TALOS-2024-2094
|
Foxit Reader 3D Page Object Use-After-Free Vulnerability
|
2024-12-18
|
CVE-2024-47810
|
8.8
|
TALOS-2024-2093
|
Foxit Reader Checkbox Calculate CBF_Widget Use-After-Free Vulnerability
|
2024-12-18
|
CVE-2024-49576
|
8.8
|
TALOS-2024-2064
|
Adobe Acrobat Reader Font gvar per-tuple-variation-table Out-Of-Bounds Read Vulnerability
|
2024-12-11
|
CVE-2024-49532
|
6.5
|
TALOS-2024-2070
|
Adobe Acrobat Reader Font Private Point Numbers Out-Of-Bounds Read Vulnerability
|
2024-12-11
|
CVE-2024-49533
|
6.5
|
TALOS-2024-2076
|
Adobe Acrobat Reader Font Program Function Definition Out-Of-Bounds Read Vulnerability
|
2024-12-11
|
CVE-2024-49534
|
6.5
|
TALOS-2024-1954
|
MC Technologies MC LR Router web interface configuration upload OS command injection vulnerability
|
2024-11-21
|
CVE-2024-21786
|
7.2
|
TALOS-2024-1953
|
MC Technologies MC LR Router web interface I/O configuration OS command injection vulnerabilities
|
2024-11-21
|
CVE-2024-28027,CVE-2024-28025,CVE-2024-28026
|
7.2
|
TALOS-2024-1962
|
GoCast HTTP API lack of authentication vulnerability
|
2024-11-21
|
CVE-2024-21855
|
9.8
|
TALOS-2024-1961
|
GoCast NAT parameter OS command injection vulnerability
|
2024-11-21
|
CVE-2024-29224
|
9.8
|
TALOS-2024-1960
|
GoCast name parameter OS command injection vulnerability
|
2024-11-21
|
CVE-2024-28892
|
9.8
|
TALOS-2024-1982
|
LevelOne WBR-6012 Web Application improper resource allocation vulnerability
|
2024-10-30
|
CVE-2024-31152
|
5.3
|
TALOS-2024-2001
|
LevelOne WBR-6012 Web Application denial of service vulnerability
|
2024-10-30
|
CVE-2024-33623
|
3.7
|
TALOS-2024-1997
|
LevelOne WBR-6012 Web Application buffer overflow vulnerability
|
2024-10-30
|
CVE-2024-28052
|
5.3
|
TALOS-2024-1979
|
LevelOne WBR-6012 hard-coded password vulnerability
|
2024-10-30
|
CVE-2024-28875,CVE-2024-31151
|
8.1
|
TALOS-2024-1981
|
LevelOne WBR-6012 Web Application cross-site request forgery (CSRF) vulnerability
|
2024-10-30
|
CVE-2024-24777
|
8.8
|
TALOS-2024-1983
|
LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability
|
2024-10-30
|
CVE-2024-32946
|
5.9
|
TALOS-2024-1984
|
LevelOne WBR-6012 Web Application weak authentication vulnerability
|
2024-10-30
|
CVE-2024-33699
|
9.9
|
TALOS-2024-1986
|
LevelOne WBR-6012 Web Application information disclosure vulnerability
|
2024-10-30
|
CVE-2024-33626
|
5.3
|
TALOS-2024-1996
|
LevelOne WBR-6012 Web Application authentication bypass vulnerability
|
2024-10-30
|
CVE-2024-23309
|
9.0
|
TALOS-2024-1998
|
LevelOne WBR-6012 FTP improper input validation vulnerability
|
2024-10-30
|
CVE-2024-33700
|
7.5
|
TALOS-2024-1985
|
LevelOne WBR-6012 Web Application information disclosure vulnerability
|
2024-10-30
|
CVE-2024-33603
|
5.3
|
TALOS-2024-2014
|
NVIDIA D3D10 Driver Shader Functionality STORE_STRUCTURED instruction out-of-bounds read vulnerability
|
2024-10-23
|
CVE-2024-0120
|
7.8
|
TALOS-2024-1955
|
NVIDIA D3D10 Driver Shader Functionality SAMPLE out-of-bounds read vulnerability
|
2024-10-23
|
CVE-2024-0121
|
7.8
|
TALOS-2024-2013
|
NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration
|
2024-10-23
|
CVE-2024-0118
|
7.8
|
TALOS-2024-2012
|
NVIDIA D3D10 Driver Shader Functionality LD instruction out-of-bounds read vulnerability
|
2024-10-23
|
CVE-2024-0117
|
7.8
|
TALOS-2024-2015
|
NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability
|
2024-10-23
|
CVE-2024-0119
|
7.8
|
TALOS-2024-2060
|
Veertu Anka Build node agent update privilege escalation vulnerability
|
2024-10-03
|
CVE-2024-39755
|
7.8
|
TALOS-2024-2061
|
Veertu Anka Build registry log files directory traversal vulnerability
|
2024-10-03
|
CVE-2024-41922
|
7.5
|
TALOS-2024-2069
|
GNOME Project G Structured File Library (libgsf) Compound Document Binary File Sector Allocation Table integer overflow vulnerability
|
2024-10-03
|
CVE-2024-42415
|
8.4
|
TALOS-2024-2068
|
GNOME Project G Structured File Library (libgsf) Compound Document Binary File Directory integer overflow vulnerability
|
2024-10-03
|
CVE-2024-36474
|
8.4
|
TALOS-2024-2059
|
Veertu Anka Build registry archive files directory traversal vulnerability
|
2024-10-03
|
CVE-2024-41163
|
7.5
|
TALOS-2024-1967
|
Foxit Reader checkbox Calculate use-after-free vulnerability
|
2024-10-02
|
CVE-2024-28888
|
8.8
|
TALOS-2024-2062
|
Microsoft Pragmatic General Multicast Server PgmCloseConnection stale memory dereference
|
2024-09-25
|
CVE-2024-38140
|
9.8
|
TALOS-2024-2005
|
OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability
|
2024-09-18
|
CVE-2024-34026
|
9.0
|
TALOS-2024-2016
|
OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser invalid pointer dereference vulnerabilities
|
2024-09-18
|
CVE-2024-39590,CVE-2024-39589
|
7.5
|
TALOS-2024-2004
|
OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP PCCC out-of-bounds read vulnerability
|
2024-09-18
|
CVE-2024-36981,CVE-2024-36980
|
7.5
|
TALOS-2024-2008
|
Microsoft High Definition Audio Bus Driver HDAudBus_DMA multiple irp complete requests vulnerability
|
2024-09-12
|
CVE-2024-45383
|
5.0
|
TALOS-2024-1980
|
Microsoft Windows 10 AllJoyn Router Service information disclosure vulnerability
|
2024-09-11
|
CVE-2024-38257
|
5.3
|
TALOS-2024-2011
|
Adobe Acrobat Reader Annotation Object Page Race Condition Vulnerability
|
2024-09-10
|
CVE-2024-39420
|
8.8
|
TALOS-2024-1990
|
Microsoft Teams (work or school) for macOS WebView.app helper app library injection vulnerability
|
2024-08-19
|
CVE-2024-41145
|
7.1
|
TALOS-2024-1991
|
Microsoft Teams (work or school) for macOS com.microsoft.teams2.modulehost.app helper app library injection vulnerability
|
2024-08-19
|
CVE-2024-41138
|
7.1
|
TALOS-2024-1975
|
Microsoft OneNote for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-41159
|
7.1
|
TALOS-2024-1976
|
Microsoft Excel for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-43106
|
7.1
|
TALOS-2024-1974
|
Microsoft PowerPoint for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-39804
|
7.1
|
TALOS-2024-1973
|
Microsoft Teams (work or school) for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-42004
|
7.1
|
TALOS-2024-1972
|
Microsoft Outlook for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-42220
|
7.1
|
TALOS-2024-1977
|
Microsoft Word for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-41165
|
7.1
|
TALOS-2024-1964
|
Microsoft CLIPSP.SYS License update signature check bypass vulnerability
|
2024-08-13
|
CVE-2024-38184
|
6.2
|
TALOS-2024-1988
|
Microsoft CLIPSP.SYS License Update out-of-bounds read vulnerability
|
2024-08-13
|
None
|
7.4
|
TALOS-2024-1971
|
Microsoft Windows CLIPSP.SYS License Update Field Type 0xCC out-of-bounds read vulnerability
|
2024-08-13
|
None
|
6.8
|
TALOS-2024-1966
|
Microsoft CLIPSP.SYS License update privilege escalation vulnerability
|
2024-08-13
|
CVE-2024-38186
|
7.4
|
TALOS-2024-1965
|
Microsoft CLIPSP.SYS License update out-of-bounds read vulnerability
|
2024-08-13
|
CVE-2024-38185
|
8.4
|
TALOS-2024-1969
|
Microsoft Windows CLIPSP.SYS License Update Field Type 0x20 out-of-bounds read vulnerability
|
2024-08-13
|
CVE-2024-38187
|
6.8
|
TALOS-2024-2003
|
Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability
|
2024-08-13
|
CVE-2024-41835
|
6.5
|
TALOS-2024-2002
|
Adobe Acrobat Reader Font gvar TupleVariation Data Out-Of-Bounds Read Vulnerability
|
2024-08-13
|
CVE-2024-41832
|
6.5
|
TALOS-2024-1968
|
Microsoft Windows CLIPSP.SYS License Update Field Type 0xC9 out-of-bounds read vulnerability
|
2024-08-13
|
None,CVE-2024-38062
|
6.8
|
TALOS-2024-1970
|
Microsoft Windows CLIPSP.SYS License Update Field Type 0xD3 out-of-bounds read vulnerability
|
2024-08-13
|
None
|
6.8
|
TALOS-2024-2009
|
Adobe Acrobat Reader AV3DVirtAnnot Object Format Event Use-After-Free Vulnerability
|
2024-08-13
|
CVE-2024-41830
|
8.8
|
TALOS-2024-1956
|
NVIDIA GPU Compiler Driver Shader Functionality out-of-bounds read vulnerability
|
2024-07-23
|
CVE-2024-0107
|
7.8
|
TALOS-2024-1995
|
Ankitects Anki Flask Invalid Path Reflected Cross-Site Scripting (XSS) vulnerability
|
2024-07-22
|
CVE-2024-32484
|
7.4
|
TALOS-2024-1993
|
Ankitects Anki MPV script injection vulnerability
|
2024-07-22
|
CVE-2024-26020
|
9.6
|
TALOS-2024-1994
|
Ankitects Anki LaTeX Blocklist Bypass vulnerability
|
2024-07-22
|
CVE-2024-32152
