-05-21
|
CVE-2020-6091
|
9.8
|
|
TALOS-2020-1014
|
Nitro Pro PDF Javascript XML error handling Information Disclosure Vulnerability
|
2020-05-18
|
CVE-2020-6093
|
6.5
|
|
TALOS-2020-1087
|
Synology SRM SafeAccess 1.2.1-0220 code execution Vvulnerability
|
2020-05-18
|
CVE-2020-27659, CVE-2020-27660
|
8.3
|
|
TALOS-2020-1013
|
Nitro Pro PDF Pattern Object Code Execution Vulnerability
|
2020-05-18
|
CVE-2020-6092
|
8.8
|
|
TALOS-2020-0997
|
Nitro PRO PDF nested pages remote code execution vulnerability
|
2020-05-18
|
CVE-2020-6074
|
8.8
|
|
TALOS-2020-1028
|
Adobe Acrobat Reader DC Annotation Destroy Remote Code Execution
|
2020-05-12
|
CVE-2020-9607
|
8.8
|
|
TALOS-2020-1031
|
Adobe Acrobat Reader DC Javascript submitForm Remote Code Execution Vulnerability
|
2020-05-12
|
CVE-2020-9609
|
8.8
|
|
TALOS-2020-1015
|
Microsoft Office Excel s_Schema Code Execution Vulnerability
|
2020-05-12
|
CVE-2020-0901
|
8.8
|
|
TALOS-2020-1003
|
3S-Smart Software Solutions GmbH CODESYS Runtime PLC_Task Code Execution Vulnerability
|
2020-05-06
|
CVE-2020-6081
|
9.9
|
|
TALOS-2020-1051
|
Synology SRM DHCP monitor hostname parsing Denial of Service Vulnerability
|
2020-05-06
|
CVE-2019-11823
|
7.4
|
|
TALOS-2020-1004
|
Accusoft ImageGear ICO ico_read buffer size computation code execution vulnerability
|
2020-05-05
|
CVE-2020-6082
|
9.8
|
|
TALOS-2020-1033
|
Windows 10 Insider Preview Fast win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability Regression
|
2020-05-05
|
--
|
8.4
|
|
TALOS-2020-0998
|
Accusoft ImageGear PNG store_data_buffer size computation code execution vulnerability
|
2020-05-05
|
CVE-2020-6075
|
9.8
|
|
TALOS-2020-0999
|
Accusoft ImageGear ICO icoread code execution vulnerability
|
2020-05-05
|
CVE-2020-6076
|
9.8
|
|
TALOS-2020-1017
|
Accusoft ImageGear TIFF fill_in_raster buffer copy operation code execution vulnerability
|
2020-05-05
|
CVE-2020-6094
|
9.8
|
|
TALOS-2020-1211
|
Linux Kernel /proc/pid/syscall information disclosure vulnerability
|
2020-04-27
|
CVE-2020-28588
|
4.0
|
|
TALOS-2020-1218
|
Prusa Research PrusaSlicer _3MF_Importer::_handle_end_model() use-after-free vulnerability
|
2020-04-21
|
CVE-2020-28594
|
8.8
|
|
TALOS-2020-1052
|
Zoom Communications Registered Users Enumeration
|
2020-04-21
|
--
|
6.5
|
|
TALOS-2020-1158
|
Synology DSM AppArmor synosearchagent misconfiguration vulnerability
|
2020-04-19
|
CVE-2021-26563
|
6.7
|
|
TALOS-2020-1012
|
Microsoft Media Foundation CQTMetadataKeysAtom GetKeyForIndex Information Disclosure Vulnerability
|
2020-04-14
|
CVE-2020-0939
|
6.5
|
|
TALOS-2020-0988
|
F2fs-tools fsck.f2fs sanity_check_area_boundary code execution vulnerability
|
2020-04-09
|
CVE-2020-6070
|
6.7
|
|
TALOS-2020-1039
|
NVIDIA D3D10 Driver nvwgf2umx_cfg.dll nvwg FTOI code execution vulnerability
|
2020-03-25
|
CVE‑2020‑5981
|
8.5
|
|
TALOS-2019-0897
|
3S-Smart Software Solutions CODESYS GatewayService memory corruption vulnerability
|
2020-03-25
|
CVE-2019-5105
|
7.5
|
|
TALOS-2019-0914
|
Intel Raid Web Console 3 DISCOVERY Denial of Service
|
2020-03-24
|
CVE-2020-8688
|
7.5
|
|
TALOS-2019-0894
|
Intel Raid Web Console 3 add server denial-of-service vulnerability
|
2020-03-24
|
CVE-2020-8688
|
7.5
|
|
TALOS-2020-0996
|
Videolabs libmicrodns 0.1.0 TXT record RDATA-parsing denial-of-service vulnerability
|
2020-03-23
|
CVE-2020-6073
|
7.5
|
|
TALOS-2020-0994
|
Videolabs libmicrodns 0.1.0 resource record recursive label uncompression denial-of-service vulnerability
|
2020-03-23
|
CVE-2020-6071
|
7.5
|
|
TALOS-2020-1018
|
GStreamer gst-rtsp-server GstRTSPAuth Denial of Service Vulnerability
|
2020-03-23
|
CVE-2020-6095
|
7.5
|
|
TALOS-2020-1000
|
Videolabs libmicrodns 0.1.0 message-parsing bounds denial-of-service vulnerability
|
2020-03-23
|
CVE-2020-6077
|
7.5
|
|
TALOS-2020-1002
|
Videolabs libmicrodns 0.1.0 resource allocation denial-of-service vulnerabilities
|
2020-03-23
|
CVE-2020-6079, CVE-2020-6080
|
7.5
|
|
TALOS-2020-1001
|
Videolabs libmicrodns 0.1.0 mdns_recv return value denial-of-service vulnerability
|
2020-03-23
|
CVE-2020-6078
|
7.5
|
|
TALOS-2020-0995
|
Videolabs libmicrodns 0.1.0 rr_decode return value remote code execution vulnerability
|
2020-03-23
|
CVE-2020-6072
|
9.8
|
|
TALOS-2020-1016
|
Microsoft Windows 10 Kernel SetMapMode MM_HIENGLISH information disclosure vulnerability
|
2020-03-10
|
CVE-2020-0791
|
7.3
|
|
TALOS-2019-0899
|
WAGO e!Cockpit network communication cleartext transmission vulnerability
|
2020-03-09
|
CVE-2019-5107
|
7.5
|
|
TALOS-2019-0954
|
WAGO PFC200 Cloud Connectivity Remote Code Execution Vulnerability
|
2020-03-09
|
CVE-2019-5161
|
9.1
|
|
TALOS-2019-0953
|
WAGO PFC200 Cloud Connectivity Improper Host Validation Vulnerability
|
2020-03-09
|
CVE-2019-5160
|
9.1
|
|
TALOS-2019-0949
|
WAGO PFC200 Cloud Connectivity TimeoutPrepared Command Injection Vulnerability
|
2020-03-09
|
CVE-2019-5156
|
7.2
|
|
TALOS-2019-0963
|
WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Code Execution Vulnerabilities
|
2020-03-09
|
CVE-2019-5176, CVE-2019-5177, CVE-2019-5178, CVE-2019-5179, CVE-2019-5180, CVE-2019-5181, CVE-2019-5182
|
8.8
|
|
TALOS-2019-0923
|
WAGO PFC100/200 Web-Based Management (WBM) Authentication Regex Information Disclosure Vulnerability
|
2020-03-09
|
CVE-2019-5134
|
5.3
|
|
TALOS-2019-0948
|
WAGO PFC200 Cloud Connectivity Multiple Command Injection Vulnerabilities
|
2020-03-09
|
CVE-2019-5155
|
7.2
|
|
TALOS-2019-0950
|
WAGO PFC200 Cloud Connectivity TimeoutUnconfirmed Command Injection Vulnerability
|
2020-03-09
|
CVE-2019-5157
|
7.2
|
|
TALOS-2019-0924
|
WAGO PFC100/200 Web-Based Management (WBM) Authentication Timing Information Disclosure Vulnerability
|
2020-03-09
|
CVE-2019-5135
|
5.3
|
|
TALOS-2019-0952
|
WAGO e!COCKPIT file path improper input validation vulnerability
|
2020-03-09
|
CVE-2019-5159
|
8.6
|
|
TALOS-2019-0962
|
WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Command Injection Vulnerabilities
|
2020-03-09
|
CVE-2019-5167, CVE-2019-5168, CVE-2019-5169, CVE-2019-5170, CVE-2019-5171, CVE-2019-5172, CVE-2019-5173, CVE-2019-5174, CVE-2019-5175
|
8.8
|
|
TALOS-2019-0939
|
WAGO PFC100/200 Web-Based Management (WBM) FastCGI configuration insufficient resource pool denial of service
|
2020-03-09
|
CVE-2019-5149
|
5.3
|
|
TALOS-2019-0966
|
WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Memory Corruption Vulnerabilities
|
2020-03-09
|
CVE-2019-5185, CVE-2019-5186
|
7.0
|
|
TALOS-2019-0965
|
WAGO PFC200 iocheckd service "I/O-Check" cache gateway Memory Corruption Vulnerability
|
2020-03-09
|
CVE-2019-5184
|
7.0
|
|
TALOS-2019-0969
|
Zoom conference room connector service insufficient session invalidation
|
2020-03-05
|
--
|
6.4
|
|
TALOS-2020-1172
|
Webkit AudioSourceProviderGStreamer use-after-free vulnerability
|
2020-03-03
|
CVE-2020-13558
|
8.8
|
|
TALOS-2020-1221
|
Epignosis eFront LMS Password Reset authentication bypass vulnerability
|
2020-03-03
|
CVE-2020-28597
|
9.8
|
|
TALOS-2020-1173
|
Synology DSM findhostd unencrypted credentials disclosure vulnerability
|
2020-02-25
|
--
|
8.0
|
|
TALOS-2019-0938
|
Moxa AWK-3131A ServiceAgent denial-of-service vulnerability
|
2020-02-24
|
CVE-2019-5148
|
7.5
|
|
TALOS-2019-0930
|
Moxa AWK-3131A iw_webs iw_serverip Parameter Command Injection Vulnerability
|
2020-02-24
|
CVE-2019-5141
|
8.8
|
|
TALOS-2019-0927
|
Moxa AWK-3131A Encrypted Diagnostic Script Command Injection Vulnerability
|
2020-02-24
|
CVE-2019-5138
|
9.9
|
|
TALOS-2019-0932
|
Moxa AWK-3131A iw_console conio_writestr Remote Code Execution Vulnerability
|
2020-02-24
|
CVE-2019-5143
|
8.8
|
|
TALOS-2020-1215
|
Slic3r libslic3r AMF File AMFParserContext::endElement() out-of-bounds read vulnerability
|
2020-02-24
|
CVE-2020-28591
|
8.6
|
|
TALOS-2019-0928
|
Moxa AWK-3131A multiple iw_* utilities Use of Hard-coded Credentials Vulnerability
|
2020-02-24
|
CVE-2019-5139
|
6.2
|
|
TALOS-2019-0931
|
Moxa AWK-3131A WAP Hostname Command Injection Vulnerability
|
2020-02-24
|
CVE-2019-5142
|
7.2
|
|
TALOS-2019-0944
|
Moxa AWK-3131A iw_webs User Configuration Remote Code Execution Vulnerability
|
2020-02-24
|
CVE-2019-5153
|
9.9
|
|
TALOS-2019-0929
|
Moxa AWK-3131A iw_webs DecryptScriptFile file name Command Injection Vulnerability
|
2020-02-24
|
CVE-2019-5140
|
8.8
|
|
TALOS-2019-0960
|
Moxa AWK-3131A iw_webs hostname Authentication Bypass Vulnerability
|
2020-02-24
|
CVE-2019-5165
|
8.0
|
|
TALOS-2019-0925
|
Moxa AWK-3131A iw_console Privilege Escalation Vulnerability
|
2020-02-24
|
CVE-2019-5136
|
8.8
|
|
TALOS-2019-0955
|
Moxa AWK-3131A iw_webs Account Settings Improper Access Control Vulnerability
|
2020-02-24
|
CVE-2019-5162
|
9.9
|
|
TALOS-2019-0926
|