|
3.1
|
TALOS-2024-1992
|
Ankitects Anki Latex Incomplete Blocklist Vulnerability
|
2024-07-22
|
CVE-2024-29073
|
5.3
|
TALOS-2023-1877
|
Realtek rtl819x Jungle SDK boa updateConfigIntoFlash integer overflow vulnerability
|
2024-07-08
|
CVE-2023-45742
|
7.2
|
TALOS-2023-1875
|
Realtek rtl819x Jungle SDK boa formFilter stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-49073
|
7.2
|
TALOS-2023-1873
|
LevelOne WBR-6013 boa formSysCmd leftover debug code vulnerability
|
2024-07-08
|
CVE-2023-49593
|
7.2
|
TALOS-2023-1871
|
LevelOne WBR-6013 telnetd hard-coded password vulnerability
|
2024-07-08
|
CVE-2023-46685
|
9.8
|
TALOS-2023-1899
|
Realtek rtl819x Jungle SDK boa formWsc OS command injection vulnerabilities
|
2024-07-08
|
CVE-2023-50381,CVE-2023-50383,CVE-2023-50382
|
7.2
|
TALOS-2023-1878
|
Realtek rtl819x Jungle SDK boa rollback_control_code stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-49595
|
7.2
|
TALOS-2023-1876
|
Realtek rtl819x Jungle SDK boa formDnsv6 stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-48270
|
7.2
|
TALOS-2023-1904
|
Realtek rtl819x Jungle SDK boa formWsc stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-49867
|
7.2
|
TALOS-2024-1911
|
Realtek rtl819x Jungle SDK configuration file mib_init_value_array heap-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2024-21778
|
7.2
|
TALOS-2023-1893
|
Realtek rtl819x Jungle SDK boa set_RadvdInterfaceParam stack-based buffer overflow vulnerabilities
|
2024-07-08
|
CVE-2023-50239,CVE-2023-50240
|
7.2
|
TALOS-2023-1872
|
Realtek rtl819x Jungle SDK boa CSRF protection cross-site request forgery (CSRF) vulnerability
|
2024-07-08
|
CVE-2023-47677
|
8.8
|
TALOS-2023-1903
|
Realtek rtl819x Jungle SDK boa getInfo stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-50330
|
7.2
|
TALOS-2023-1895
|
Realtek rtl819x Jungle SDK boa formIpQoS stack-based buffer overflow vulnerabilities
|
2024-07-08
|
CVE-2023-50243,CVE-2023-50244
|
7.2
|
TALOS-2023-1894
|
Realtek rtl819x Jungle SDK boa formRoute stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-41251
|
7.2
|
TALOS-2023-1892
|
Realtek rtl819x Jungle SDK boa set_RadvdPrefixParam stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-47856
|
7.2
|
TALOS-2023-1891
|
Realtek rtl819x Jungle SDK boa setRepeaterSsid stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-45215
|
7.2
|
TALOS-2023-1874
|
Realtek rtl819x Jungle SDK boa formUpload firmware update vulnerability
|
2024-07-08
|
CVE-2023-34435
|
7.2
|
TALOS-2024-1978
|
Grandstream GXP2135 CWMP SelfDefinedTimeZone OS command injection vulnerability
|
2024-07-03
|
CVE-2024-32937
|
8.1
|
TALOS-2024-1934
|
Progress Software Corporation WhatsUp Gold TestController Chart denial of service vulnerability
|
2024-06-26
|
CVE-2024-5011
|
7.5
|
TALOS-2024-1933
|
Progress Software Corporation WhatsUp Gold TestController multiple information disclosure vulnerabilities
|
2024-06-26
|
CVE-2024-5010
|
7.5
|
TALOS-2024-1932
|
Progress Software Corporation WhatsUp Gold AppProfileImport path traversal vulnerability
|
2024-06-26
|
CVE-2024-5017
|
6.5
|
TALOS-2024-1947
|
Tp-Link ER7206 Omada Gigabit VPN Router cli_server debug leftover debug code vulnerability
|
2024-06-25
|
CVE-2024-21827
|
7.2
|
TALOS-2024-1942
|
AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability
|
2024-05-28
|
CVE-2024-21785
|
9.8
|
TALOS-2024-1938
|
AutomationDirect P3-550E Programming Software Connection FileSystem API out-of-bounds write vulnerabilities
|
2024-05-28
|
CVE-2024-24956,CVE-2024-24957,CVE-2024-24959,CVE-2024-24958,CVE-2024-24955,CVE-2024-24954
|
8.2
|
TALOS-2024-1929
|
libigl readOFF stack-based buffer overflow vulnerability
|
2024-05-28
|
CVE-2024-24686,CVE-2024-24685,CVE-2024-24684
|
7.8
|
TALOS-2023-1784
|
libigl readOFF stack-based buffer overflow vulnerabilities
|
2024-05-28
|
CVE-2023-35950,CVE-2023-35953,CVE-2023-35952,CVE-2023-35951,CVE-2023-35949
|
7.8
|
TALOS-2024-1928
|
libigl readMSH out-of-bounds read vulnerability
|
2024-05-28
|
CVE-2024-24583,CVE-2024-24584
|
4.3
|
TALOS-2024-1926
|
libigl readMSH improper array index validation vulnerability
|
2024-05-28
|
CVE-2024-23948,CVE-2024-23951,CVE-2024-23947,CVE-2024-23950,CVE-2024-23949
|
8.8
|
TALOS-2024-1936
|
AutomationDirect P3-550E Programming Software Connection FiBurn heap-based buffer overflow vulnerability
|
2024-05-28
|
CVE-2024-24851
|
7.5
|
TALOS-2024-1937
|
AutomationDirect P3-550E Programming Software Connection CurrDir heap-based buffer overflow vulnerability
|
2024-05-28
|
CVE-2024-24947,CVE-2024-24946
|
8.2
|
TALOS-2024-1939
|
AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability
|
2024-05-28
|
CVE-2024-24963,CVE-2024-24962
|
9.8
|
TALOS-2024-1940
|
AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability
|
2024-05-28
|
CVE-2024-22187
|
9.1
|
TALOS-2024-1943
|
AutomationDirect P3-550E Programming Software Connection scan_lib.bin library code injection vulnerability
|
2024-05-28
|
CVE-2024-23601
|
9.8
|
TALOS-2024-1930
|
libigl readNODE out-of-bounds write vulnerability
|
2024-05-28
|
CVE-2024-22181
|
7.8
|
TALOS-2024-1989
|
Foxit Reader Updater improper certificate validation privilege escalation vulnerability
|
2024-05-28
|
CVE-2024-29072
|
8.2
|
TALOS-2023-1879
|
libigl PlyFile ply_cast_ascii out-of-bounds write vulnerability
|
2024-05-28
|
CVE-2023-49600
|
8.1
|
TALOS-2024-1941
|
AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Read-What-Where vulnerability
|
2024-05-28
|
CVE-2024-23315
|
7.5
|
TALOS-2024-1946
|
Adobe Acrobat Reader Font gvar GlyphVariationData out-of-bounds read vulnerability
|
2024-05-15
|
CVE-2024-30311
|
6.5
|
TALOS-2024-1952
|
Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
|
2024-05-15
|
CVE-2024-30312
|
6.5
|
TALOS-2023-1889
|
Tinyproxy HTTP Connection Headers use-after-free vulnerability
|
2024-05-01
|
CVE-2023-49606
|
9.8
|
TALOS-2023-1852
|
Milesight UR32L luci2-io file-import firmware update vulnerability
|
2024-05-01
|
CVE-2023-47166
|
8.8
|
TALOS-2023-1846
|
stb stb_vorbis.c comment heap-based buffer overflow vulnerability
|
2024-05-01
|
CVE-2023-47212
|
9.8
|
TALOS-2024-1959
|
Foxit Reader ComboBox widget Format event use-after-free vulnerability
|
2024-04-30
|
CVE-2024-25648
|
8.8
|
TALOS-2024-1958
|
Foxit Reader Barcode widget Calculate event use-after-free vulnerability
|
2024-04-30
|
CVE-2024-25938
|
8.8
|
TALOS-2024-1963
|
Foxit Reader Lock object fields property type confusion vulnerability
|
2024-04-30
|
CVE-2024-25575
|
8.8
|
TALOS-2024-1924
|
Grassroot DICOM LookupTable::SetLUT out-of-bounds write vulnerability
|
2024-04-25
|
CVE-2024-22391
|
7.7
|
TALOS-2024-1944
|
Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability
|
2024-04-25
|
CVE-2024-25569
|
6.5
|
TALOS-2024-1935
|
Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability
|
2024-04-25
|
CVE-2024-22373
|
8.1
|
TALOS-2024-1957
|
OFFIS DCMTK DVPSSoftcopyVOI_PList::createFromImage incorrect type conversion vulnerability
|
2024-04-23
|
CVE-2024-28130
|
7.5
|
TALOS-2024-1945
|
Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability
|
2024-04-18
|
CVE-2023-51391
|
7.5
|
TALOS-2023-1863
|
Peplink Smart Reader web interface /cgi-bin/debug_dump.cgi information disclosure vulnerability
|
2024-04-17
|
CVE-2023-43491
|
5.3
|
TALOS-2023-1867
|
Peplink Smart Reader web interface mac2name OS command injection vulnerability
|
2024-04-17
|
CVE-2023-39367
|
9.1
|
TALOS-2023-1866
|
Peplink Smart Reader web interface /cgi-bin/upload_config.cgi data integrity vulnerability
|
2024-04-17
|
CVE-2023-45744
|
8.3
|
TALOS-2023-1868
|
Peplink Smart Reader /bin/login privilege escalation vulnerability
|
2024-04-17
|
CVE-2023-40146
|
6.8
|
TALOS-2023-1865
|
Peplink Smart Reader web interface /cgi-bin/download_config.cgi information disclosure vulnerability
|
2024-04-17
|
CVE-2023-45209
|
5.3
|
TALOS-2023-1847
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality arbitrary write vulnerability
|
2024-04-10
|
CVE-2024-21979
|
5.3
|
TALOS-2023-1848
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality arbitrary write vulnerability
|
2024-04-10
|
CVE-2024-21972
|
5.3
|
TALOS-2023-1864
|
Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) web interface memory corruption vulnerability
|
2024-04-09
|
CVE-2023-48724