Moxa AWK-3131A ServiceAgent Use of Hard-coded Cryptographic Key
|
2020-02-24
|
CVE-2019-5137
|
7.5
|
|
TALOS-2020-0984
|
CoTURN HTTP Server POST-parsing information leak vulnerability
|
2020-02-18
|
CVE-2020-6061
|
7.0
|
|
TALOS-2020-0985
|
CoTURN HTTP Server POST-parsing denial-of-service vulnerability
|
2020-02-18
|
CVE-2020-6062
|
5.9
|
|
TALOS-2019-0967
|
Apple Safari FontFaceSet Remote Code Execution Vulnerability
|
2020-02-12
|
CVE-2020-3868
|
8.8
|
|
TALOS-2019-0970
|
Windows 10 win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability
|
2020-02-11
|
CVE-2020-0731
|
8.4
|
|
TALOS-2019-0946
|
Microsoft Media Foundation IMFASFSplitter::Initialize Code Execution Vulnerability
|
2020-02-11
|
CVE-2020-0738
|
8.8
|
|
TALOS-2019-0959
|
Adobe Acrobat Reader DC Javascript Field Name Information Leak
|
2020-02-11
|
CVE-2020-3744
|
6.8
|
|
TALOS-2019-0968
|
Microsoft Office Excel Ordinal43 code execution vulnerability
|
2020-02-11
|
CVE-2020-0759
|
8.8
|
|
TALOS-2020-0986
|
Accusoft ImageGear PCX uncompress_scan_line buffer size computation code execution vulnerability
|
2020-02-10
|
CVE-2020-6063
|
9.8
|
|
TALOS-2020-0991
|
Accusoft ImageGear TIFF tifread code execution vulnerability
|
2020-02-10
|
CVE-2020-6067
|
9.8
|
|
TALOS-2020-0987
|
Accusoft ImageGear PCX uncompress_scan_line buffer copy operation code execution vulnerability
|
2020-02-10
|
CVE-2020-6064
|
9.8
|
|
TALOS-2020-0990
|
Accusoft ImageGear JPEG SOFx Code Execution Vulnerability
|
2020-02-10
|
CVE-2020-6066
|
9.8
|
|
TALOS-2020-0993
|
Accusoft ImageGear JPEG jpegread precision code execution vulnerability
|
2020-02-10
|
CVE-2020-6069
|
9.8
|
|
TALOS-2020-0989
|
Accusoft ImageGear BMP bmp_parsing buffer size computation code execution vulnerability
|
2020-02-10
|
CVE-2020-6065
|
9.8
|
|
TALOS-2019-0972
|
Accusoft ImageGear TIFF TIF_read_stripdata code execution vulnerability
|
2020-02-05
|
CVE-2019-5187
|
9.8
|
|
TALOS-2020-0975
|
Mini-SNMPD decode_cnt information leak vulnerability
|
2020-02-03
|
CVE-2020-6058
|
8.2
|
|
TALOS-2020-0976
|
Mini-SNMPD decode_int Information Leak Vulnerability
|
2020-02-03
|
CVE-2020-6059
|
8.2
|
|
TALOS-2020-0977
|
Mini-SNMPD socket disconnect denial-of-service vulnerability
|
2020-02-03
|
CVE-2020-6060
|
7.5
|
|
TALOS-2020-0992
|
Accusoft ImageGear PNG pngread width code execution vulnerability
|
2020-01-27
|
CVE-2020-6068
|
9.8
|
|
TALOS-2019-0937
|
AMD ATI Radeon ATIDXX64.DLL MAD shader functionality denial-of-service vulnerability
|
2020-01-21
|
CVE-2019-5146
|
8.6
|
|
TALOS-2019-0964
|
AMD ATI Radeon ATIDXX64.DLL shader functionality VTABLE remote code execution vulnerability
|
2020-01-21
|
CVE-2019-5183
|
9.0
|
|
TALOS-2019-0936
|
AMD ATI Radeon ATIDXX64.DLL MOVC shader functionality denial-of-service vulnerability
|
2020-01-21
|
CVE-2019-5147
|
8.6
|
|
TALOS-2019-0913
|
AMD ATI Radeon ATIDXX64.DLL shader functionality constant buffer denial-of-service vulnerability
|
2020-01-21
|
CVE-2019-5124
|
8.6
|
|
TALOS-2019-0915
|
Foxit PDF Reader Javascript Field Action Validate Remote Code Execution Vulnerability
|
2020-01-16
|
CVE-2019-5126
|
8.8
|
|
TALOS-2019-0920
|
Foxit PDF Reader JavaScript field action OnBlur remote code execution vulnerability
|
2020-01-16
|
CVE-2019-5131
|
8.8
|
|
TALOS-2019-0935
|
Foxit PDF Reader Javascript createTemplate Invalid Page Code Execution Vulnerability
|
2020-01-16
|
CVE-2019-5130
|
8.0
|
|
TALOS-2019-0934
|
Foxit PDF Reader JavaScript field keystroke action remote code execution vulnerability
|
2020-01-16
|
CVE-2019-5145
|
8.8
|
|
TALOS-2019-0973
|
E2fsprogs e2fsck rehash.c mutate_name() Code Execution Vulnerability
|
2020-01-07
|
CVE-2019-5188
|
7.5
|
|
TALOS-2019-0853
|
OpenCV JSON persistence parser buffer overflow vulnerability
|
2020-01-02
|
CVE-2019-5064
|
8.8
|
|
TALOS-2019-0852
|
OpenCV XML Persistence Parser Buffer Overflow Vulnerability
|
2020-01-02
|
CVE-2019-5063
|
8.8
|
|
TALOS-2019-0871
|
WAGO PFC200 iocheckd service "I/O-Check" ReadPSN remote code execution vulnerability
|
2019-12-16
|
CVE-2019-5079
|
10.0
|
|
TALOS-2019-0870
|
WAGO PFC200 iocheckd service "I/O-Check" Erase Denial of Service Vulnerability
|
2019-12-16
|
CVE-2019-5078
|
10.0
|
|
TALOS-2019-0862
|
WAGO PFC200 iocheckd service "I/O-Check" external tool information exposure vulnerability
|
2019-12-16
|
CVE-2019-5073
|
5.3
|
|
TALOS-2019-0872
|
WAGO PFC200 iocheckd service "I/O-Check" factory restore denial-of-service vulnerability
|
2019-12-16
|
CVE-2019-5080
|
10.0
|
|
TALOS-2019-0869
|
WAGO PFC200 iocheckd service "I/O-Check" MAC Address overwrite Denial of Service Vulnerability
|
2019-12-16
|
CVE-2019-5077
|
10.0
|
|
TALOS-2019-0873
|
WAGO PFC200 iocheckd service "I/O-Check" ReadPCBManuNum remote code execution vulnerability
|
2019-12-16
|
CVE-2019-5081
|
10.0
|
|
TALOS-2019-0863
|
WAGO PFC200 iocheckd service "I/O-Check" BC_ProductLabel remote code execution vulnerability
|
2019-12-16
|
CVE-2019-5074
|
9.8
|
|
TALOS-2019-0874
|
WAGO PFC200 iocheckd service "I/O-Check" ReadPCBManuNum remote code execution vulnerability
|
2019-12-16
|
CVE-2019-5082
|
10.0
|
|
TALOS-2019-0864
|
WAGO PFC200 iocheckd service "I/O-Check" get_coupler_details remote code execution vulnerability
|
2019-12-16
|
CVE-2019-5075
|
9.8
|
|
TALOS-2019-0850
|
W1.fi hostapd deauthentication denial-of-service vulnerability
|
2019-12-11
|
CVE-2019-5062
|
7.4
|
|
TALOS-2019-0900
|
Linux kernel CAM table denial-of-service vulnerability
|
2019-12-11
|
CVE-2019-5108
|
7.4
|
|
TALOS-2019-0849
|
W1.fi hostapd CAM table denial-of-service vulnerability
|
2019-12-11
|
CVE-2019-5061
|
7.4
|
|
TALOS-2019-0943
|
Apple Safari SVG Marker Element baseVal Remote Code Execution Vulnerability
|
2019-12-11
|
CVE-2019-8846
|
8.8
|
|
TALOS-2019-0933
|
Kakadu Software SDK ATK marker code execution vulnerability
|
2019-12-11
|
CVE-2019-5144
|
8.1
|
|
TALOS-2019-0947
|
Adobe Acrobat Reader DC Javascript gotoNamedDest information leak vulnerability
|
2019-12-10
|
CVE-2019-16463
|
6.8
|
|
TALOS-2019-0883
|
LEADTOOLS libltdic.so LDicomAssociate::SetBinary denial-of-service vulnerability
|
2019-12-10
|
CVE-2019-5091
|
7.5
|
|
TALOS-2019-0877
|
LEADTOOLS libltdic.so DICOM receive code execution vulnerability
|
2019-12-10
|
CVE-2019-5085
|
9.8
|
|
TALOS-2019-0882
|
LEADTOOLS libltdic.so DICOM LDicomNet::receive information disclosure vulnerability
|
2019-12-10
|
CVE-2019-5090
|
9.1
|
|
TALOS-2019-0901
|
Microsoft Remote Desktop Services (RDP8) license negotiation denial-of-service vulnerability
|
2019-12-10
|
CVE-2019-1453
|
7.5
|
|
TALOS-2019-0895
|
Microsoft Remote Desktop Services (RDP7) Windows XP Multiple Information Leak Vulnerabilities
|
2019-12-10
|
CVE-2019-1489
|
5.3
|
|
TALOS-2019-0945
|
LEADTOOLS JPEG2000 Isot parsing Memory Corruption Vulnerability
|
2019-12-10
|
CVE-2019-5154
|
8.8
|
|
TALOS-2019-0885
|
LEADTOOLS libltdic.so DICOM LDicomNet::SendData Code Execution Vulnerability
|
2019-12-10
|
CVE-2019-5093
|
8.1
|
|
TALOS-2019-0884
|
LEADTOOLS DICOM UI Parsing Code Execution Vulnerability
|
2019-12-10
|
CVE-2019-5092
|
8.8
|
|
TALOS-2019-0890
|
AMD ATI Radeon ATIDXX64.DLL shader functionality sincos denial-of-service vulnerability
|
2019-12-05
|
CVE-2019-5098
|
8.6
|
|
TALOS-2019-0942
|
Shadowsocks-libev ss-server Stream Cipher Information Disclosure Vulnerability
|
2019-12-03
|
CVE-2019-5152
|
7.4
|
|
TALOS-2019-0958
|
Shadowsocks-libev ss-manager add_server Code Execution Vulnerability
|
2019-12-03
|
CVE-2019-5164
|
7.8
|
|
TALOS-2019-0956
|
Shadowsocks-libev ss-server UdpRelay Denial-of-Service Vulnerability
|
2019-12-03
|
CVE-2019-5163
|
5.9
|
|
TALOS-2019-0903
|
Forma LMS 2.2.1 /appCore/index.php users parameter SQL injections
|
2019-12-02
|
CVE-2019-5110
|
7.4
|
|
TALOS-2019-0889
|
EmbedThis GoAhead web server denial-of-service vulnerability
|
2019-12-02
|
CVE-2019-5097
|
5.3
|
|
TALOS-2019-0888
|
EmbedThis GoAhead web server code execution vulnerability
|
2019-12-02
|
CVE-2019-5096
|
9.8
|
|
TALOS-2019-0875
|
Accusoft ImageGear TIFF TIF_decode_thunderscan code execution vulnerability
|
2019-12-02
|
CVE-2019-5083
|
9.8
|
|
TALOS-2019-0865
|
Accusoft ImageGear PNG IHDR width code execution vulnerability
|
2019-12-02
|
CVE-2019-5076
|
9.8
|
|
TALOS-2019-0922
|
Accusoft ImageGear BMP code execution vulnerability
|
2019-12-02
|
CVE-2019-5133
|
9.8
|
|
TALOS-2019-0921
|
Accusoft ImageGear GEM Raster Code Execution Vulnerability
|
2019-12-02
|
CVE-2019-5132
|
9.8
|
|
TALOS-2019-0902
|
Forma LMS 2.2.1 ajax.adm_server.php dir parameter SQL injections
|
2019-12-02
|
CVE-2019-5109
|
7.4
|
|
TALOS-2019-0904
|
Forma LMS 2.2.1 /appLms/ajax.server.php filter_cat and filter_status parameters SQL injections
|
2019-12-02
|