|
7.5
|
TALOS-2023-1862
|
tddpd enable_test_mode command execution vulnerability
|
2024-04-09
|
CVE-2023-49133,CVE-2023-49134
|
8.1
|
TALOS-2023-1861
|
Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) TDDP denial of service vulnerability
|
2024-04-09
|
CVE-2023-49074
|
7.4
|
TALOS-2023-1888
|
Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) web interface Radio Scheduling stack-based buffer overflow vulnerability
|
2024-04-09
|
CVE-2023-49907,CVE-2023-49910,CVE-2023-49911,CVE-2023-49908,CVE-2023-49912,CVE-2023-49909,CVE-2023-49906,CVE-2023-49913
|
7.2
|
TALOS-2024-1949
|
Open Automation Software OAS Platform OAS Engine User Configuration improper input validation vulnerability
|
2024-04-03
|
CVE-2024-27201
|
4.9
|
TALOS-2024-1948
|
Open Automation Software OAS Platform OAS Engine File Data Source Configuration denial of service vulnerability
|
2024-04-03
|
CVE-2024-24976
|
4.9
|
TALOS-2024-1950
|
Open Automation Software OAS Platform OAS Engine Tags Configuration file write vulnerability
|
2024-04-03
|
CVE-2024-21870
|
4.9
|
TALOS-2024-1951
|
Open Automation Software OAS Platform OAS Engine Save Security Configuration file write vulnerability
|
2024-04-03
|
CVE-2024-22178
|
4.9
|
TALOS-2023-1887
|
Netgear RAX30 JSON Parsing getblockschedule() stack-based buffer overflow vulnerability
|
2024-03-07
|
CVE-2023-48725
|
7.2
|
TALOS-2023-1849
|
NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability
|
2024-02-29
|
CVE-2024-0071
|
7.8
|
TALOS-2023-1870
|
Google Chrome Video Encoder Metrics denial of service vulnerability
|
2024-02-28
|
None
|
4.6
|
TALOS-2024-1915
|
llama.cpp GGUF library header.n_tensors heap-based buffer overflow vulnerability
|
2024-02-26
|
CVE-2024-21836
|
8.8
|
TALOS-2024-1913
|
llama.cpp GGUF library gguf_fread_str heap-based buffer overflow vulnerability
|
2024-02-26
|
CVE-2024-23496
|
8.8
|
TALOS-2024-1916
|
llama.cpp GGUF library header.n_kv heap-based buffer overflow vulnerability
|
2024-02-26
|
CVE-2024-23605
|
8.8
|
TALOS-2024-1914
|
llama.cpp GGUF library info->ne heap-based buffer overflow vulnerability
|
2024-02-26
|
CVE-2024-21802
|
8.8
|
TALOS-2024-1912
|
llama.cpp GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing heap-based buffer overflow vulnerability
|
2024-02-26
|
CVE-2024-21825
|
8.8
|
TALOS-2024-1923
|
The Biosig Project libbiosig sopen_FAMOS_read use-after-free vulnerability
|
2024-02-20
|
CVE-2024-23310
|
9.8
|
TALOS-2024-1925
|
The Biosig Project libbiosig sopen_FAMOS_read NULL calloc out-of-bounds write vulnerability
|
2024-02-20
|
CVE-2024-23606
|
9.8
|
TALOS-2023-1828
|
Weston Embedded uC-TCP-IP ICMP/ICMPv6 parsing denial of service vulnerabilities
|
2024-02-20
|
CVE-2023-39540,CVE-2023-39541
|
5.9
|
TALOS-2024-1917
|
The Biosig Project libbiosig BrainVision Header Parsing double-free vulnerability
|
2024-02-20
|
CVE-2024-22097
|
9.8
|
TALOS-2024-1931
|
Imaging Data Commons libdicom DICOM File Meta Information Parsing Use-After-Free vulnerabilities
|
2024-02-20
|
CVE-2024-24793,CVE-2024-24794
|
8.1
|
TALOS-2024-1918
|
The Biosig Project libbiosig BrainVisionMarker Parsing Out-of-bounds Write vulnerability
|
2024-02-20
|
CVE-2024-23305
|
9.8
|
TALOS-2024-1919
|
The Biosig Project libbiosig BrainVision ASCII Header Parsing double-free vulnerability
|
2024-02-20
|
CVE-2024-23809
|
9.8
|
TALOS-2024-1920
|
The Biosig Project libbiosig .egi parsing heap-based buffer overflow vulnerability
|
2024-02-20
|
CVE-2024-21795
|
9.8
|
TALOS-2024-1921
|
The Biosig Project libbiosig sopen_FAMOS_read integer overflow to out-of-bounds write vulnerability
|
2024-02-20
|
CVE-2024-21812
|
9.8
|
TALOS-2024-1922
|
The Biosig Project libbiosig sopen_FAMOS_read integer underflow to out-of-bounds write vulnerability
|
2024-02-20
|
CVE-2024-23313
|
9.8
|
TALOS-2023-1829
|
Weston Embedded uC-TCP-IP IP header loopback parsing double-free vulnerability
|
2024-02-20
|
CVE-2023-38562
|
8.7
|
TALOS-2023-1843
|
Weston Embedded uC-HTTP HTTP Server heap-based buffer overflow vulnerability
|
2024-02-20
|
CVE-2023-45318
|
10.0
|
TALOS-2023-1890
|
Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability
|
2024-02-15
|
CVE-2024-20729
|
8.8
|
TALOS-2023-1901
|
Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability
|
2024-02-15
|
CVE-2024-20731
|
8.8
|
TALOS-2023-1905
|
Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
|
2024-02-15
|
CVE-2024-20735
|
6.5
|
TALOS-2023-1906
|
Adobe Acrobat Reader Font CPAL integer overflow vulnerability
|
2024-02-15
|
CVE-2024-20730
|
8.8
|
TALOS-2023-1909
|
Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
|
2024-02-15
|
CVE-2024-20748
|
6.5
|
TALOS-2023-1910
|
Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability
|
2024-02-15
|
CVE-2024-20749
|
6.5
|
TALOS-2023-1908
|
Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
|
2024-02-15
|
CVE-2024-20747
|
6.5
|
TALOS-2023-1855
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd GRE command injection vulnerability
|
2024-02-06
|
CVE-2023-47167
|
7.2
|
TALOS-2023-1859
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd web filtering Command injection Vulnerability
|
2024-02-06
|
CVE-2023-47618
|
7.2
|
TALOS-2023-1854
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd ipsec command injection vulnerability
|
2024-02-06
|
CVE-2023-47209
|
7.2
|
TALOS-2023-1856
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP global config Command injection Vulnerability
|
2024-02-06
|
CVE-2023-42664
|
7.2
|
TALOS-2023-1858
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd web group command injection vulnerability
|
2024-02-06
|
CVE-2023-47617
|
7.2
|
TALOS-2023-1857
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd Wireguard VPN command injection vulnerability
|
2024-02-06
|
CVE-2023-46683
|
7.2
|
TALOS-2023-1850
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability
|
2024-02-06
|
CVE-2023-43482
|
7.2
|
TALOS-2023-1853
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP client Command injection Vulnerability
|
2024-02-06
|
CVE-2023-36498
|
7.2
|
TALOS-2023-1898
|
WWBN AVideo checkLoginAttempts login attempt restriction bypass vulnerability
|
2024-01-10
|
CVE-2023-49810
|
7.3
|
TALOS-2023-1897
|
WWBN AVideo userRecoverPass.php captcha validation recovery notification bypass vulnerability
|
2024-01-10
|
CVE-2023-50172
|
5.3
|
TALOS-2023-1900
|
WWBN AVideo salt generation insufficient entropy vulnerability
|
2024-01-10
|
CVE-2023-49599
|
9.8
|
TALOS-2023-1885
|
WWBN AVideo import.json.php temporary copy unrestricted php file upload vulnerability
|
2024-01-10
|
CVE-2023-49715
|
4.3
|
TALOS-2023-1884
|
WWBN AVideo channelBody.php user name cross-site scripting (XSS) vulnerability
|
2024-01-10
|
CVE-2023-47861
|
9.0
|
TALOS-2023-1886
|
WWBN AVideo getLanguageFromBrowser local file inclusion vulnerability
|
2024-01-10
|
CVE-2023-47862
|
9.8
|
TALOS-2023-1880
|
WWBN AVideo aVideoEncoderReceiveImage.json.php image upload information disclosure vulnerability
|
2024-01-10
|
CVE-2023-49864,CVE-2023-49863,CVE-2023-49862
|
6.5
|
TALOS-2023-1881
|
WWBN AVideo image404Raw.php information disclosure vulnerability
|
2024-01-10
|
CVE-2023-49738
|
7.5
|
TALOS-2023-1896
|
WWBN AVideo userRecoverPass.php recoverPass generation insufficient entropy vulnerability
|
2024-01-10
|
CVE-2023-49589
|
8.8
|
TALOS-2023-1883
|
WWBN AVideo functiongetOpenGraph videoName cross-site scripting (XSS) vulnerability
|
2024-01-10
|
CVE-2023-48728
|
9.6
|
TALOS-2023-1869
|
WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability
|
2024-01-10
|
CVE-2023-47171
|
6.5
|
TALOS-2023-1882
|
WWBN AVideo navbarMenuAndLogo.php user name cross-site scripting (XSS) vulnerability
|
2024-01-10
|
CVE-2023-48730
|
8.5
|
TALOS-2023-1797
|
GTKWave FST fstReaderIterBlocks2 temp_signal_value_buf allocation integer overflow vulnerability
|
2024-01-08
|
CVE-2023-36864
|
7.8
|
TALOS-2023-1818
|
GTKWave LXT2 facgeometry parsing integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-39273,CVE-2023-39271,CVE-2023-39274,CVE-2023-39275,CVE-2023-39272,CVE-2023-39270
|
7.8
|
TALOS-2023-1812
|
GTKWave VZT facgeometry parsing integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-38618,CVE-2023-38621,CVE-2023-38620,CVE-2023-38619,CVE-2023-38623,CVE-2023-38622
|
7.8
|
TALOS-2023-1810