CVE-2019-5111 - CVE-2019-5112
|
7.4
|
|
TALOS-2019-0878
|
xcftools flattenIncrementally tiles walk code execution vulnerability
|
2019-11-21
|
CVE-2019-5086
|
7.5
|
|
TALOS-2019-0861
|
Tenda AC9 /goform/WanParameterSetting Command Injection Vulnerability
|
2019-11-21
|
CVE-2019-5071-CVE-2019-5072
|
7.8
|
|
TALOS-2019-0879
|
xcftools flattenIncrementally rows allocation code execution vulnerability
|
2019-11-20
|
CVE-2019-5087
|
8.8
|
|
TALOS-2019-0893
|
OpenWrt ustream-ssl certificate verification information leak vulnerability
|
2019-11-15
|
CVE-2019-5101 - CVE-2019-5102
|
4.0
|
|
TALOS-2019-0790
|
Exhibitor UI command injection vulnerability
|
2019-11-13
|
CVE-2019-5029
|
9.8
|
|
TALOS-2019-0845
|
Intel IGC64.DLL shader functionality DCL_INDEXABLE_TEMP denial-of-service vulnerability
|
2019-11-13
|
CVE-2019-14574
|
8.5
|
|
TALOS-2019-0912
|
Microsoft Media Foundation CMP4MetadataHandler AddQTMetadata Code Execution Vulnerability
|
2019-11-12
|
CVE-2019-1430
|
8.8
|
|
TALOS-2019-0886
|
Microsoft Office Excel WorksheetOptions Code Execution Vulnerability
|
2019-11-12
|
CVE-2019-1448
|
8.8
|
|
TALOS-2019-0916
|
LEADTOOLS JPEG2000 j2pc Parsing Remote Code Execution Vulnerability
|
2019-11-05
|
CVE-2019-5125
|
8.8
|
|
TALOS-2019-0891
|
LEADTOOLS CMP-parsing code execution vulnerability
|
2019-11-05
|
CVE-2019-5099
|
8.8
|
|
TALOS-2019-0876
|
LEADTOOLS TIF ImageWidth code execution vulnerability
|
2019-11-05
|
CVE-2019-5084
|
8.8
|
|
TALOS-2019-0892
|
LEADTOOLS BMP Parsing Remote Code Execution Vulnerability
|
2019-11-05
|
CVE-2019-5100
|
8.8
|
|
TALOS-2019-0881
|
Investintech Able2Extract professional JPEG decoding code execution vulnerability
|
2019-11-04
|
CVE-2019-5089
|
8.8
|
|
TALOS-2019-0880
|
Investintech Able2Extract Professional BMP decoding biClrUsed code execution vulnerability
|
2019-11-04
|
CVE-2019-5088
|
8.8
|
|
TALOS-2019-0941
|
YouPHPTube /objects/video.php getVideo videoName code execution vulnerability
|
2019-10-30
|
CVE-2019-5151
|
10.0
|
|
TALOS-2019-0940
|
YouPHPTube /objects/video.php getVideo search code execution vulnerability
|
2019-10-30
|
CVE-2019-5150
|
8.9
|
|
TALOS-2019-0848
|
VMware Fusion 11 Shader Functionality Denial Of Service
|
2019-10-28
|
CVE-2019-5536
|
6.5
|
|
TALOS-2019-0857
|
X11 Mesa 3D Graphics Library shared memory permissions vulnerability
|
2019-10-23
|
CVE-2019-5068
|
5.1
|
|
TALOS-2019-0909
|
YouPHPTube /objects/subscribeNotify.json.php user_id SQL injection vulnerability
|
2019-10-17
|
CVE-2019-5119
|
7.4
|
|
TALOS-2019-0906
|
YouPHPTube /objects/commentAddNew.json.php comments_id SQL injection vulnerability
|
2019-10-17
|
CVE-2019-5114
|
7.4
|
|
TALOS-2019-0917
|
YouPHPTube Encoder base64Url multiple command injections
|
2019-10-17
|
CVE-2019-5127 - CVE-2019-5129
|
10.0
|
|
TALOS-2019-0911
|
YouPHPTube /objects/pluginSwitch.json.php Multiple SQL Injection Vulnerabilities
|
2019-10-17
|
CVE-2019-5121 - CVE-2019-5123
|
7.4
|
|
TALOS-2019-0907
|
YouPHPTube /objects/videoAddNew.json.php SQL injection vulnerability
|
2019-10-17
|
CVE-2019-5116
|
7.4
|
|
TALOS-2019-0908
|
YouPHPTube /objects/subscribe.json.php SQL injection vulnerability
|
2019-10-17
|
CVE-2019-5117
|
7.4
|
|
TALOS-2019-0910
|
YouPHPTube /plugin/AD_Server/view/campaignsVideos.json.php id SQL injection vulnerability
|
2019-10-17
|
CVE-2019-5120
|
7.4
|
|
TALOS-2019-0860
|
Adobe Acrobat Reader DC text field value remote code execution vulnerability redux
|
2019-10-15
|
CVE-2019-8183
|
8.8
|
|
TALOS-2019-0814
|
NitroPDF jpeg2000 ssizDepth Remote Code Execution Vulnerability
|
2019-10-09
|
CVE-2019-5045
|
8.8
|
|
TALOS-2019-0815
|
NitroPDF jpeg2000 yTsiz Remote Code Execution Vulnerability
|
2019-10-09
|
CVE-2019-5046
|
8.8
|
|
TALOS-2019-0819
|
NitroPDF Page Kids Remote Code Execution Vulnerability
|
2019-10-09
|
CVE-2019-5050
|
8.8
|
|
TALOS-2019-0817
|
NitroPDF ICCBased Color Space Remote Code Execution Vulnerability
|
2019-10-09
|
CVE-2019-5048
|
8.8
|
|
TALOS-2019-0830
|
NitroPDF Stream Length Memory Corruption Vulnerability
|
2019-10-09
|
CVE-2019-5053
|
7.5
|
|
TALOS-2019-0816
|
NitroPDF CharProcs Remote Code Execution Vulnerability
|
2019-10-09
|
CVE-2019-5047
|
7.5
|
|
TALOS-2019-0866
|
Schneider Electric Modicon M580 UMAS REST API getcominfo denial-of-service vulnerability
|
2019-10-08
|
CVE-2019-6848
|
8.6
|
|
TALOS-2019-0823
|
Schneider Electric Modicon M580 FTP incomplete firmware update denial-of-service vulnerability
|
2019-10-08
|
CVE-2019-6842
|
4.9
|
|
TALOS-2019-0822
|
Schneider Electric Modicon M580 FTP firmware update loader service denial-of-service vulnerability
|
2019-10-08
|
CVE-2019-6841
|
4.9
|
|
TALOS-2019-0824
|
Schneider Electric Modicon M580 malformed firmware image FTP upgrade denial-of-service vulnerability
|
2019-10-08
|
CVE-2019-6843
|
4.9
|
|
TALOS-2019-0867
|
Schneider Electric Modicon M580 UMAS REST API getcominfo information disclosure vulnerability
|
2019-10-08
|
CVE-2019-6849
|
7.5
|
|
TALOS-2019-0847
|
Schneider Electric Modicon M580 outdated firmware image FTP upgrade denial-of-service vulnerability
|
2019-10-08
|
CVE-2019-6847
|
4.9
|
|
TALOS-2019-0826
|
Schneider Electric Modicon M580 UMAS cleartext data transmission vulnerability
|
2019-10-08
|
CVE-2019-6845
|
5.9
|
|
TALOS-2019-0827
|
Schneider Electric Modicon M580 FTP cleartext authentication vulnerability
|
2019-10-08
|
CVE-2019-6846
|
5.9
|
|
TALOS-2019-0851
|
Schneider Electric Modicon M580 TFTP server information disclosure vulnerability
|
2019-10-08
|
CVE-2019-6851
|
7.5
|
|
TALOS-2019-0825
|
Schneider Electric Modicon M580 Mismatched Firmware Image FTP Upgrade Denial of Service Vulnerability
|
2019-10-08
|
CVE-2019-6844
|
4.9
|
|
TALOS-2019-0868
|
Schneider Electric Modicon M580 UMAS REST API readbolarray information disclosure vulnerability
|
2019-10-08
|
CVE-2019-6850
|
7.5
|
|
TALOS-2019-0793
|
Foxit PDF Reader JavaScript Array.includes remote code execution vulnerability
|
2019-09-30
|
CVE-2019-5031
|
8.8
|
|
TALOS-2019-0887
|
E2fsprogs quotaio_tree.c report_tree() code execution vulnerability
|
2019-09-24
|
CVE-2019-5094
|
7.5
|
|
TALOS-2019-0809
|
Aspose.PDF for C++ Remote Code Execution Vulnerability
|
2019-09-17
|
CVE-2019-5042
|
8.8
|
|
TALOS-2019-0855
|
Aspose.PDF for C++ LZWDecode filter predictor remote code execution vulnerability
|
2019-09-17
|
CVE-2019-5066
|
9.8
|
|
TALOS-2019-0856
|
Aspose.PDF for C++ parent generation remote code execution vulnerability
|
2019-09-17
|
CVE-2019-5067
|
9.8
|
|
TALOS-2019-0835
|
Atlassian Jira CSRF Protections Bypass Vulnerability
|
2019-09-16
|
CVE-2019-14998
|
5.4
|
|
TALOS-2019-0839
|
Atlassian Jira issueTable username information disclosure vulnerability
|
2019-09-16
|
CVE-2019-8446
|
5.3
|
|
TALOS-2019-0840
|
Atlassian Jira Worklog Information Disclosure Vulnerability
|
2019-09-16
|
CVE-2019-8445
|
4.3
|
|
TALOS-2019-0837
|
Atlassian Jira issue attachment name information disclosure vulnerability
|
2019-09-16
|
CVE-2019-14995
|
5.3
|
|
TALOS-2019-0838
|
Atlassian Jira Tempo plugin issue summary information disclosure vulnerability
|
2019-09-16
|
CVE-2019-5095
|
4.3
|
|
TALOS-2019-0833
|
Atlassian Jira WikiRenderer parser XSS vulnerability
|
2019-09-16
|
CVE-2019-8444
|
7.4
|
|
TALOS-2019-0818
|
AMD ATI Radeon ATIDXX64.DLL shader functionality remote code execution vulnerability
|
2019-09-16
|
CVE-2019-5049
|
9.0
|
|
TALOS-2019-0836
|
Atlassian Jira Issue Key Information Disclosure Vulnerability
|
2019-09-16
|
CVE-2019-14995
|
5.3
|
|
TALOS-2019-0834
|
Atlassian Jira CSRF Login Vulnerability
|
2019-09-16
|
CVE-2019-15002
|
3.5
|
|
TALOS-2019-0831
|
NETGEAR N300 WNR2000v5 unauthenticated HTTP denial-of-service vulnerability
|
2019-09-09
|
CVE-2019-5054
|
7.5
|
|
TALOS-2019-0832
|
NETGEAR N300 WNR2000v5 unauthenticated host access point daemon denial-of-service vulnerability
|
2019-09-09
|
CVE-2019-5055
|
7.5
|
|
TALOS-2019-0854
|
Blynk inc. Blynk-Library BlynkProtocol<Transp>::processInput() information disclosure vulnerability
|
2019-09-04
|
CVE-2019-5065
|
5.3
|
|
TALOS-2019-0858
|
Epignosis eFront LMS PHP deserialization code execution vulnerability
|
2019-09-03
|
CVE-2019-5069
|
8.8
|
|
TALOS-2019-0859
|
Epignosis eFront LMS unauthenticated SQL injection vulnerability
|
2019-09-03
|
CVE-2019-5070
|
6.5
|
|
TALOS-2019-0805
|
Aspose Aspose.Words for C++ EnumMetaInfo Code Execution Vulnerability
|
2019-08-20
|
CVE-2019-5041
|
9.8
|
|
TALOS-2019-0795
|
Aspose Aspose.Cells for C++ Number Code Execution Vulnerability
|
2019-08-20
|
CVE-2019-5033
|
9.8
|
|
TALOS-2019-0794
|
Aspose Aspose.Cells for C++ LabelSst Code Execution Vulnerability
|
2019-08-20
|
CVE-2019-5032
|
9.8
|
|
TALOS-2019-0799
|
Nest Labs Nest Cam IQ Indoor Weave KeyError denial-of-service vulnerability
|
2019-08-19
|
CVE-2019-5036
|
7.5
|
|
TALOS-2019-0800
|
Nest Labs Nest Cam IQ Indoor WeaveCASEEngine::DecodeCertificateInfo denial-of-service vulnerability
|
2019-08-19
|
CVE-2019-5037
|
7.5
|
|
TALOS-2019-0803
|
Nest Labs Openweave Weave DecodeMessageWithLength Information Disclosure Vulnerability
|
2019-08-19
|
CVE-2019-5040
|
8.2
|
|
TALOS-2019-0810
|
Nest Labs Nest Cam IQ Indoor Weave TCP connection denial-of-service vulnerability
|
2019-08-19
|
CVE-2019-5043
|
5.3
|
|
TALOS-2019-0802
|
Nest Labs Openweave Weave ASN1Writer PutValue Code Execution Vulnerability
|
2019-08-19
|
CVE-2019-5039
|
7.5
|
|
TALOS-2019-0801
|
Nest Labs Openweave Weave tool Print-TLV code execution vulnerability
|
2019-08-19
|
CVE-2019-5038
|
7.5
|
|
TALOS-2019-0797
|
Nest Labs Nest Cam IQ Indoor Weave Legacy Pairing Information Disclosure Vulnerability
|
2019-08-19
|
CVE-2019-5034
|
5.3
|
|
TALOS-2019-0798
|
Nest Labs Nest Cam IQ Indoor Weave PASE pairing brute force vulnerability
|
2019-08-19
|
CVE-2019-5035
|
9.0
|
|
TALOS-2019-0806
|
Schneider Electric Modicon M580 UMAS Read System Coils and Registers Denial of Service Vulnerability
|
2019-08-13
|
CVE-2019-6828
|
7.5
|
|
TALOS-2018-0736
|
Schneider Electric Modicon M580 UMAS read strategy denial-of-service vulnerability
|
2019-08-13
|
CVE-2019-6809
|
7.5
|
|
TALOS-2019-0807
|
Schneider Electric Modicon M580 UMAS Function Code 0x29 Denial of Service Vulnerability
|
2019-08-13
|
CVE-2019-6829
|
7.5
|
|
TALOS-2019-0808
|
Schneider Electric Modicon M580 HTTP Request Denial of Service Vulnerability
|
2019-08-13
|
CVE-2019-6830
|
5.9
|
|
TALOS-2019-0829
|
MongoDB Server session reuse vulnerability
|
2019-08-06
|
CVE-2019-2386
|
7.1
|
|
TALOS-2019-0779
|
NVIDIA NVWGF2UMX_CFG.DLL shader functionality code execution vulnerability
|
2019-08-05
|
CVE‑2019‑5684
|
9.0
|
|
TALOS-2019-0812
|
NVIDIA NVWGF2UMX_CFG.DLL Shader functionality DCL_INDEXABLETEMP code execution vulnerability
|
2019-08-05
|
CVE-2019-5685
|
9.0
|
|
TALOS-2019-0813
|
NVIDIA NVWGF2UMX_CFG.DLL Shader functionality DCL_INDEXABLETEMP code execution vulnerability
|
2019-08-05
|
CVE-2019- 5685
|
9.0
|
|
TALOS-2019-0757
|
VMware Workstation 15 pixel shader functionality denial of service vulnerability
|
2019-08-05
|
CVE‑2019‑5521
|
6.5
|
|
TALOS-2019-0781
|
Yara Object Lookup Denial of Service Vulnerability
|
2019-07-30
|
CVE-2019-5020
|
6.5
|
|
TALOS-2019-0842
|
SDL_image XCF Image Code Execution Vulnerability
|
2019-07-29
|
CVE-2019-5058
|
8.8
|
|
TALOS-2019-0843
|
SDL_image XPM image color code code execution vulnerability
|
2019-07-29
|
CVE-2019-5059
|
8.8
|
|
TALOS-2019-0841
|
SDL_image PCX Image Code execution Vulnerability
|
2019-07-29
|
CVE-2019-5057
|
8.8
|
|
TALOS-2019-0844
|
SDL_image XPM image colorhash parsing Code Execution Vulnerability
|
2019-07-29
|
CVE-2019-5060
|
8.8
|
|
TALOS-2019-0820
|
Simple DirectMedia Layer SDL2_image IMG_LoadPCX_RW code execution vulnerability
|
2019-07-02
|
CVE-2019-5051
|
8.8
|
|
TALOS-2019-0821
|
Simple DirectMedia Layer SDL2_image IMG_LoadPCX_RW signed comparison code execution vulnerability
|
2019-07-02
|
CVE-2019-5052
|
8.8
|
|
TALOS-2019-0791
|
Google V8 Array.prototype Memory Corruption Vulnerability
|
2019-07-01
|
CVE-2019-5831
|
7.5
|
|
TALOS-2019-0776
|
KCodes NetUSB unauthenticated remote kernel information disclosure vulnerability
|
2019-06-17
|
CVE-2019-5017
|
5.8
|
|
TALOS-2019-0775
|
KCodes NetUSB unauthenticated remote kernel arbitrary memory read vulnerability
|
2019-06-14
|
CVE-2019-5016
|
10.0
|
|
TALOS-2018-0742
|
Schneider Electric Modicon M580 UMAS Strategy File Write Vulnerability
|
2019-06-10
|
CVE-2018-7847
|
9.8
|
|
TALOS-2019-0768
|
Schneider Electric Modicon M580 UMAS write system coils and holding registers denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7857
|
7.5
|
|
TALOS-2018-0738
|
Schneider Electric Modicon M580 UMAS memory block read denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7843
|
7.5
|
|
TALOS-2019-0765
|
Schneider Electric Modicon M580 UMAS function code 0x65 denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7854
|
7.5
|
|
TALOS-2019-0764
|
Schneider Electric Modicon M580 UMAS function code 0x28 denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7853
|
7.5
|
|
TALOS-2018-0740
|
Schneider Electric Modicon M580 UMAS strategy read information disclosure vulnerability
|
2019-06-10
|
CVE-2018-7848
|
7.5
|
|
TALOS-2018-0741
|
Schneider Electric Modicon M580 UMAS Improper Authentication Vulnerability
|
2019-06-10
|
CVE-2018-7842
|
7.5
|
|
TALOS-2018-0737
|
Schneider Electric Modicon M580 UMAS strategy transfer denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7849
|
7.5
|
|
TALOS-2019-0763
|
Schneider Electric Modicon M580 UMAS function code 0x6d multiple denial-of-service vulnerabilities
|
2019-06-10
|
CVE-2018-7852
|
7.5
|
|
TALOS-2018-0735
|
Schneider Electric Modicon M580 UMAS release reservation denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7846
|
5.3
|
|
TALOS-2018-0745
|
Schneider Electric Modicon M580 UMAS Read Memory Block Out Of Bounds Information Disclosure Vulnerability
|
2019-06-10
|
CVE-2018-7845
|
7.5
|
|
TALOS-2019-0766
|
Schneider Electric Modicon M580 UMAS set breakpoint denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7855
|
7.5
|
|
TALOS-2018-0743
|
Schneider Electric Modicon M580 UnityPro reliance on untrusted inputs vulnerability
|
2019-06-10
|
CVE-2018-7850
|
7.5
|
|
TALOS-2018-0739
|
Schneider Electric Modicon M580 UMAS read memory block information disclosure vulnerability
|
2019-06-10
|
CVE-2018-7844
|
7.5
|
|
TALOS-2019-0767
|
Schneider Electric Modicon M580 UMAS memory block write denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7856
|
7.5
|
|
TALOS-2019-0770
|
Schneider Electric Modicon M580 UMAS write system bits and blocks denial-of-service vulnerability
|
2019-06-10
|
CVE-2019-6807
|
7.5
|
|
TALOS-2019-0771
|
Schneider Electric UnityPro PLC simulator remote code execution vulnerability
|
2019-06-10
|
CVE-2019-6808
|
10.0
|
|
TALOS-2019-0769
|
Schneider Electric Modicon M580 UMAS read system blocks and bits information disclosure vulnerability
|
2019-06-10
|
CVE-2019-6806
|
7.5
|
|
TALOS-2019-0846
|
Jenkins Artifactory Plugin fillCredentialsIdItems information disclosure vulnerability
|
2019-06-04
|
CVE-2019-10323
|
4.3
|
|
TALOS-2019-0787
|
Jenkins Artifactory Plugin information disclosure vulnerability
|
2019-06-04
|
CVE-2019-10321 - CVE-2019-10322
|
7.7
|
|
TALOS-2019-0784
|
PaX read_kmem denial of service vulnerability
|
2019-05-29
|
CVE-2019-5023
|
5.3
|
|
TALOS-2019-0761
|
Wacom update helper tool start/stopLaunchDProcess privilege escalation vulnerability
|
2019-05-16
|
CVE-2019-5013
|
7.1
|
|
TALOS-2019-0760
|
Wacom update helper tool startProcess privilege escalation vulnerability
|
2019-05-16
|
CVE-2019-5012
|
7.8
|
|
TALOS-2019-0778
|
Adobe Acrobat Reader DC OCGs state change remote code execution vulnerability
|
2019-05-14
|
CVE-2019-7761
|
8.8
|
|
TALOS-2019-0796
|
Adobe Acrobat Reader DC app.thermometer Remote Code Execution Vulnerability
|
2019-05-14
|
CVE-2019-7831
|
8.0
|
|
TALOS-2019-0792
|
Antenna House Rainbow PDF Office server document converter TxMasterStyleAtom parsing code execution vulnerability
|
2019-05-14
|
CVE-2019-5030
|
8.8
|
|
TALOS-2018-0687
|
Anker Roav A1 Dashcam HTTP Path Overflow Code Execution Vulnerability
|
2019-05-13
|
CVE-2018-4016
|
8.0
|
|
TALOS-2018-0698
|
Novatek NT9665X XML_GetScreen Strncmp denial-of-service vulnerability
|
2019-05-13
|
CVE-2018-4026
|
7.5
|
|
TALOS-2018-0685
|
Anker Roav A1 Dashcam WifiCmd 9999 Code Execution Vulnerability
|
2019-05-13
|
CVE-2018-4014
|
8.0
|
|
TALOS-2018-0700
|
Novatek NT9665X HFS Overwrite denial-of-service vulnerability
|
2019-05-13
|
CVE-2018-4028
|
5.3
|
|
TALOS-2018-0701
|
Novatek NT9665X HFS Recv buffer overflow code execution vulnerability
|
2019-05-13
|
CVE-2018-4029
|
10.0
|
|
TALOS-2018-0689
|
Novatek NT9665X HTTP Upload Firmware Update Vulnerability
|
2019-05-13
|
CVE-2018-4018
|
10.0
|
|
TALOS-2018-0696
|
Novatek NT9665X XML_GetThumbNail denial-of-service vulnerability
|
2019-05-13
|
CVE-2018-4024
|
7.5
|
|
TALOS-2018-0697
|
Novatek NT9665X XML_GetRawEncJpg denial-of-service vulnerability
|
2019-05-13
|
CVE-2018-4025
|
7.5
|
|
TALOS-2018-0695
|
Novatek NT9665X XML_UploadFile path overflow code execution vulnerability
|
2019-05-13
|
CVE-2018-4023
|
10.0
|
|
TALOS-2018-0688
|
Anker Roav A1 Dashcam Wifi AP Default Credential Vulnerability
|
2019-05-13
|
CVE-2018-4017
|
7.1
|
|
TALOS-2018-0699
|
Novatek NT9665X XML_UploadFile WifiCmd denial-of-service vulnerability
|
2019-05-13
|
CVE-2018-4027
|
5.3