|
GTKWave VZT LZMA_Read dmem extraction out-of-bounds write vulnerability
|
2024-01-08
|
CVE-2023-37282
|
7.8
|
TALOS-2023-1813
|
GTKWave VZT vzt_rd_get_facname decompression out-of-bounds write vulnerabilities
|
2024-01-08
|
CVE-2023-38649,CVE-2023-38648
|
7.8
|
TALOS-2023-1820
|
GTKWave LXT2 num_dict_entries integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-39316,CVE-2023-39317
|
7.8
|
TALOS-2023-1821
|
GTKWave LXT2 lxt2_rd_trace value elements allocation integer overflow vulnerability
|
2024-01-08
|
CVE-2023-35057
|
7.8
|
TALOS-2023-1823
|
GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability
|
2024-01-08
|
CVE-2023-38657
|
7.8
|
TALOS-2023-1851
|
ManageEngine OpManager uploadMib directory traversal vulnerability
|
2024-01-08
|
CVE-2023-47211
|
9.1
|
TALOS-2023-1827
|
GTKWave LXT2 lxt2_rd_expand_integer_to_bits stack-based buffer overflow vulnerability
|
2024-01-08
|
CVE-2023-38583
|
7.8
|
TALOS-2023-1815
|
GTKWave VZT vzt_rd_block_vch_decode dict parsing integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-38653,CVE-2023-38652
|
7.0
|
TALOS-2023-1785
|
GTKWave FST fstReaderIterBlocks2 VCDATA parsing heap-based buffer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-35956,CVE-2023-35957,CVE-2023-35958,CVE-2023-35955
|
7.8
|
TALOS-2023-1816
|
GTKWave VZT longest_len value allocation integer overflow vulnerability
|
2024-01-08
|
CVE-2023-35004
|
7.8
|
TALOS-2023-1826
|
GTKWave LXT2 lxt2_rd_get_facname decompression out-of-bounds write vulnerabilities
|
2024-01-08
|
CVE-2023-39443,CVE-2023-39444
|
7.8
|
TALOS-2023-1783
|
GTKWave FST LEB128 varint stack-based buffer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-35704,CVE-2023-35703,CVE-2023-35702
|
7.8
|
TALOS-2023-1777
|
GTKWave FST FST_BL_GEOM parsing maxhandle integer overflow vulnerability
|
2024-01-08
|
CVE-2023-32650
|
7.0
|
TALOS-2023-1793
|
GTKWave FST fstReaderIterBlocks2 fstWritex len heap-based buffer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-36747,CVE-2023-36746
|
7.0
|
TALOS-2023-1798
|
GTKWave FST fstReaderIterBlocks2 chain_table allocation integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-36915,CVE-2023-36916
|
7.8
|
TALOS-2023-1805
|
GTKWave VCD var definition section out-of-bounds read vulnerabilities
|
2024-01-08
|
CVE-2023-37447,CVE-2023-37446,CVE-2023-37445,CVE-2023-37444,CVE-2023-37442,CVE-2023-37443
|
7.8
|
TALOS-2023-1786
|
GTKWave decompression OS command injection vulnerabilities
|
2024-01-08
|
CVE-2023-35963,CVE-2023-35960,CVE-2023-35964,CVE-2023-35959,CVE-2023-35961,CVE-2023-35962
|
7.8
|
TALOS-2023-1807
|
GTKWave VCD sorted bsearch arbitrary write vulnerabilities
|
2024-01-08
|
CVE-2023-37921,CVE-2023-37923,CVE-2023-37922
|
7.8
|
TALOS-2023-1803
|
GTKWave EVCD var len parsing improper array index validation vulnerability
|
2024-01-08
|
CVE-2023-34087
|
7.8
|
TALOS-2023-1806
|
GTKWave VCD get_vartoken realloc use-after-free vulnerabilities
|
2024-01-08
|
CVE-2023-37576,CVE-2023-37577,CVE-2023-37573,CVE-2023-37578,CVE-2023-37575,CVE-2023-37574
|
7.8
|
TALOS-2023-1804
|
GTKWave VCD parse_valuechange portdump out-of-bounds write vulnerabilities
|
2024-01-08
|
CVE-2023-37416,CVE-2023-37419,CVE-2023-37420,CVE-2023-37418,CVE-2023-37417
|
7.8
|
TALOS-2023-1791
|
GTKWave FST fstReaderIterBlocks2 tdelta improper array index validation vulnerabilities
|
2024-01-08
|
CVE-2023-35994,CVE-2023-35996,CVE-2023-35997,CVE-2023-35995
|
7.8
|
TALOS-2023-1790
|
GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability
|
2024-01-08
|
CVE-2023-35992
|
7.0
|
TALOS-2023-1822
|
GTKWave LXT2 zlib block allocation integer overflow vulnerability
|
2024-01-08
|
CVE-2023-35989
|
7.8
|
TALOS-2023-1819
|
GTKWave LXT2 num_time_table_entries out-of-bounds write vulnerability
|
2024-01-08
|
CVE-2023-34436
|
7.8
|
TALOS-2023-1814
|
GTKWave VZT vzt_rd_block_vch_decode times parsing integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-38651,CVE-2023-38650
|
7.0
|
TALOS-2023-1811
|
GTKWave VZT LZMA_read_varint out-of-bounds write vulnerability
|
2024-01-08
|
CVE-2023-36861
|
7.8
|
TALOS-2023-1817
|
GTKWave VZT vzt_rd_process_block autosort out-of-bounds write vulnerabilities
|
2024-01-08
|
CVE-2023-39235,CVE-2023-39234
|
7.8
|
TALOS-2023-1824
|
GTKWave LXT2 lxt2_rd_iter_radix shift operation integer underflow vulnerabilities
|
2024-01-08
|
CVE-2023-39413,CVE-2023-39414
|
7.0
|
TALOS-2023-1789
|
GTKWave FST fstReaderIterBlocks2 chain_table parsing heap-based buffer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-35969,CVE-2023-35970
|
7.8
|
TALOS-2023-1792
|
GTKWave FST fstReaderIterBlocks2 time_table tsec_nitems integer overflow vulnerability
|
2024-01-08
|
CVE-2023-35128
|
7.0
|
TALOS-2023-1907
|
instipod DuoUniversalKeycloakAuthenticator challenge information disclosure vulnerability
|
2023-12-23
|
CVE-2023-49594
|
4.5
|
TALOS-2023-1845
|
Buildroot BR_NO_CHECK_HASH_FOR data integrity vulnerability
|
2023-12-05
|
CVE-2023-43608
|
8.1
|
TALOS-2023-1860
|
GPSd NTRIP Stream Parsing access violation vulnerability
|
2023-12-05
|
CVE-2023-43628
|
5.9
|
TALOS-2023-1844
|
Buildroot package hash checking data integrity vulnerabilities
|
2023-12-05
|
CVE-2023-45841,CVE-2023-45842,CVE-2023-45838,CVE-2023-45839,CVE-2023-45840
|
8.1
|
TALOS-2023-1837
|
Foxit Reader 3D Annot use-after-free vulnerability
|
2023-11-27
|
CVE-2023-32616
|
8.8
|
TALOS-2023-1748
|
WPS Office ET Data use of uninitialized pointer vulnerability
|
2023-11-27
|
CVE-2023-31275
|
8.8
|
TALOS-2023-1838
|
Foxit Reader field value property type confusion vulnerability
|
2023-11-27
|
CVE-2023-41257
|
8.8
|
TALOS-2023-1839
|
Foxit Reader signature field OnBlur event use-after-free vulnerability
|
2023-11-27
|
CVE-2023-38573
|
8.8
|
TALOS-2023-1833
|
Foxit Reader Javascript exportDataObject arbitrary file creation vulnerability
|
2023-11-27
|
CVE-2023-40194
|
8.8
|
TALOS-2023-1832
|
Foxit Reader Javascript saveAs arbitrary file creation vulnerability
|
2023-11-27
|
CVE-2023-39542
|
8.8
|
TALOS-2023-1834
|
Foxit Reader Javascript exportDataObject HTA file creation vulnerability
|
2023-11-27
|
CVE-2023-35985
|
8.8
|
TALOS-2023-1794
|
Adobe Acrobat Reader Thermometer use-after-free vulnerability
|
2023-11-15
|
CVE-2023-44336
|
8.8
|
TALOS-2023-1842
|
Adobe Acrobat Reader U3D page event use-after-free vulnerability
|
2023-11-15
|
CVE-2023-44372
|
8.8
|
TALOS-2023-1835
|
Microsoft Office Professional Plus 2019 FCommitHtmlPivotCacheElement use-after-free vulnerability
|
2023-11-15
|
CVE-2023-36041
|
7.8
|
TALOS-2023-1725
|
Weston Embedded uC-HTTP HTTP Server out-of-bounds write vulnerability
|
2023-11-14
|
CVE-2023-24585
|
7.7
|
TALOS-2023-1733
|
Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability
|
2023-11-14
|
CVE-2023-27882
|
9.0
|
TALOS-2023-1746
|
Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability
|
2023-11-14
|
CVE-2023-31247
|
9.0
|
TALOS-2023-1732
|
Weston Embedded uC-HTTP HTTP Server memory corruption vulnerability
|
2023-11-14
|
CVE-2023-28391
|
9.0
|
TALOS-2023-1738
|
Weston Embedded uC-HTTP HTTP Server form boundary memory corruption vulnerability
|
2023-11-14
|
CVE-2023-28379
|
9.0
|
TALOS-2023-1726
|
Weston Embedded uC-HTTP HTTP Server buffer overflow vulnerability
|
2023-11-14
|
CVE-2023-25181
|
9.0
|
TALOS-2023-1809
|
JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser out-of-bounds write vulnerability
|
2023-10-19
|
CVE-2023-38128
|
7.8
|
TALOS-2023-1825
|
JustSystems Corporation Ichitaro 2023 DocumentViewStyles and DocumentEditStyles stream relative write vulnerabilities
|
2023-10-19
|
CVE-2023-35126
|
7.8
|
TALOS-2023-1758
|
JustSystems Corporation Ichitaro "Figure" stream use-after-free vulnerability
|
2023-10-19
|
CVE-2023-34366
|
7.8
|
TALOS-2023-1808
|
JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser integer overflow vulnerability
|
2023-10-19
|
CVE-2023-38127
|
7.8
|
TALOS-2023-1768
|
SoftEther VPN ClientConnect() information disclosure vulnerability
|
2023-10-12
|
CVE-2023-31192
|
5.3
|
TALOS-2023-1735
|
SoftEther VPN vpnserver WpcParsePacket() heap-based buffer overflow vulnerability
|
2023-10-12
|
CVE-2023-27395
|
9.0
|
TALOS-2023-1737
|
SoftEther VPN vpnserver OvsProcessData denial of service vulnerability
|
2023-10-12
|
CVE-2023-22308
|
7.5
|
TALOS-2023-1743
|
SoftEther VPN vpnserver ConnectionAccept() denial-of-service vulnerability
|
2023-10-12
|
CVE-2023-25774
|
7.5
|
TALOS-2023-1736
|
SoftEther VPN DCRegister DDNS_RPC_MAX_RECV_SIZE denial of service vulnerability
|
2023-10-12
|
CVE-2023-22325
|
5.9
|
TALOS-2023-1741
|
SoftEther VPN vpnserver EnSafeHttpHeaderValueStr denial of service vulnerability
|
2023-10-12
|
CVE-2023-23581
|
7.5
|
TALOS-2023-1753
|
SoftEther VPN CtEnumCa() information disclosure vulnerability
|
2023-10-12
|
CVE-2023-32275
|
5.5
|
TALOS-2023-1754
|
SoftEther VPN CiRpcAccepted() authentication bypass vulnerability
|
2023-10-12
|
CVE-2023-27516
|
7.3
|
TALOS-2023-1755
|
SoftEther VPN CiRpcServerThread() MitM authentication bypass vulnerability
|
2023-10-12
|
CVE-2023-32634
|
7.8
|
TALOS-2023-1787
|
Yifan YF325 httpd manage_post stack-based buffer overflow vulnerabilities
|
2023-10-11
|
CVE-2023-35965,CVE-2023-35966
|
9.8
|
TALOS-2023-1778
|
peplink Surf SOHO HW1 data.cgi xfer_dns OS command injection vulnerability
|
2023-10-11
|
CVE-2023-34356
|
7.2
|
TALOS-2023-1762
|
Yifan YF325 httpd nvram.cgi authentication bypass vulnerability
|
2023-10-11
|
CVE-2023-24479
|
9.8
|
TALOS-2023-1782
|
peplink Surf SOHO HW1 api.cgi cmd.mvpn.x509.write OS command injection vulnerability
|
2023-10-11
|
CVE-2023-35194,CVE-2023-35193
|
7.2
|
TALOS-2023-1766
|
Yifan YF325 httpd manage_request stack-based buffer overflow vulnerability
|
2023-10-11
|
CVE-2023-34426
|
9.8
|
TALOS-2023-1767
|
Yifan YF325 validate.so diag_ping_start command execution vulnerability
|
2023-10-11
|
CVE-2023-32632
|
8.8
|
TALOS-2023-1752
|
Yifan YF325 httpd debug credentials leftover debug code vulnerability
|
2023-10-11
|
CVE-2023-32645
|
9.8
|
TALOS-2023-1763
|
Yifan YF325 libutils.so nvram_restore stack-based buffer overflow vulnerability
|
2023-10-11
|
CVE-2023-34365
|
9.8
|
TALOS-2023-1764
|
Yifan YF325 httpd gwcfg.cgi get stack-based buffer overflow vulnerability
|
2023-10-11
|
CVE-2023-34346
|
9.8
|
TALOS-2023-1781
|
peplink Surf SOHO HW1 upload_brand.cgi cross-site scripting (XSS) vulnerability
|
2023-10-11
|
CVE-2023-34354
|
3.4
|
TALOS-2023-1779
|
peplink Surf SOHO HW1 admin.cgi MVPN_trial_init OS command injection vulnerability
|
2023-10-11
|
CVE-2023-28381
|
7.2
|
TALOS-2023-1780
|
peplink Surf SOHO HW1 admin.cgi USSD_send OS command injection vulnerability
|
2023-10-11
|
CVE-2023-27380
|
7.2
|
TALOS-2023-1761
|
Yifan YF325 httpd next_page buffer overflow vulnerability
|
2023-10-11
|
CVE-2023-35055,CVE-2023-35056
|
8.8
|
TALOS-2023-1788
|
Yifan YF325 gwcfg_cgi_set_manage_post_data stack-based buffer overflow vulnerabilities
|
2023-10-11
|
CVE-2023-35967,CVE-2023-35968
|
9.8
|
TALOS-2023-1765
|
Yifan YF325 httpd do_wds stack-based buffer overflow vulnerability
|
2023-10-11
|
CVE-2023-31272
|
8.8
|
TALOS-2023-1831
|
Webkit MediaRecorder API stopRecording use-after-free vulnerability
|
2023-10-06
|
CVE-2023-39928
|
8.8
|
TALOS-2023-1759
|
Hancom Office 2020 HWord footerr use-after-free vulnerability
|
2023-09-26
|
CVE-2023-32541
|
8.8
|
TALOS-2023-1836
|
Accusoft ImageGear allocate_buffer_for_jpeg_decoding out-of-bounds write vulnerability
|
2023-09-25
|
CVE-2023-40163
|
9.8
|
TALOS-2023-1760
|
Accusoft ImageGear pictwread heap-based buffer overflow vulnerability
|
2023-09-25
|
CVE-2023-35002
|
9.8
|
TALOS-2023-1729
|
Accusoft ImageGear CreateDIBfromPict out-of-bounds write vulnerability
|
2023-09-25
|
CVE-2023-23567
|
8.1
|
TALOS-2023-1751
|
Google Chrome VideoEncoder av1_svc_check_reset_layer_rc_flag use-after-free vulnerability
|
2023-09-25
|
CVE-2023-3421
|
8.3
|
TALOS-2023-1830
|
Accusoft ImageGear tif_parse_sub_IFD use-after-free vulnerability
|
2023-09-25
|
CVE-2023-39453
|
9.8
|
TALOS-2023-1742
|
Accusoft ImageGear tif_processing_dng_channel_count stack-based buffer overflow vulnerability
|
2023-09-25
|
CVE-2023-28393
|
5.6
|
TALOS-2023-1750
|
Accusoft ImageGear tiff_planar_adobe out-of-bounds write vulnerability
|
2023-09-25
|
CVE-2023-32284
|
8.1
|
TALOS-2023-1802
|
Accusoft ImageGear dcm_pixel_data_decode out-of-bounds write vulnerability
|
2023-09-25
|
CVE-2023-32653
|
9.8
|
TALOS-2023-1749
|
Accusoft ImageGear create_png_object heap-based buffer overflow vulnerability
|
2023-09-25
|
CVE-2023-32614
|
7.0
|
TALOS-2023-1769
|
Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability
|
2023-09-05
|
CVE-2023-31242
|
8.1
|
TALOS-2023-1772
|
Open Automation Software OAS Platform OAS Engine User Creation improper input validation vulnerability
|
2023-09-05
|
CVE-2023-34317
|
6.5
|
TALOS-2023-1773
|
Open Automation Software OAS Platform OAS Engine configuration management improper resource allocation vulnerability
|
2023-09-05
|
CVE-2023-34994
|
3.1
|
TALOS-2023-1776
|
Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability
|
2023-09-05
|
CVE-2023-34353
|
7.5
|
TALOS-2023-1775
|
Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability
|
2023-09-05
|
CVE-2023-35124
|
3.1
|
TALOS-2023-1770
|
Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability
|
2023-09-05
|
CVE-2023-34998
|
8.1
|
TALOS-2023-1774
|
Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability
|
2023-09-05
|
CVE-2023-32271
|
6.5
|
TALOS-2023-1771
|
Open Automation Software OAS Platform OAS Engine configuration file write vulnerability
|
2023-09-05
|
CVE-2023-32615
|
6.5
|
TALOS-2023-1720
|
NVIDIA D3D10 Driver Shader Functionality dcl_input index memory corruption vulnerability
|
2023-08-10
|
CVE-2022-34671
|
8.5
|
TALOS-2023-1719
|
NVIDIA D3D10 Driver Shader Functionality undeclared dcl_output memory corruption vulnerability
|
2023-08-10
|
CVE-2022-34671
|
8.5
|
TALOS-2023-1721
|
NVIDIA D3D10 Driver Shader Functionality dcl_resource_structured index memory corruption vulnerability
|
2023-08-10
|
CVE-2022-34671
|
8.5
|
TALOS-2022-1670
|
Open Babel PQS format pFormat uninitialized pointer dereference vulnerability
|
2023-07-21
|
CVE-2022-46280
|
9.8
|
TALOS-2022-1671
|
Open Babel PQS format coord_file out-of-bounds write vulnerability
|
2023-07-21
|
CVE-2022-43467
|
9.8
|
TALOS-2022-1667
|
Open Babel CSR format title out-of-bounds write vulnerability
|
2023-07-21
|
CVE-2022-41793
|
9.8
|
TALOS-2022-1669
|
Open Babel MSI format atom uninitialized pointer dereference vulnerability
|
2023-07-21
|
CVE-2022-44451
|
9.8
|
TALOS-2022-1664
|
Open Babel MOL2 format attribute and value out-of-bounds write vulnerability
|
2023-07-21
|
CVE-2022-43607
|
8.1
|
TALOS-2022-1672
|
Open Babel Gaussian format orientation out-of-bounds write vulnerability
|
2023-07-21
|
CVE-2022-37331
|
7.3
|
TALOS-2022-1668
|
Open Babel GRO format res uninitialized pointer dereference vulnerability
|
2023-07-21
|
CVE-2022-42885
|
9.8
|
TALOS-2022-1666
|
Open Babel translationVectors parsing out-of-bounds write vulnerabilities
|
2023-07-21
|
CVE-2022-46292,CVE-2022-46295,CVE-2022-46294,CVE-2022-46293,CVE-2022-46291
|
9.8
|
TALOS-2022-1665
|
Open Babel ORCA format nAtoms out-of-bounds write vulnerabilities
|
2023-07-21
|
CVE-2022-46289,CVE-2022-46290
|
9.8
|
TALOS-2023-1756
|
Foxit Reader Field Calculate event use-after-free vulnerability
|
2023-07-19
|
CVE-2023-27379
|
8.8
|
TALOS-2023-1739
|
Foxit Reader Choice Field use-after-free vulnerability
|
2023-07-19
|
CVE-2023-28744
|
8.8
|
TALOS-2023-1795
|
Foxit Reader checkThisBox type confusion vulnerability
|
2023-07-19
|
CVE-2023-32664
|
8.8
|
TALOS-2023-1796
|
Foxit Reader Javascript annotation destruction use-after-free vulnerability
|
2023-07-19
|
CVE-2023-33876
|
8.8
|
TALOS-2023-1757
|
Foxit Reader Field OnBlur event use-after-free vulnerability
|
2023-07-19
|
CVE-2023-33866
|
8.8
|
TALOS-2023-1747
|
Microsoft Edge MSDCPDF Javascript addIcon type confusion vulnerability
|
2023-07-17
|
CVE-2023-36887
|
8.1
|
TALOS-2022-1679
|
Apple DCERPC zero length BIND packet infinite loop
|
2023-07-13
|
None
|
5.3
|
TALOS-2022-1658
|
VMware vCenter DCERPC Improper calculation of authentication trailer pointer
|
2023-07-13
|
CVE-2023-20894
|
8.1
|
TALOS-2023-1740
|
VMware vCenter Server DCERPC save_sec_fragment out-of-bounds pointer vulnerability
|
2023-07-13
|
CVE-2023-20895
|
8.1
|
TALOS-2022-1660
|
Apple DCERPC packet stats buffer overflow vulnerability
|
2023-07-13
|
CVE-2023-23513
|
8.1
|
TALOS-2022-1676
|
Apple DCERPC association groups heap overflow