|
|
TALOS-2019-0777
|
Sqlite3 Window Function Remote Code Execution Vulnerability
|
2019-05-09
|
CVE-2019-5018
|
8.1
|
|
TALOS-2019-0772
|
Winco Fireworks FireFly Bluetooth Low Energy Improper Access Control Vulnerability
|
2019-05-08
|
CVE-2019-5014
|
6.5
|
|
TALOS-2019-0782
|
Alpine Linux Docker Image root User Hard-Coded Credential Vulnerability
|
2019-05-08
|
CVE-2019-5021
|
9.8
|
|
TALOS-2019-0786
|
Jenkins Ansible Tower Plugin information disclosure vulnerability
|
2019-05-06
|
CVE-2019-10310
|
7.7
|
|
TALOS-2019-0788
|
Jenkins GitLab Plugin Information Disclosure Vulnerability
|
2019-05-06
|
CVE-2019-10300
|
7.7
|
|
TALOS-2019-0783
|
Jenkins Swarm Plugin XML external entities information disclosure vulnerability
|
2019-05-06
|
CVE-2019-10309
|
6.1
|
|
TALOS-2018-0747
|
Sierra Wireless AirLink ES450 SNMPD hard-coded credentials vulnerability
|
2019-04-25
|
CVE-2018-4062
|
7.7
|
|
TALOS-2018-0752
|
Sierra Wireless AirLink ES450 ACEManager template_load.cgi Information Disclosure Vulnerability
|
2019-04-25
|
CVE-2018-4067
|
5.0
|
|
TALOS-2018-0751
|
Sierra Wireless AirLink ES450 ACEManager Cross-Site Request Forgery Vulnerability
|
2019-04-25
|
CVE-2018-4066
|
6.4
|
|
TALOS-2018-0754
|
Sierra Wireless AirLink ES450 ACEManager Information Exposure Vulnerability
|
2019-04-25
|
CVE-2018-4069
|
5.9
|
|
TALOS-2018-0756
|
Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Set_Task.cgi Permission Assignment Vulnerability
|
2019-04-25
|
CVE-2018-4072, CVE-2018-4073
|
9.9
|
|
TALOS-2018-0749
|
Sierra Wireless AirLink ES450 ACEManager upload.cgi Unverified Password Change Vulnerability
|
2019-04-25
|
CVE-2018-4064
|
8.5
|
|
TALOS-2018-0753
|
Sierra Wireless AirLink ES450 ACEManager Information Disclosure Vulnerability
|
2019-04-25
|
CVE-2018-4068
|
5.3
|
|
TALOS-2018-0746
|
Sierra Wireless AirLink ES450 ACEManager iplogging.cgi command injection vulnerability
|
2019-04-25
|
CVE-2018-4061
|
9.9
|
|
TALOS-2018-0750
|
Sierra Wireless AirLink ES450 ACEManager ping_result.cgi Cross-Site Scripting Vulnerability
|
2019-04-25
|
CVE-2018-4065
|
6.1
|
|
TALOS-2018-0748
|
Sierra Wireless AirLink ES450 ACEManager upload.cgi Remote Code Execution Vulnerability
|
2019-04-25
|
CVE-2018-4063
|
9.9
|
|
TALOS-2018-0755
|
Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Get_Task.cgi Information Disclosure Vulnerability
|
2019-04-25
|
CVE-2018-4070, CVE-2018-4071
|
7.7
|
|
TALOS-2018-0693
|
Symantec Endpoint Protection Small Business Edition ccSetx86.sys 0x224844 kernel memory information disclosure vulnerability
|
2019-04-23
|
CVE-2018-18366
|
4.3
|
|
TALOS-2018-0675
|
Shimo VPN helper tool writeConfig privilege escalation vulnerability
|
2019-04-15
|
CVE-2018-4006
|
9.3
|
|
TALOS-2018-0674
|
Shimo VPN helper tool configureRoutingWithCommand privilege escalation vulnerability
|
2019-04-15
|
CVE-2018-4005
|
9.3
|
|
TALOS-2018-0677
|
Shimo VPN helper tool RunVpncScript privilege escalation vulnerability
|
2019-04-15
|
CVE-2018-4008
|
9.3
|
|
TALOS-2019-0762
|
VMware Workstation 15 vertex shader functionality denial-of-service vulnerability
|
2019-04-15
|
CVE-2019-5516
|
6.5
|
|
TALOS-2018-0678
|
Shimo VPN helper tool code-signing privilege escalation vulnerability
|
2019-04-15
|
CVE-2018-4009
|
8.8
|
|
TALOS-2018-0673
|
Shimo VPN Helper Tool disconnectService denial-of-service vulnerability
|
2019-04-15
|
CVE-2018-4004
|
7.1
|
|
TALOS-2018-0676
|
Shimo VPN helper tool deleteConfig denial-of-service vulnerability
|
2019-04-15
|
CVE-2018-4007
|
9.0
|
|
TALOS-2019-0774
|
Adobe Acrobat Reader DC text field value remote code execution vulnerability — redux
|
2019-04-09
|
CVE-2019-7125
|
8.8
|
|
TALOS-2019-0785
|
Capsule Technologies SmartLinx Neuron 2 restricted environment protection mechanism failure vulnerability
|
2019-04-08
|
CVE-2019-5024
|
7.6
|
|
TALOS-2018-0640
|
GOG Galaxy service insecure file permissions local privilege elevation vulnerability
|
2019-03-26
|
CVE-2018-3974
|
9.3
|
|
TALOS-2018-0724
|
GOG Galaxy Games changeFolderPermissionsAtPath privilege escalation vulnerability
|
2019-03-26
|
CVE-2018-4050
|
7.1
|
|
TALOS-2018-0647
|
Nouveau Display Driver Remote Denial of Service
|
2019-03-26
|
CVE-2018-3979
|
7.4
|
|
TALOS-2018-0725
|
GOG Galaxy Games createFolderAtPath privilege escalation vulnerability
|
2019-03-26
|
CVE-2018-4051
|
7.1
|
|
TALOS-2018-0722
|
GOG Galaxy updater temp directory insecure file permissions local privilege elevation vulnerability
|
2019-03-26
|
CVE-2018-4048
|
9.3
|
|
TALOS-2018-0726
|
GOG Galaxy Games fillProcessInformationForPids information leak vulnerability
|
2019-03-26
|
CVE-2018-4052
|
6.2
|
|
TALOS-2018-0723
|
GOG Galaxy Games directory insecure file permissions local privilege elevation vulnerability
|
2019-03-26
|
CVE-2018-4049
|
9.3
|
|
TALOS-2018-0727
|
GOG Galaxy Games privileged helper denial-of-service vulnerability
|
2019-03-26
|
CVE-2018-4053
|
6.2
|
|
TALOS-2018-0672
|
CUJO Smart Firewall mdnscap mDNS character-strings code execution vulnerability
|
2019-03-19
|
CVE-2018-4003
|
8.3
|
|
TALOS-2018-0634
|
CUJO Smart Firewall dhcpd.conf verified boot bypass
|
2019-03-19
|
CVE-2018-3969
|
8.2
|
|
TALOS-2018-0633
|
Das U-Boot verified boot bypass
|
2019-03-19
|
CVE-2018-3968
|
8.2
|
|
TALOS-2018-0627
|
CUJO Smart Firewall static DHCP hostname command injection vulnerability
|
2019-03-19
|
CVE-2018-3963
|
9.0
|
|
TALOS-2018-0702
|
CUJO Smart Firewall safe browsing Host header-parsing firewall bypass vulnerability
|
2019-03-19
|
CVE-2018-4030
|
5.3
|
|
TALOS-2018-0671
|
CUJO Smart Firewall mdnscap mDNS label compression denial-of-service vulnerability
|
2019-03-19
|
CVE-2018-4002
|
5.3
|
|
TALOS-2018-0681
|
CUJO Smart Firewall mdnscap mDNS SRV record denial-of-service vulnerability
|
2019-03-19
|
CVE-2018-4011
|
6.5
|
|
TALOS-2018-0653
|
CUJO Smart Firewall mdnscap mDNS record parsing code execution vulnerability
|
2019-03-19
|
CVE-2018-3985
|
8.3
|
|
TALOS-2018-0703
|
CUJO Smart Firewall threatd hostname reputation check code execution vulnerability
|
2019-03-19
|
CVE-2018-4031
|
9.0
|
|
TALOS-2019-0759
|
CleanMyMac X incomplete update patch privilege escalation vulnerability
|
2019-03-11
|
CVE-2019-5011
|
7.1
|
|
TALOS-2019-0898
|
WAGO e!Cockpit authentication hard-coded encryption key vulnerability
|
2019-03-09
|
CVE-2019-5106
|
6.2
|
|
TALOS-2019-0961
|
WAGO PFC200 iocheckd service "I/O-Check" cache DNS code execution vulnerability
|
2019-03-09
|
CVE-2019-5166
|
8.8
|
|
TALOS-2019-0951
|
WAGO e!COCKPIT Firmware Downgrade Vulnerability
|
2019-03-09
|
CVE-2019-5158
|
8.6
|
|
TALOS-2019-0773
|
Pixar Renderman Install Helper Privilege Escalation Vulnerability
|
2019-03-07
|
CVE-2019-5015
|
9.0
|
|
TALOS-2019-0780
|
Antenna House Rainbow PDF Office server document converter getSummaryInformation NumProperties code execution vulnerability
|
2019-02-28
|
CVE-2019-5019
|
8.8
|
|
TALOS-2017-0509
|
McAfee GetSusp VersionInfo Parsing Denial of Service Vulnerability
|
2019-02-20
|
CVE-2018-6687
|
6.5
|
|
TALOS-2018-0670
|
AutoDesk AutoCAD 2019 DXF-parsing code execution vulnerability
|
2019-02-14
|
CVE-2019-7358
|
8.8
|
|
TALOS-2018-0682
|
AutoDesk AutoCAD 2019 LinetypeTableRecord Code Execution Vulnerability
|
2019-02-14
|
CVE-2019-7360
|
8.8
|
|
TALOS-2018-0680
|
AutoDesk AutoCAD 2019 cell margin code execution vulnerability
|
2019-02-14
|
CVE-2019-7359
|
8.8
|
|
TALOS-2018-0714
|
Adobe Acrobat Reader DC text field "comb" property remote code execution vulnerability
|
2019-02-12
|
CVE-2019-7039
|
8.8
|
|
TALOS-2018-0655
|
Rakuten Viber Android Secret Chats Information Disclosure Vulnerability
|
2019-02-07
|
CVE-2018-3987
|
4.2
|
|
TALOS-2018-0642
|
ACD Systems Canvas Draw 5 IO metadata out-of-bounds write code execution vulnerability
|
2019-01-30
|
CVE-2018-3976
|
8.8
|
|
TALOS-2018-0649
|
ACD Systems Canvas Draw 5 Resolution_Set out-of-bounds write code execution vulnerability
|
2019-01-30
|
CVE-2018-3981
|
8.8
|
|
TALOS-2018-0638
|
ACD Systems Canvas Draw 4 FillSpan Out of Bounds Write Code Execution Vulnerability
|
2019-01-30
|
CVE-2018-3973
|
8.8
|
|
TALOS-2018-0648
|
ACD Systems Canvas Draw 5 huff table out-of-bounds write code execution vulnerability
|
2019-01-30
|
CVE-2018-3980
|
8.8
|
|
TALOS-2019-0758
|
Python.org CPython X509 certificate parsing denial-of-service vulnerability
|
2019-01-28
|
CVE-2019-5010
|
5.9
|
|
TALOS-2018-0659
|
WIBU-SYSTEMS WibuKey network server management WkbProgramLow remote code execution vulnerability
|
2019-01-28
|
CVE-2018-3991
|
10.0
|
|
TALOS-2018-0658
|
WIBU-SYSTEMS WibuKey.sys 0x8200E804 pool corruption privilege escalation vulnerability
|
2019-01-28
|
CVE-2018-3990
|
9.3
|
|
TALOS-2018-0657
|