|
2023-07-13
|
CVE-2023-27935
|
7.5
|
TALOS-2022-1677
|
Apple DCERPC call request uninitialized memory heap overflow vulnerability
|
2023-07-13
|
CVE-2023-27934
|
7.5
|
TALOS-2022-1678
|
Apple DCERPC alter context response use-after-free vulnerability
|
2023-07-13
|
CVE-2023-28180
|
7.5
|
TALOS-2022-1689
|
Apple DCERPC fixed array use after free vulnerability
|
2023-07-13
|
CVE-2023-27958
|
7.5
|
TALOS-2023-1800
|
VMWare vCenter Server DCERPC presentation result list out of bounds memory access
|
2023-07-13
|
CVE-2023-20896
|
5.9
|
TALOS-2022-1659
|
Apple DCERPC presentation result list out of bounds memory access
|
2023-07-13
|
CVE-2023-23539
|
5.9
|
TALOS-2023-1801
|
VMware DCERPC call request uninitialized memory heap overflow vulnerability
|
2023-07-13
|
CVE-2023-20892
|
7.5
|
TALOS-2022-1675
|
Apple DCERPC allocation hint uninitialized memory disclosure vulnerability
|
2023-07-13
|
None
|
5.3
|
TALOS-2023-1717
|
Apple DCERPC association groups use-after-free vulnerability
|
2023-07-13
|
CVE-2023-32387
|
7.5
|
TALOS-2022-1688
|
Apple DCERPC array marshaling uninitialized memory disclosure vulnerability
|
2023-07-13
|
CVE-2023-27953
|
5.3
|
TALOS-2023-1799
|
VMWare vCenter Server DCERPC association groups use-after-free vulnerability
|
2023-07-13
|
CVE-2023-20893
|
7.5
|
TALOS-2023-1714
|
Milesight UR32L vtysh_ubus tcpdump_start_cb OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22653
|
8.8
|
TALOS-2023-1711
|
Milesight UR32L ys_thirdparty check_system_user OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22365
|
7.2
|
TALOS-2023-1718
|
Milesight UR32L urvpn_client http_connection_readcb stack-based buffer overflow vulnerability
|
2023-07-06
|
CVE-2023-24019
|
8.1
|
TALOS-2023-1712
|
Milesight UR32L vtysh_ubus _get_fw_logs OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22299
|
8.8
|
TALOS-2023-1713
|
Milesight UR32L ys_thirdparty system_user_script OS command injection vulnerability
|
2023-07-06
|
CVE-2023-24595
|
7.2
|
TALOS-2023-1723
|
Milesight UR32L zebra vlan_name OS command injection vulnerabilities
|
2023-07-06
|
CVE-2023-25582,CVE-2023-25583
|
7.2
|
TALOS-2023-1716
|
Milesight UR32L vtysh_ubus sprintf pattern buffer overflow vulnerabilities
|
2023-07-06
|
CVE-2023-25091,CVE-2023-25107,CVE-2023-25113,CVE-2023-25120,CVE-2023-25122,CVE-2023-25082,CVE-2023-25095,CVE-2023-25117,CVE-2023-25121,CVE-2023-25115,CVE-2023-25118,CVE-2023-25124,CVE-2023-25101,CVE-2023-25123,CVE-2023-25102,CVE-2023-25084,CVE-2023-25093,CVE-2023-25097,CVE-2023-25103,CVE-2023-25096,CVE-2023-25090,CVE-2023-25085,CVE-2023-25106,CVE-2023-25104,CVE-2023-25086,CVE-2023-25088,CVE-2023-25105,CVE-2023-25112,CVE-2023-25089,CVE-2023-25098,CVE-2023-25081,CVE-2023-25094,CVE-2023-25100,CVE-2023-25110,CVE-2023-25109,CVE-2023-25099,CVE-2023-25119,CVE-2023-25083,CVE-2023-25087,CVE-2023-25116,CVE-2023-25092,CVE-2023-25108,CVE-2023-25111,CVE-2023-25114
|
7.2
|
TALOS-2023-1704
|
Milesight MilesightVPN requestHandlers.js detail_device cross-site scripting (XSS) vulnerabilities
|
2023-07-06
|
CVE-2023-24497,CVE-2023-24496
|
4.7
|
TALOS-2023-1706
|
Milesight UR32L vtysh_ubus toolsh_excute.constprop.1 OS command injection vulnerabilities
|
2023-07-06
|
CVE-2023-24519,CVE-2023-24520
|
8.8
|
TALOS-2023-1697
|
Milesight UR32L uhttpd login buffer overflow vulnerability
|
2023-07-06
|
CVE-2023-23902
|
9.8
|
TALOS-2023-1698
|
Milesight UR32L libzebra.so bridge_group OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22306
|
7.2
|
TALOS-2023-1699
|
Milesight UR32L libzebra.so change_hostname OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22659
|
7.2
|
TALOS-2023-1700
|
Milesight MilesightVPN requestHandlers.js verifyToken authentication bypass vulnerability
|
2023-07-06
|
CVE-2023-22844
|
7.3
|
TALOS-2023-1702
|
Milesight MilesightVPN server.js start directory traversal vulnerability
|
2023-07-06
|
CVE-2023-23907
|
7.5
|
TALOS-2023-1703
|
Milesight MilesightVPN liburvpn.so create_private_key OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22371
|
8.1
|
TALOS-2023-1705
|
Milesight UR32L urvpn_client Certificate Validation vulnerability
|
2023-07-06
|
CVE-2023-23546
|
4.2
|
TALOS-2023-1715
|
Milesight UR32L libzebra.so security_decrypt_password buffer overflow vulnerability
|
2023-07-06
|
CVE-2023-24018
|
8.8
|
TALOS-2023-1696
|
Milesight UR32L eventcore access violation vulnerability
|
2023-07-06
|
CVE-2023-23571
|
7.5
|
TALOS-2023-1694
|
Milesight UR32L ys_thirdparty user_delete OS command injection vulnerability
|
2023-07-06
|
CVE-2023-23550
|
7.2
|
TALOS-2023-1695
|
Milesight UR32L luci2-io file-export mib directory traversal vulnerability
|
2023-07-06
|
CVE-2023-23547
|
6.5
|
TALOS-2023-1701
|
Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability
|
2023-07-06
|
CVE-2023-22319
|
7.3
|
TALOS-2023-1710
|
Milesight UR32L urvpn_client cmd_name_action OS command injection vulnerabilities
|
2023-07-06
|
CVE-2023-24583,CVE-2023-24582
|
8.8
|
TALOS-2023-1745
|
Diagon GraphPlanar::Write improper array index validation vulnerability
|
2023-07-05
|
CVE-2023-31194
|
5.3
|
TALOS-2023-1744
|
Diagon Sequence::DrawText heap-based buffer overflow vulnerability
|
2023-07-05
|
CVE-2023-27390
|
7.8
|
TALOS-2023-1724
|
Google Chrome WebGL rx::Image11::disassociateStorage use-after-free vulnerability
|
2023-06-26
|
CVE-2023-1531
|
8.3
|
TALOS-2023-1730
|
Microsoft Office Excel FreePhisxdb arbitrary free vulnerability
|
2023-06-13
|
CVE-2023-32029
|
7.8
|
TALOS-2023-1734
|
Microsoft Office Excel WebCharts out-of-bounds write vulnerability
|
2023-06-13
|
CVE-2023-33133
|
7.8
|
TALOS-2023-1727
|
Mitsubishi Electric Corporation MELSEC iQ-F FX5U MELSOFT Direct memory corruption vulnerability
|
2023-05-26
|
CVE-2023-1424
|
10.0
|
TALOS-2022-1681
|
Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability
|
2023-05-10
|
CVE-2022-46377,CVE-2022-46378
|
6.5
|
TALOS-2022-1680
|
Weston Embedded uC-FTPs Authentication authentication bypass vulnerability
|
2023-05-10
|
CVE-2022-41985
|
8.6
|
TALOS-2023-1693
|
Google Chrome WebRTC RTCStatsCollector out of bounds memory access vulnerability
|
2023-05-04
|
CVE-2023-0698
|
8.3
|
TALOS-2023-1691
|
IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability
|
2023-04-24
|
CVE-2023-28528
|
5.5
|
TALOS-2023-1690
|
IBM Corporation AIX errlog() Log Injection Vulnerability
|
2023-04-24
|
None,CVE-2023-26286
|
5.5
|
TALOS-2022-1593
|
Slic3r libslic3r TriangleMesh clone heap-based buffer overflow vulnerability
|
2023-04-20
|
CVE-2022-36788
|
8.1
|
TALOS-2023-1692
|
Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability
|
2023-04-13
|
CVE-2023-0896
|
9.8
|
TALOS-2022-1684
|
JustSystems Corporation Ichitaro Attribute Arena buffer overflow vulnerability
|
2023-04-05
|
CVE-2022-45115
|
7.8
|
TALOS-2023-1722
|
JustSystems Corporation Ichitaro "LayoutBox" stream heap-based buffer overflow vulnerability
|
2023-04-05
|
CVE-2023-22660
|
7.0
|
TALOS-2022-1687
|
JustSystems Corporation Ichitaro Frame stream parser invalid free vulnerability
|
2023-04-05
|
CVE-2023-22291
|
7.0
|
TALOS-2022-1673
|
Justsystem Ichitaro Protected Attribute Identifier Use-After-Free Vulnerablity
|
2023-04-05
|
CVE-2022-43664
|
7.8
|
TALOS-2022-1594
|
ADMesh stl_fix_normal_directions improper array index validation vulnerability
|
2023-04-03
|
CVE-2022-38072
|
6.5
|
TALOS-2023-1707
|
OpenImageIO Project OpenImageIO TGAInput::read_tga2_header information disclosure vulnerability
|
2023-03-30
|
CVE-2023-24473
|
5.3
|
TALOS-2022-1685
|
ManageEngine OpManager Add UCS Device blind XXE vulnerability
|
2023-03-30
|
CVE-2022-43473
|
5.8
|
TALOS-2023-1709
|
OpenImageIO Project OpenImageIO FitsOutput::close() denial of service vulnerability
|
2023-03-30
|
CVE-2023-24472
|
7.5
|
TALOS-2023-1708
|
OpenImageIO Project OpenImageIO TGAInput::decode_pixel() out-of-bounds read vulnerability
|
2023-03-30
|
CVE-2023-22845
|
7.5
|
TALOS-2023-1731
|
SNIProxy wildcard backend hosts buffer overflow vulnerability
|
2023-03-30
|
CVE-2023-25076
|
9.8
|
TALOS-2022-1598
|
Netgear Orbi Router RBR750 Remote Management cleartext transmission vulnerability
|
2023-03-21
|
CVE-2022-38458
|
6.5
|
TALOS-2022-1595
|
Netgear Orbi Router RBR750 hidden telnet service command execution vulnerability
|
2023-03-21
|
CVE-2022-38452
|
7.2
|
TALOS-2022-1596
|
Netgear Orbi Router RBR750 access control command execution vulnerability
|
2023-03-21
|
CVE-2022-37337
|
9.1
|
TALOS-2022-1597
|
Netgear Orbi Satellite RBS750 ubus backend communications command execution vulnerability
|
2023-03-21
|
CVE-2022-36429
|
7.2
|
TALOS-2022-1683
|
WellinTech KingHistorian User authentication information disclosure vulnerability
|
2023-03-20
|
CVE-2022-45124
|
7.5
|
TALOS-2022-1674
|
WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability
|
2023-03-20
|
CVE-2022-43663
|
8.1
|
TALOS-2022-1645
|
Ghost Foundation node-sqlite3 code execution vulnerability
|
2023-03-16
|
CVE-2022-43441
|
8.1
|
TALOS-2022-1662
|
EIP Stack Group OpENer SetAttributeList attribute_count_request out-of-bounds write vulnerability
|
2023-02-23
|
CVE-2022-43605
|
10.0
|
TALOS-2022-1663
|
EIP Stack Group OpENer Forward Open connection_management_entry use of uninitialized pointer vulnerability
|
2023-02-23
|
CVE-2022-43606
|
7.5
|
TALOS-2022-1661
|
EIP Stack Group OpENer GetAttributeList attribute_count_request out-of-bounds write vulnerability
|
2023-02-23
|
CVE-2022-43604
|
10.0
|
TALOS-2022-1682
|
ESTsoft Alyac NT header out of bounds read
|
2023-02-02
|
CVE-2022-43665
|
5.0
|
TALOS-2022-1619
|
Moxa SDS-3008 Series Industrial Ethernet Switch web application stored cross-site scripting vulnerability
|
2023-02-02
|
CVE-2022-41313,CVE-2022-41311,CVE-2022-41312
|
4.3
|
TALOS-2022-1618
|
Moxa SDS-3008 Series Industrial Ethernet Switch web server denial of service vulnerability
|
2023-02-02
|
CVE-2022-40224
|
5.3
|
TALOS-2022-1616
|
Moxa SDS-3008 Series Industrial Ethernet Switch web application cleartext transmission vulnerability
|
2023-02-02
|
CVE-2022-40693
|
5.9
|
TALOS-2022-1621
|
Moxa SDS-3008 Series Industrial Ethernet Switch web application information disclosure vulnerability
|
2023-02-02
|
CVE-2022-40691
|
5.3
|
TALOS-2022-1642
|
FreshTomato httpd update.cgi directory traversal vulnerability
|
2023-01-26
|
CVE-2022-38451
|
6.8
|
TALOS-2022-1612
|
Siretta QUARTZ-GOLD httpd txt/restore.cgi OS command injection vulnerability
|
2023-01-26
|
CVE-2022-40220
|
7.2
|
TALOS-2022-1609
|
Siretta QUARTZ-GOLD httpd downfile.cgi directory traversal vulnerability
|
2023-01-26
|
CVE-2022-38088
|
4.9
|
TALOS-2022-1611
|
Siretta QUARTZ-GOLD httpd upload.cgi file write vulnerability
|
2023-01-26
|
CVE-2022-39045
|
7.2
|
TALOS-2022-1615
|
Siretta QUARTZ-GOLD httpd SNMP OS command injection vulnerability
|
2023-01-26
|
CVE-2022-38066
|
7.2
|
TALOS-2022-1610
|
Siretta QUARTZ-GOLD httpd shell.cgi leftover debug code vulnerability
|
2023-01-26
|
CVE-2022-38715
|
7.2
|
TALOS-2022-1608
|
Siretta QUARTZ-GOLD httpd downfile.cgi stack-based buffer overflow vulnerability
|
2023-01-26
|
CVE-2022-38459
|
7.2
|
TALOS-2022-1639
|
Siretta QUARTZ-GOLD m2m DELETE_FILE cmd heap-based buffer overflow vulnerability
|
2023-01-26
|
CVE-2022-41991
|
9.8
|
TALOS-2022-1607
|
Siretta QUARTZ-GOLD httpd delfile.cgi OS command injection vulnerability
|
2023-01-26
|
CVE-2022-40969
|
7.2
|
TALOS-2022-1606
|
Siretta QUARTZ-GOLD httpd delfile.cgi directory traversal vulnerability
|
2023-01-26
|
CVE-2022-40701
|
6.5
|
TALOS-2022-1638
|
Siretta QUARTZ-GOLD m2m DELETE_FILE cmd OS command injection vulnerability
|
2023-01-26
|
CVE-2022-40222
|
9.8
|
TALOS-2022-1637
|
Siretta QUARTZ-GOLD m2m DELETE_FILE cmd directory traversal vulnerability
|
2023-01-26
|
CVE-2022-41154
|
8.2
|
TALOS-2022-1641
|
FreshTomato httpd logs/view.cgi OS command injection vulnerability
|
2023-01-26
|
CVE-2022-42484
|
9.1
|
TALOS-2022-1613
|
Siretta QUARTZ-GOLD DetranCLI command parsing stack-based buffer overflow vulnerabilities
|
2023-01-26
|
CVE-2022-40992,CVE-2022-41018,CVE-2022-41005,CVE-2022-41028,CVE-2022-40990,CVE-2022-40985,CVE-2022-40989,CVE-2022-40991,CVE-2022-40994,CVE-2022-41002,CVE-2022-41012,CVE-2022-41019,CVE-2022-41030,CVE-2022-41011,CVE-2022-41027,CVE-2022-40986,CVE-2022-41007,CVE-2022-41022,CVE-2022-41020,CVE-2022-40995,CVE-2022-40998,CVE-2022-41001,CVE-2022-41006,CVE-2022-41014,CVE-2022-41029,CVE-2022-41010,CVE-2022-40997,CVE-2022-40996,CVE-2022-41016,CVE-2022-40988,CVE-2022-41017,CVE-2022-41004,CVE-2022-41013,CVE-2022-41000,CVE-2022-40999,CVE-2022-41025,CVE-2022-41008,CVE-2022-41015,CVE-2022-41026,CVE-2022-41024,CVE-2022-41009,CVE-2022-41003,CVE-2022-40993,CVE-2022-41021,CVE-2022-40987,CVE-2022-41023
|
7.2
|
TALOS-2022-1605
|
Siretta QUARTZ-GOLD httpd delfile.cgi stack-based buffer overflow vulnerability
|
2023-01-26
|
CVE-2022-36279
|
7.2
|
TALOS-2022-1640
|
Siretta QUARTZ-GOLD m2m m2m_parse_router_config cmd OS command injection vulnerabilities
|
2023-01-26
|
CVE-2022-42492,CVE-2022-42491,CVE-2022-42493,CVE-2022-42490
|
9.8
|
TALOS-2022-1686
|
Ghost Foundation Ghost Post Creation insecure default installation vulnerability
|
2023-01-19
|
CVE-2022-47197,CVE-2022-47195,CVE-2022-47194,CVE-2022-47196
|
9.0
|
TALOS-2022-1646
|
Mitsubishi Electric Corporation MELSEC iQ-FX5U webserver session identifier generation authentication bypass vulnerability
|
2023-01-18
|
CVE-2022-40267
|
7.1
|
TALOS-2022-1617
|
Qt Project Qt QML QtScript Reflect API integer overflow vulnerability
|
2023-01-12
|
CVE-2022-40983
|
8.8
|
TALOS-2022-1650
|
Qt Project Qt QML QtScript Javascript spreading buffer overflow vulnerability
|
2023-01-12
|
CVE-2022-43591
|
8.8
|
TALOS-2022-1586
|
Asus RT-AX82U get_IFTTTTtoken.cgi authentication bypass vulnerability
|
2023-01-10
|
CVE-2022-35401
|
9.0
|
TALOS-2022-1592
|
Asus RT-AX82U cfg_server cm_processConnDiagPktList denial of service vulnerability
|
2023-01-10
|
CVE-2022-38393
|
7.5
|
TALOS-2022-1590
|
Asus RT-AX82U cfg_server cm_processREQ_NC information disclosure vulnerability
|
2023-01-10
|
CVE-2022-38105
|
7.5
|
TALOS-2022-1653
|
OpenImageIO Project OpenImageIO Image Output Close denial of service vulnerability
|
2022-12-22
|
CVE-2022-43594,CVE-2022-43595
|
5.9
|
TALOS-2022-1657
|
OpenImageIO Project OpenImageIO ZfileOutput::close() denial of service vulnerability
|
2022-12-22
|
CVE-2022-43603
|
5.9
|
TALOS-2022-1631
|
OpenImageIO TIFF file IPTC data information disclosure vulnerability
|
2022-12-22
|
CVE-2022-41649
|
7.5
|
TALOS-2022-1656
|
OpenImageIO Project OpenImageIO IFFOutput wild write vulnerability
|
2022-12-22
|
CVE-2022-43601,CVE-2022-43600,CVE-2022-43599,CVE-2022-43602
|
8.1
|
TALOS-2022-1654
|
OpenImageIO Project OpenImageIO IFFOutput channel interleaving information disclosure vulnerability
|
2022-12-22
|
CVE-2022-43596
|
5.9
|
TALOS-2022-1633
|
OpenImageIO TIFF tile pels decoding heap-based buffer overflow
|
2022-12-22
|
CVE-2022-41639
|
9.8
|
TALOS-2022-1652
|
OpenImageIO Project OpenImageIO DPXOutput::close() denial of service vulnerability
|
2022-12-22
|
CVE-2022-43593
|
5.9
|
TALOS-2022-1651
|
OpenImageIO Project OpenImageIO DPXOutput::close() information disclosure vulnerability
|
2022-12-22
|
CVE-2022-43592
|
5.9
|
TALOS-2022-1643
|
OpenImageIO TIFF IPTC decoding information disclosure vulnerability
|
2022-12-22
|
CVE-2022-41988
|
5.3
|
TALOS-2022-1636
|
OpenImageIO Exif out-of-bounds write vulnerability
|
2022-12-22
|
CVE-2022-41837
|
9.8
|
TALOS-2022-1635
|
OpenImageIO DDS native tile reading denial of service vulnerability
|
2022-12-22
|
CVE-2022-41999
|
7.5
|
TALOS-2022-1628
|
OpenImageIO TGA Format Stack Buffer Overflow Vulnerability
|
2022-12-22
|
CVE-2022-41981
|
8.1
|
TALOS-2022-1630
|
OpenImageIO RLE encoded BMP image out-of-bounds write vulnerability
|
2022-12-22
|
CVE-2022-38143
|
9.8
|
TALOS-2022-1627
|
OpenImageIO TIFF file string field information disclosure vulnerability
|
2022-12-22
|
CVE-2022-41977
|
5.3
|
TALOS-2022-1626
|
OpenImageIO PSD thumbnail resource code execution vulnerability
|
2022-12-22
|
CVE-2022-41794
|
9.8
|
TALOS-2022-1629
|
OpenImageIO RLA format rle span out-of-bounds read vulnerability
|
2022-12-22
|
CVE-2022-36354
|
5.3
|
TALOS-2022-1632
|
OpenImageIO PSD format image file directory denial of service vulnerability
|
2022-12-22
|
CVE-2022-41684
|
7.5
|
TALOS-2022-1634
|
OpenImageIO DDS scanline parsing code execution vulnerability
|
2022-12-22
|
CVE-2022-41838
|
9.8
|
TALOS-2022-1655
|
OpenImageIO Project OpenImageIO IFFOutput alignment padding memory corruption vulnerability
|
2022-12-22
|