WIBU-SYSTEMS WibuKey.sys 0x8200E804 kernel memory information disclosure vulnerability
|
2019-01-28
|
CVE-2018-3989
|
4.3
|
|
TALOS-2019-0919
|
Bitdefender BOX 2 bootstrap download_image command injection vulnerability
|
2019-01-21
|
CVE-2019-17095, CVE-2019-17096
|
9.0
|
|
TALOS-2019-0918
|
Bitdefender BOX 2 bootstrap update_setup command execution vulnerability
|
2019-01-21
|
CVE-2019-17102
|
9.0
|
|
TALOS-2018-0728
|
Pixar Renderman install helper privilege escalation vulnerability
|
2019-01-14
|
CVE-2018-4054
|
9.0
|
|
TALOS-2018-0729
|
Pixar Renderman Install Helper Arbitrary File Read Privilege Escalation Vulnerability
|
2019-01-14
|
CVE-2018-4055
|
7.1
|
|
TALOS-2018-0615
|
Apple IntelHD5000 Graphics Process Token Privilege Escalation Vulnerability
|
2019-01-08
|
CVE-2018-4421
|
8.8
|
|
TALOS-2018-0614
|
Apple IntelHD5000 Graphics Delete Resource Privilege Escalation Vulnerability
|
2019-01-03
|
CVE-2018-4456, CVE-2018-4451
|
8.8
|
|
TALOS-2018-0626
|
Foxit PDF Reader XFA xdpContent information leak vulnerability
|
2019-01-03
|
CVE-2018-3956
|
6.8
|
|
TALOS-2018-0706
|
CleanMyMac X moveToTrashItemAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4033
|
7.1
|
|
TALOS-2018-0720
|
Clean My Mac X pleaseTerminate denial-of-service vulnerability
|
2019-01-02
|
CVE-2018-4046
|
7.1
|
|
TALOS-2018-0721
|
Clean My Mac X disableLaunchdAgentAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4047
|
7.1
|
|
TALOS-2018-0716
|
Clean My Mac X removeLaunchdAgentAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4042
|
7.1
|
|
TALOS-2018-0718
|
Clean My Mac X removePackageWithID privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4044
|
7.1
|
|
TALOS-2018-0715
|
Clean My Mac X enableLaunchdAgentAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4041
|
7.1
|
|
TALOS-2018-0709
|
CleanMyMac X removeKextAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4036
|
7.1
|
|
TALOS-2018-0717
|
Clean My Mac X removeASL Privilege Escalation Vulnerability
|
2019-01-02
|
CVE-2018-4043
|
7.1
|
|
TALOS-2018-0719
|
Clean My Mac X securelyRemoveItemAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4045
|
7.1
|
|
TALOS-2018-0705
|
CleanMyMac X moveItemAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4032
|
7.1
|
|
TALOS-2018-0707
|
CleanMyMac X removeItemAtPath Privilege Escalation Vulnerability
|
2019-01-02
|
CVE-2018-4034
|
7.1
|
|
TALOS-2018-0710
|
CleanMyMac X removeDiagnosticLogs privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4037
|
7.1
|
|
TALOS-2018-0708
|
CleanMyMac X truncateFileAtPath Privilege Escalation Vulnerability
|
2019-01-02
|
CVE-2018-4035
|
7.1
|
|
TALOS-2018-0654
|
Telegram Android Secret Chats Information Disclosure Vulnerability
|
2018-12-21
|
CVE-2018-3986
|
4.2
|
|
TALOS-2018-0683
|
Webroot BrightCloud SDK HTTP headers-parsing code execution vulnerability
|
2018-12-17
|
CVE-2018-4012
|
9.0
|
|
TALOS-2018-0686
|
Webroot BrightCloud SDK HTTP connection unsafe defaults vulnerability
|
2018-12-17
|
CVE-2018-4015
|
8.1
|
|
TALOS-2018-0704
|
Adobe Acrobat Reader DC Text Field Value Remote Code Execution Vulnerability
|
2018-12-11
|
CVE-2018-19716
|
8.8
|
|
TALOS-2018-0643
|
Facebook WhatsApp Desktop Multiple Web Connection Notice Bypass Vulnerability
|
2018-12-10
|
--
|
6.0
|
|
TALOS-2018-0656
|
Signal Messenger Android self deleting messages Information Disclosure Vulnerability
|
2018-12-06
|
CVE-2018-3988
|
3.3
|
|
TALOS-2018-0690
|
Netgate pfSense system_advanced_misc.php multiple remote command injection vulnerabilities
|
2018-12-03
|
CVE-2018-4019, CVE-2018-4020, CVE-2018-4021
|
7.2
|
|
TALOS-2018-0713
|
Atlantis Word Processor rich text format uninitialized TAutoList remote code execution vulnerability
|
2018-11-20
|
CVE-2018-4040
|
8.8
|
|
TALOS-2018-0712
|
Atlantis Word Processor Huffman table code length remote code execution vulnerability
|
2018-11-20
|
CVE-2018-4039
|
8.8
|
|
TALOS-2018-0711
|
Atlantis Word Processor open document format unchecked NewAnsiString length remote code execution vulnerability
|
2018-11-20
|
CVE-2018-4038
|
8.8
|
|
TALOS-2018-0619
|
TP-Link TL-R600VPN HTTP server ping address remote code execution vulnerability
|
2018-11-19
|
CVE-2018-3950
|
7.2
|
|
TALOS-2018-0618
|
TP-Link TL-R600VPN HTTP server information disclosure vulnerability
|
2018-11-19
|
CVE-2018-3949
|
7.5
|
|
TALOS-2018-0617
|
TP-Link TL-R600VPN HTTP server denial-of-service vulnerability
|
2018-11-19
|
CVE-2018-3948
|
7.5
|
|
TALOS-2018-0620
|
TP-Link TL-R600VPN HTTP Server fs directory Remote Code Execution Vulnerability
|
2018-11-19
|
CVE-2018-3951
|
7.2
|
|
TALOS-2018-0565
|
Yi Technology Home Camera 27US Firmware Update Code Execution Vulnerability
|
2018-10-31
|
CVE-2018-3890
|
7.6
|
|
TALOS-2018-0580
|
Yi Technology Home Camera 27US cloudAPI SSID Code Execution Vulnerability
|
2018-10-31
|
CVE-2018-3910
|
8.8
|
|
TALOS-2018-0572
|
Yi Technology Home Camera 27US QR Code Base64 Code Execution Vulnerability
|
2018-10-31
|
CVE-2018-3900
|
9.1
|
|
TALOS-2018-0566
|
Yi Technology Home Camera 27US Firmware Downgrade Vulnerability
|
2018-10-31
|
CVE-2018-3891
|
5.7
|
|
TALOS-2018-0571
|
Yi Technology Home Camera 27US QR Code trans_info Code Execution Vulnerability
|
2018-10-31
|
CVE-2018-3898, CVE-2018-3899
|
8.3
|
|
TALOS-2018-0645
|
Simple DirectMedia Layer SDL2_Image do_layer_surface code execution vulnerability
|
2018-10-31
|
CVE-2018-3977
|
8.8
|
|
TALOS-2018-0567
|
Yi Technology Home Camera 27US TimeSync Code Execution Vulnerability
|
2018-10-31
|
CVE-2018-3892
|
9.6
|
|
TALOS-2018-0584
|
Yi Technology Home Camera 27US Firmware 7z CRC Collision Vulnerability
|
2018-10-31
|
CVE-2018-3920
|
7.6
|
|
TALOS-2018-0602
|
Yi Technology Home Camera 27US CRCDec denial-of-service vulnerability
|
2018-10-31
|
CVE-2018-3935
|
7.5
|
|
TALOS-2018-0595
|
Yi Technology Home Camera 27US notice_to denial-of-service vulnerability
|
2018-10-31
|
CVE-2018-3928
|
7.5
|
|
TALOS-2018-0616
|
Yi Technology Home Camera 27US p2p_tnp cleartext data transmission vulnerability
|
2018-10-31
|
CVE-2018-3947
|
9.0
|
|
TALOS-2018-0601
|
Yi Technology Home Camera 27US nonce reuse authentication bypass vulnerability
|
2018-10-31
|
CVE-2018-3934
|
9.0
|
|
TALOS-2018-0694
|
MKVToolNix MKVINFO read_one_element code execution vulnerability
|
2018-10-26
|
CVE-2018-4022
|
7.3
|
|
TALOS-2018-0636
|
Sophos HitmanPro.Alert hmpalert 0x2222CC privilege escalation vulnerability
|
2018-10-25
|
CVE-2018-3971
|
9.3
|
|
TALOS-2018-0635
|
Sophos HitmanPro.Alert hmpalert 0x222000 kernel memory disclosure vulnerability
|
2018-10-25
|
CVE-2018-3970
|
4.0
|
|
TALOS-2018-0684
|
Live Networks LIVE555 streaming media RTSPServer lookForHeader code execution vulnerability
|
2018-10-18
|
CVE-2018-4013
|
10.0
|
|
TALOS-2018-0625
|
Linksys ESeries multiple OS command injection vulnerabilities
|
2018-10-16
|
CVE-2018-3953, CVE-2018-3954, CVE-2018-3955
|
7.2
|
|
TALOS-2018-0644
|
Microsoft WindowsCodecs.dll SniffAndConvertToWideString information leak vulnerability
|
2018-10-10
|
CVE-2018-8506
|
5.3
|
|
TALOS-2018-0537
|
Intuit Quicken Deluxe 2018 for Mac Password Protection Authentication Bypass Vulnerability
|
2018-10-09
|
CVE-2018-3854
|
7.1
|
|
TALOS-2018-0579
|
Intel Unified Shader Compiler for Intel Graphics Accelerator Remote Denial Of Service
|
2018-10-09
|
CVE-2018-12154
|
6.5
|
|
TALOS-2018-0533
|
Intel Unified Shader Compiler for Intel Graphics Accelerator Pointer Corruption
|
2018-10-09
|
CVE-2018-12152
|
9.0
|
|
TALOS-2018-0589
|
VMware Workstation 14 Shader Functionality Assert Denial Of Service
|
2018-10-09
|
CVE-2018-6977
|
6.5
|
|
TALOS-2018-0568
|
Intel Unified Shader Compiler for Intel Graphics Accelerator Remote Denial Of Service
|
2018-10-09
|
CVE-2018-12153
|
7.7
|
|
TALOS-2018-0639
|
Google PDFium JBIG2 image ComposeToOpt2WithRect information disclosure vulnerability
|
2018-10-03
|
CVE-2018-16076
|
5.9
|
|
TALOS-2018-0623
|
Adobe Acrobat Reader DC collab review server remote code execution vulnerability
|
2018-10-02
|
CVE-2018-12852
|
6.8
|
|
TALOS-2018-0668
|
Atlantis Word Processor Office Open XML TTableRow double free code execution vulnerability
|
2018-10-01
|
CVE-2018-4000
|
8.8
|
|
TALOS-2018-0611
|
Foxit PDF Reader JavaScript JSON.Stringify this remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3944
|
8.0
|
|
TALOS-2018-0607
|
Foxit PDF Reader Javascript removeDataObject Remote Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3940
|
8.0
|
|
TALOS-2018-0610
|
Foxit PDF Reader JavaScript getPageBox remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3943
|
8.0
|
|
TALOS-2018-0651
|
Atlantis Word Processor empty TTableRow TList code execution vulnerability
|
2018-10-01
|
CVE-2018-3983
|
8.8
|
|
TALOS-2018-0661
|
Foxit PDF Reader Javascript Optional Content Group Remote Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3993
|
8.0
|
|
TALOS-2018-0608
|
Foxit PDF Reader JavaScript getNthFieldName remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3941
|
8.0
|
|
TALOS-2018-0613
|
Foxit PDF Reader JavaScript getPageNthWord remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3946
|
8.0
|
|
TALOS-2018-0669
|
Atlantis Word Processor Office Open XML uninitialized TTableRow code execution vulnerability
|
2018-10-01
|
CVE-2018-4001
|
8.8
|
|
TALOS-2018-0612
|
Foxit PDF Reader Javascript JSON.Stringify this.info Remote Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3945
|
8.0
|
|
TALOS-2018-0609
|
Foxit PDF Reader JavaScript getPageRotation remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3942
|
8.0
|
|
TALOS-2018-0666
|
Atlantis Word Processor Windows Enhanced Metafile Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3998
|
8.8
|
|
TALOS-2018-0650
|
Atlantis Word Processor document endnote reference code execution vulnerability
|
2018-10-01
|
CVE-2018-3982
|
8.8
|
|
TALOS-2018-0667
|
Atlantis Word Processor JPEG length underflow code execution vulnerability
|
2018-10-01
|
CVE-2018-3999
|
8.8
|
|
TALOS-2018-0631
|
Foxit PDF Reader JavaScript this.dataObjects remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3966
|
8.0
|
|
TALOS-2018-0662
|
Foxit PDF Reader Javascript importDataObject Remote Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3994
|
8.0
|
|
TALOS-2018-0665
|
Foxit PDF Reader JavaScript field object signatureGetSeedValue remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3997
|
8.0
|
|
TALOS-2018-0629
|
Foxit PDF Reader JavaScript getPageNumWords remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3964
|
8.0
|
|
TALOS-2018-0652
|
Atlantis Word Processor Word document paragraph property (0xD608) sprmTDefTable uninitialized length code execution vulnerability
|
2018-10-01
|
CVE-2018-3984
|
8.8
|
|
TALOS-2018-0646
|
Atlantis Word Processor Word Document Complex Piece Descriptor Table Fc.Compressed Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3978
|
8.8
|
|
TALOS-2018-0630
|
Foxit PDF Reader JavaScript this.bookmarkRoot.children remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3965
|
8.0
|
|
TALOS-2018-0628
|
Foxit PDF Reader JavaScript this.info multiple remote code execution vulnerabilities
|
2018-10-01
|
CVE-2018-3957, CVE-2018-3958, CVE-2018-3959, CVE-2018-3960, CVE-2018-3961, CVE-2018-3962
|
8.0
|
|
TALOS-2018-0641
|
Atlantis Word Processor uninitialized TDocOleObject code execution vulnerability
|
2018-10-01
|
CVE-2018-3975
|
7.5
|
|
TALOS-2018-0660
|
Foxit PDF Reader JavaScript page change remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3992
|
8.0
|
|
TALOS-2018-0663
|
Foxit PDF Reader JavaScript Field object signatureInfo remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3995
|
8.0
|
|
TALOS-2018-0632
|
Foxit PDF Reader JavaScript this.event.target Remote Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3967
|
8.0
|
|
TALOS-2018-0664
|
Foxit PDF Reader JavaScript field object isDefaultChecked remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3996
|
8.0
|
|
TALOS-2018-0637
|
Epee Levin Packet Deserialization Code Execution Vulnerability
|
2018-09-25
|
CVE-2018-3972
|
10.0
|
|
TALOS-2018-0622
|
NordVPN VPN client connect privilege escalation vulnerability
|
2018-09-07
|
CVE-2018-3952
|
8.8
|
|
TALOS-2018-0679
|
ProtonVPN VPN client connect privilege escalation vulnerability
|
2018-09-07
|
CVE-2018-4010
|
8.8
|
|
TALOS-2018-0560
|
ERPNext SQL Injection Vulnerabilities
|
2018-09-05
|
CVE-2018-3882, CVE-2018-3883, CVE-2018-3884, CVE-2018-3885
|
5.4
|
|
TALOS-2018-0554
|
Samsung SmartThings Hub video-core credentials videoHostUrl Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3872
|
9.9
|
|
TALOS-2018-0548
|
Samsung SmartThings Hub video-core samsungWifiScan Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3863, CVE-2018-3864, CVE-2018-3865, CVE-2018-3866
|
9.9
|
|
TALOS-2018-0577
|
Samsung SmartThings Hub video-core REST Request Parser HTTP Pipelining Injection Vulnerabilities
|
2018-07-26
|
CVE-2018-3907, CVE-2018-3908, CVE-2018-3909
|
9.1
|
|
TALOS-2018-0549
|
Samsung SmartThings Hub video-core samsungWifiScan Callback Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3867
|
9.9
|
|
TALOS-2018-0575
|
Samsung SmartThings Hub video-core Camera Creation Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3905
|
8.5
|
|
TALOS-2018-0556
|
Samsung SmartThings Hub video-core credentials Parsing SQL Injection Vulnerability
|
2018-07-26
|
CVE-2018-3879
|
8.8
|
|
TALOS-2018-0539
|
Samsung SmartThings Hub video-core RTSP Configuration Command Injection Vulnerability
|
2018-07-26
|
CVE-2018-3856
|
9.9
|
|
TALOS-2018-0573
|
Samsung SmartThings Hub video-core Camera URL Replace Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3902
|
9.9
|
|
TALOS-2018-0557
|
Samsung SmartThings Hub video-core Database find-by-cameraId Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3880
|
8.2
|
|
TALOS-2018-0578
|
Samsung SmartThings Hub hubCore Port 39500 HTTP Header Injection Vulnerability
|
2018-07-26
|
CVE-2018-3911
|
8.6
|
|
TALOS-2018-0583
|
Samsung SmartThings Hub video-core Database clips Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3919
|
7.5
|
|
TALOS-2018-0576
|
Samsung SmartThings Hub video-core Database shard.videoHostURL Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3906
|
7.5
|
|
TALOS-2018-0581
|
Samsung SmartThings Hub video-core database shard code execution vulnerabilities
|
2018-07-26
|
CVE-2018-3912, CVE-2018-3913, CVE-2018-3914, CVE-2018-3915, CVE-2018-3916, CVE-2018-3917
|
7.5
|
|
TALOS-2018-0570
|
Samsung SmartThings Hub video-core clips Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3893, CVE-2018-3894, CVE-2018-3895, CVE-2018-3896, CVE-2018-3897
|
9.9
|
|
TALOS-2018-0574
|
Samsung SmartThings Hub video-core Camera Update Code Execution Vulnerabilities
|
2018-07-26
|
CVE-2018-3903, CVE-2018-3904
|
9.9
|
|
TALOS-2018-0555
|
Samsung SmartThings Hub video-core credentials Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3873, CVE-2018-3874, CVE-2018-3875, CVE-2018-3876, CVE-2018-3877, CVE-2018-3878
|
9.9
|
|
TALOS-2018-0591
|
Samsung SmartThings Hub video-core AWSELB Cookie Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3925
|
8.5
|
|
TALOS-2018-0594
|
Samsung SmartThings Hub hubCore Google Breakpad backtrace.io information disclosure vulnerability
|
2018-07-26
|
CVE-2018-3927
|
6.8
|
|
TALOS-2018-0593
|
Samsung SmartThings Hub hubCore ZigBee firmware update CRC16 check denial-of-service vulnerability
|
2018-07-26
|
CVE-2018-3926
|
5.3
|
|
TALOS-2018-0582
|
Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability
|
2018-07-26
|
CVE-2018-3918
|
6.5
|
|
TALOS-2018-0604
|
Sony IPELA E Series Camera measurementBitrateExec command injection vulnerability
|
2018-07-20
|
CVE-2018-3937
|
9.1
|
|
TALOS-2018-0559
|
FocalScope XML External Entity Injection Vulnerability
|
2018-07-20
|
CVE-2018-3881
|
9.4
|
|
TALOS-2018-0605
|
Sony IPELA E Series Camera 802dot1xclientcert remote code execution vulnerability
|
2018-07-20
|
CVE-2018-3938
|
9.1
|
|
TALOS-2018-0541
|
ACD Systems Canvas Draw 4 setRasterData Heap Overflow Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3857
|
8.8
|
|
TALOS-2018-0588
|
Foxit PDF Reader Javascript MailForm Remote Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3924
|
8.8
|
|
TALOS-2018-0606
|
Foxit PDF Reader Javascript createTemplate nPage Remote Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3939
|
8.0
|
|
TALOS-2018-0552
|
ACD Systems Canvas Draw 4 IO Metadata Out-of-Bounds Write Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3870
|
8.8
|
|
TALOS-2018-0544
|
ACD Systems Canvas Draw 4 Resolution_Set Out of Bounds Write Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3860
|
8.8
|
|
TALOS-2018-0543
|
ACD Systems Canvas Draw 4 Huff Table Out-of-bounds Write Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3859
|
8.8
|
|
TALOS-2018-0553
|
ACD Systems Canvas Draw 4 Invert Map Out-of-Bounds Write Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3871
|
8.8
|
|
TALOS-2018-0542
|
ACD Systems Canvas Draw 4 PlanarConfiguration Heap Overflow Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3858
|
8.8
|
|
TALOS-2018-0587
|
Computerinsel Photoline PCX Run Length Encoding Code Execution Vulnerability
|
2018-07-11
|
CVE-2018-3923
|
8.8
|
|
TALOS-2018-0585
|
Computerinsel Photoline PSD Blending Channel Code Execution Vulnerability
|
2018-07-11
|
CVE-2018-3921
|
8.8
|
|
TALOS-2018-0586
|
Computerinsel Photoline ANI Parsing Code Execution Vulnerability
|
2018-07-11
|
CVE-2018-3922
|
8.8
|
|
TALOS-2018-0592
|
Adobe Acrobat Reader DC JSON Stringify Remote Code Execution Vulnerability
|
2018-07-10
|
CVE-2018-12815
|
6.8
|
|
TALOS-2018-0603
|
Antenna House Office Server Document Converter GetShapePropery 0x105 code execution vulnerability
|
2018-07-10
|
CVE-2018-3936
|
8.8
|
|
TALOS-2018-0597
|
Antenna House Office Server Document Converter vbgetfp code execution vulnerability
|
2018-07-10
|
CVE-2018-3930
|
8.8
|
|
TALOS-2018-0599
|
Antenna House Office Server Document Converter putlsttbl code execution vulnerability
|
2018-07-10
|
CVE-2018-3932
|
8.8
|
|
TALOS-2018-0569
|
Adobe Acrobat Reader DC Collab.drivers Remote Code Execution Vulnerability
|
2018-07-10
|
CVE-2018-12812
|
6.8
|
|
TALOS-2018-0600
|
Antenna House Office Server Document Converter vbputanld code execution vulnerability
|
2018-07-10
|
CVE-2018-3933
|
8.8
|
|
TALOS-2018-0598
|
Antenna House Office Server Document Converter putShapeProperty Code Execution Vulnerability
|
2018-07-10
|
CVE-2018-3931
|
8.8
|
|
TALOS-2018-0590
|
Adobe Acrobat Reader DC Collab newWrStreamToCosObj Remote Code Execution Vulnerability
|
2018-07-10
|
CVE-2018-12756
|
6.8
|
|
TALOS-2018-0596
|
Antenna House Office Server Document Converter OLEread Code Execuction Vulnerability
|
2018-07-10
|
CVE-2018-3929
|
8.8
|
|
TALOS-2018-0624
|
IBM AIX rmsock SetUID Binary Information Leak
|
2018-07-03
|
CVE-2018-1655
|
4.0
|
|
TALOS-2018-0540
|
VMware Workstation 14 Shader Functionality Denial Of Service
|
2018-06-28
|
CVE-2018-6965
|
6.5
|
|
TALOS-2017-0494
|
Insteon Hub HTTPExecuteGet Firmware Update host Parameter Buffer Overflow Vulnerability
|
2018-06-19
|
CVE-2017-14445
|
5.3
|
|
TALOS-2017-0483
|
Insteon Hub PubNub "cc" Channel Message Handler Multiple Stack Overflow Code Execution Vulnerabilities
|
2018-06-19
|
CVE-2017-16252, CVE-2017-16253, CVE-2017-16254, CVE-2017-16255, CVE-2017-16256, CVE-2017-16257, CVE-2017-16258, CVE-2017-16259, CVE-2017-16260, CVE-2017-16261, CVE-2017-16262, CVE-2017-16263, CVE-2017-16264, CVE-2017-16265, CVE-2017-16266, CVE-2017-16267, CVE-2017-16268, CVE-2017-16269, CVE-2017-16270, CVE-2017-16271, CVE-2017-16272, CVE-2017-16273, CVE-2017-16274, CVE-2017-16275, CVE-2017-16276, CVE-2017-16277, CVE-2017-16278, CVE-2017-16279, CVE-2017-16280, CVE-2017-16281, CVE-2017-16282, CVE-2017-16283, CVE-2017-16284, CVE-2017-16285, CVE-2017-16286, CVE-2017-16287, CVE-2017-16288, CVE-2017-16289, CVE-2017-16290, CVE-2017-16291, CVE-2017-16292, CVE-2017-16293, CVE-2017-16294, CVE-2017-16295, CVE-2017-16296, CVE-2017-16297, CVE-2017-16298, CVE-2017-16299, CVE-2017-16300, CVE-2017-16301, CVE-2017-16302, CVE-2017-16303, CVE-2017-16304, CVE-2017-16305, CVE-2017-16306, CVE-2017-16307, CVE-2017-16308, CVE-2017-16309, CVE-2017-16310, CVE-2017-16311, CVE-2017-16312, CVE-2017-16313, CVE-2017-16314, CVE-2017-16315, CVE-2017-16316, CVE-2017-16317, CVE-2017-16318, CVE-2017-16319, CVE-2017-16320, CVE-2017-16321, CVE-2017-16322, CVE-2017-16323, CVE-2017-16324, CVE-2017-16325, CVE-2017-16326, CVE-2017-16327, CVE-2017-16328, CVE-2017-16329, CVE-2017-16330, CVE-2017-16331, CVE-2017-16332, CVE-2017-16333, CVE-2017-16334, CVE-2017-16335, CVE-2017-16336, CVE-2017-16337
|
8.5
|
|
TALOS-2017-0484
|
Insteon Hub PubNub "cc" Channel Message Handler Multiple Global Overflow Code Execution Vulnerabilities
|
2018-06-19
|
CVE-2017-16338, CVE-2017-16339, CVE-2017-16340, CVE-2017-16341, CVE-2017-16342, CVE-2017-16343, CVE-2017-16344, CVE-2017-16345, CVE-2017-16346, CVE-2017-16347
|
8.5
|
|
TALOS-2018-0512
|
Insteon Hub PubNub Firmware Downgrade Vulnerability
|
2018-06-19
|
CVE-2018-3833
|
8.6
|
|
TALOS-2017-0485
|
Insteon Hub Reboot Task Denial Of Service Vulnerability
|
2018-06-19
|
CVE-2017-16348
|
7.5
|
|
TALOS-2017-0496
|
Insteon Hub PubNub "ad" Channel Message Handler Code Execution Vulnerability
|
2018-06-19
|
CVE-2017-14447
|
8.5
|
|
TALOS-2017-0502
|
Insteon Hub PubNub control Channel Message Handler Code Execution Vulnerabilities
|
2018-06-19
|
CVE-2017-14452, CVE-2017-14453, CVE-2017-14454, CVE-2017-14455
|
8.5
|
|
TALOS-2017-0492
|
Insteon Hub HTTPExecuteGet Firmware Update Information Leak Vulnerability
|
2018-06-19
|
CVE-2017-14443
|
9.6
|
|
TALOS-2017-0493
|
Insteon Hub HTTPExecuteGet Firmware Update URL Parameter Code Execution Vulnerability
|
2018-06-19
|
CVE-2017-14444
|
8.5
|
|
TALOS-2018-0511
|
Insteon Hub MPFS Upload Firmware Update Vulnerability
|
2018-06-19
|
CVE-2018-3832
|
9.9
|
|
TALOS-2017-0495
|
Insteon Hub HTTPExecuteGet Parameters Extraction Code Execution Vulnerability
|
2018-06-19
|
CVE-2017-14446
|
8.5
|
|
TALOS-2018-0513
|
Insteon Hub PubNub Firmware Upgrade Confusion Permanent Denial Of Service Vulnerability
|
2018-06-19
|
CVE-2018-3834
|
8.7
|
|
TALOS-2018-0523
|
Pixar Renderman IT Display Service 0x67 Command Denial of Service Vulnerability
|
2018-06-14
|
CVE-2018-3840
|
5.3
|
|
TALOS-2018-0524
|
Pixar Renderman IT Display Service 0x69 Command Denial-of-Service Vulnerability
|
2018-06-14
|
CVE-2018-3841
|
5.3
|
|
TALOS-2018-0545
|
Microsoft wimgapi LoadIntegrityInfo Code Execution Vulnerability
|
2018-06-12
|
CVE-2018-8210
|
8.8
|
|
TALOS-2018-0535
|
Ocularis Recorder VMS_VA Denial of Service Vulnerability
|
2018-06-05
|
CVE-2018-3852
|
7.5
|
|
TALOS-2017-0354
|
Natus Xltek EEG NeuroWorks ItemList Deserialization Denial-of-Service Vulnerability
|
2018-05-31
|
CVE-2017-2852
|
7.5
|
|
TALOS-2017-0362
|
Natus Xltek EEG NeuroWorks ItemList Traversal Denial-of-Service Vulnerability
|
2018-05-31
|
CVE-2017-2858
|
7.5
|
|
TALOS-2017-0364
|
Natus Xltek EEG NeuroWorks Invalid KeyTree Entry Denial-of-Service Vulnerability
|
2018-05-31
|
CVE-2017-2860
|
7.5
|
|
TALOS-2018-0517
|
Adobe Acrobat Reader DC Net.Discovery.queryServices Remote Code Execution Vulnerability
|
2018-05-15
|
CVE-2018-4996
|
7.1
|
|
TALOS-2018-0518
|
Adobe Acrobat Reader DC ANFancyAlertImpl Remote Code Execution Vulnerability
|
2018-05-15
|
CVE-2018-4947
|
6.8
|
|
TALOS-2017-0501
|
Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities
|
2018-05-07
|
CVE-2017-14474, CVE-2017-14475, CVE-2017-14476, CVE-2017-14477, CVE-2017-14478, CVE-2017-14479, CVE-2017-14480, CVE-2017-14481
|
9.8
|
|
TALOS-2018-0527
|
Hyland Perceptive Document Filters DOCX to HTML Code Execution Vulnerability
|
2018-04-26
|
CVE-2018-3844
|
8.8
|
|
TALOS-2018-0528
|
Hyland Perceptive Document Filters OpenDocument to JPEG conversion SkCanvas Code Execution vulnerability
|
2018-04-26
|
CVE-2018-3845
|
8.8
|
|
TALOS-2018-0538
|
Hyland Perceptive Document Filters DOC to HTML updateNumbering Code Execution Vulnerability
|
2018-04-26
|
CVE-2018-3855
|
8.8
|
|
TALOS-2018-0534
|
Hyland Perceptive Document Filters Microsoft Word CDATA Code Execution Vulnerability
|
2018-04-26
|
CVE-2018-3851
|
8.8
|
|
TALOS-2018-0525
|
Foxit PDF Reader JavaScript setPersistent Remote Code Execution Vulnerability
|
2018-04-19
|
CVE-2018-3842
|
8.8
|
|
TALOS-2018-0526
|
Foxit PDF Reader AssociatedFile Annotation Type Confusion
|
2018-04-19
|
CVE-2018-3843
|
6.5
|
|
TALOS-2018-0532
|
Foxit PDF Reader JavaScript XFA Clone Remote Code Execution Vulnerability
|
2018-04-19
|
CVE-2018-3850
|
8.8
|
|
TALOS-2017-0506
|
Foxit PDF Reader Javascript Search Query Remote Code Execution Vulnerability
|
2018-04-19
|
CVE-2017-14458
|
8.8
|
|
TALOS-2018-0551
|
SAP BPC Web Application Information Disclosure Vulnerability
|
2018-04-19
|
CVE-2017-16349
|
6.4
|
|
TALOS-2018-0536
|
Foxit PDF Reader JavaScript createTemplate Remote Code Execution Vulnerability
|
2018-04-19
|
CVE-2018-3853
|
8.8
|
|
TALOS-2017-0378
|
Foscam IP Video Camera Firmware Recovery Unsigned Image Vulnerability
|
2018-04-17
|
CVE-2017-2871
|
9.6
|
|
TALOS-2017-0473
|
Moxa EDR-810 Web RSA Key Generation Command Injection Vulnerability
|
2018-04-13
|
CVE-2017-12121
|
8.8
|
|
TALOS-2017-0480
|
Moxa EDR-810 Server Agent Information Disclosure Vulnerability
|
2018-04-13
|
CVE-2017-12128
|
5.3
|
|
TALOS-2017-0477
|
Moxa EDR-810 Web Server Certificate Signing Request Command Injection Vulnerability
|
2018-04-13
|
CVE-2017-12125
|
8.8
|
|
TALOS-2017-0478
|
Moxa EDR-810 Web Server Cross-Site Request Forgery Vulnerability
|
2018-04-13
|
CVE-2017-12126
|
8.8
|
|
TALOS-2017-0479
|
Moxa EDR-810 Plaintext Password Storage Vulnerability
|
2018-04-13
|
CVE-2017-12127
|
4.4
|
|
TALOS-2017-0475
|
Moxa EDR-810 Cleartext Transmission of Password Vulnerability
|
2018-04-13
|
CVE-2017-12123
|
5.7
|
|
TALOS-2017-0481
|
Moxa EDR-810 Web Server Weak Cryptography for Passwords Vulnerability
|
2018-04-13
|
CVE-2017-12129
|
3.5
|
|
TALOS-2017-0476
|
Moxa EDR-810 Web Server URI Denial of Service Vulnerability
|
2018-04-13
|
|