CVE-2022-43598,CVE-2022-43597
|
8.1
|
TALOS-2022-1624
|
Ghost unauthorized newsletter modification vulnerability
|
2022-12-21
|
CVE-2022-41654
|
9.6
|
TALOS-2022-1625
|
Ghost user enumeration vulnerablity
|
2022-12-21
|
CVE-2022-41697
|
5.3
|
TALOS-2022-1589
|
OpenStack Kolla sudo privilege escalation vulnerability
|
2022-12-20
|
CVE-2022-38060
|
8.8
|
TALOS-2022-1599
|
OpenStack oslo.privsep privilege escalation vulnerability
|
2022-12-20
|
CVE-2022-38065
|
8.8
|
TALOS-2022-1588
|
VMware vCenter Server Content Library denial of service vulnerability
|
2022-12-13
|
CVE-2022-31698
|
8.6
|
TALOS-2022-1644
|
PowerISO VHD File Format parsing CXSPARSE record memory corruption vulnerability
|
2022-12-07
|
CVE-2022-41992
|
7.8
|
TALOS-2022-1604
|
NVIDIA D3D10 Driver Shader Functionality DCL_INDEXRANGE instruction memory corruption vulnerability
|
2022-12-06
|
CVE-2022-34671
|
8.5
|
TALOS-2022-1603
|
NVIDIA D3D10 Driver Shader Functionality MOV instruction memory corruption vulnerability
|
2022-12-06
|
CVE-2022-34671
|
8.5
|
TALOS-2022-1541
|
Lansweeper lansweeper SanitizeHtml cross-site scripting (XSS) vulnerability
|
2022-12-01
|
CVE-2022-32763
|
9.1
|
TALOS-2022-1528
|
Lansweeper lansweeper AssetActions.aspx directory traversal vulnerability
|
2022-12-01
|
CVE-2022-32573
|
9.9
|
TALOS-2022-1531
|
Lansweeper lansweeper TicketTemplateActions.aspx GetTemplateAttachment directory traversal vulnerability
|
2022-12-01
|
CVE-2022-27498
|
9.1
|
TALOS-2022-1529
|
Lansweeper lansweeper HelpdeskActions.aspx edittemplate directory traversal vulnerability
|
2022-12-01
|
CVE-2022-29517
|
9.9
|
TALOS-2022-1532
|
Lansweeper lansweeper HdConfigActions.aspx altertextlanguages stored cross-site scripting vulnerability
|
2022-12-01
|
CVE-2022-28703
|
9.1
|
TALOS-2022-1530
|
Lansweeper lansweeper KnowledgebasePageActions.aspx ImportArticles directory traversal vulnerability
|
2022-12-01
|
CVE-2022-29511
|
9.1
|
TALOS-2022-1647
|
Callback technologies CBFS Filter handle_ioctl_83150 null pointer dereference vulnerability
|
2022-11-22
|
CVE-2022-43588
|
6.2
|
TALOS-2022-1649
|
Callback technologies CBFS Filter handle_ioctl_0x830a0_systembuffer null pointer dereference vulnerability
|
2022-11-22
|
CVE-2022-43590
|
6.2
|
TALOS-2022-1648
|
Callback technologies CBFS Filter handle_ioctl_8314C null pointer dereference vulnerability
|
2022-11-22
|
CVE-2022-43589
|
6.2
|
TALOS-2022-1591
|
Microsoft Office class attribute double-free vulnerability
|
2022-11-15
|
CVE-2022-41106
|
7.8
|
TALOS-2022-1602
|
Foxit Reader openPlayer use-after-free vulnerability
|
2022-11-10
|
CVE-2022-37332
|
8.8
|
TALOS-2022-1614
|
Foxit Reader Optional Content Group use-after-free vulnerability
|
2022-11-10
|
CVE-2022-40129
|
8.8
|
TALOS-2022-1601
|
Foxit Reader annotation destroy use-after-free vulnerability
|
2022-11-10
|
CVE-2022-38097
|
8.8
|
TALOS-2022-1600
|
Foxit Reader deletePages Field Calculate use-after-free vulnerability
|
2022-11-10
|
CVE-2022-32774
|
8.8
|
TALOS-2022-1544
|
Accusoft ImageGear PICT parsing pctwread_14841 out-of-bounds write vulnerability
|
2022-10-27
|
CVE-2022-32588
|
9.8
|
TALOS-2022-1519
|
InHand Networks InRouter302 console infct leftover debug code vulnerability
|
2022-10-27
|
CVE-2022-30543
|
4.3
|
TALOS-2022-1520
|
InHand Networks InRouter302 console verify leftover debug code vulnerability
|
2022-10-27
|
CVE-2022-26023
|
6.5
|
TALOS-2022-1521
|
InHand Networks InRouter302 console support leftover debug code vulnerability
|
2022-10-27
|
CVE-2022-28689
|
6.5
|
TALOS-2022-1523
|
InHand Networks InRouter302 Incorrect fixes privilege escalation vulnerability
|
2022-10-27
|
CVE-2022-25932
|
7.4
|
TALOS-2022-1518
|
InHand Networks InRouter302 console nvram leftover debug code vulnerability
|
2022-10-27
|
CVE-2022-29481
|
4.9
|
TALOS-2022-1522
|
InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability
|
2022-10-27
|
CVE-2022-29888
|
6.5
|
TALOS-2022-1585
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect format string injection vulnerabilities
|
2022-10-20
|
CVE-2022-35885,CVE-2022-35886,CVE-2022-35884,CVE-2022-35887
|
8.2
|
TALOS-2022-1560
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD setIPCam stack-based buffer overflow vulnerability
|
2022-10-20
|
CVE-2022-32454
|
10.0
|
TALOS-2022-1559
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP OS command injection vulnerabilities
|
2022-10-20
|
CVE-2022-33194,CVE-2022-33195,CVE-2022-33193,CVE-2022-33192
|
10.0
|
TALOS-2022-1558
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability
|
2022-10-20
|
CVE-2022-33189
|
10.0
|
TALOS-2022-1553
|
Abode Systems, Inc. iota All-In-One Security Kit XFINDER information disclosure vulnerability
|
2022-10-20
|
CVE-2022-29475
|
4.7
|
TALOS-2022-1567
|
Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_abode_code OS command injection vulnerability
|
2022-10-20
|
CVE-2022-27804
|
8.0
|
TALOS-2022-1564
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost integer overflow vulnerability
|
2022-10-20
|
CVE-2022-32775
|
9.0
|
TALOS-2022-1562
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/iperf OS command injection vulnerability
|
2022-10-20
|
CVE-2022-30603
|
10.0
|
TALOS-2022-1568
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect OS command injection vulnerabilities
|
2022-10-20
|
CVE-2022-33205,CVE-2022-33204,CVE-2022-33206,CVE-2022-33207
|
10.0
|
TALOS-2022-1566
|
Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_serial_mac OS command injection vulnerability
|
2022-10-20
|
CVE-2022-29472
|
10.0
|
TALOS-2022-1584
|
Abode Systems, Inc. iota All-In-One Security Kit ghome_process_control_packet format string injection vulnerability
|
2022-10-20
|
CVE-2022-33938
|
8.2
|
TALOS-2022-1557
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD setUPnP OS command injection vulnerability
|
2022-10-20
|
CVE-2022-30541
|
10.0
|
TALOS-2022-1561
|
Abode Systems, Inc. iota All-In-One Security Kit console_main_loop :sys OS command injection vulnerability
|
2022-10-20
|
CVE-2022-29520
|
8.1
|
TALOS-2022-1583
|
Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities
|
2022-10-20
|
CVE-2022-35879,CVE-2022-35878,CVE-2022-35881,CVE-2022-35880
|
7.1
|
TALOS-2022-1556
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug OS Command Injection vulnerability
|
2022-10-20
|
CVE-2022-32773
|
10.0
|
TALOS-2022-1581
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP format string injection vulnerabilities
|
2022-10-20
|
CVE-2022-35877,CVE-2022-35874,CVE-2022-35875,CVE-2022-35876
|
8.2
|
TALOS-2022-1582
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD getVarHA memory corruption vulnerability
|
2022-10-20
|
CVE-2022-35244
|
9.8
|
TALOS-2022-1552
|
Abode Systems, Inc. iota All-In-One Security Kit GHOME control authentication bypass vulnerability
|
2022-10-20
|
CVE-2022-27805
|
9.8
|
TALOS-2022-1563
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost OS command injection vulnerability
|
2022-10-20
|
CVE-2022-32586
|
8.0
|
TALOS-2022-1569
|
Abode Systems, Inc. iota All-In-One Security Kit telnet hard-coded password vulnerability
|
2022-10-20
|
CVE-2022-29889
|
9.8
|
TALOS-2022-1554
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory* authentication bypass vulnerability
|
2022-10-20
|
CVE-2022-29477
|
8.6
|
TALOS-2022-1565
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamSetParamPost double-free vulnerability
|
2022-10-20
|
CVE-2022-32574
|
7.5
|
TALOS-2022-1555
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug denial of service vulnerability
|
2022-10-20
|
CVE-2022-32760
|
8.6
|
TALOS-2022-1577
|
Robustel R1510 js_package install OS command injection vulnerability
|
2022-10-14
|
CVE-2022-33150
|
9.1
|
TALOS-2022-1579
|
Robustel R1510 web_server /ajax/remove/ directory traversal vulnerability
|
2022-10-14
|
CVE-2022-33897
|
4.9
|
TALOS-2022-1580
|
Robustel R1510 sysupgrade firmware update vulnerability
|
2022-10-14
|
CVE-2022-34845
|
6.7
|
TALOS-2022-1575
|
Robustel R1510 web_server hashFirst denial of service vulnerability
|
2022-10-14
|
CVE-2022-35266,CVE-2022-35265,CVE-2022-35267,CVE-2022-35262,CVE-2022-35261,CVE-2022-35264,CVE-2022-35263,CVE-2022-35271,CVE-2022-35270,CVE-2022-35269,CVE-2022-35268
|
4.9
|
TALOS-2022-1578
|
Robustel R1510 web_server /action/import_authorized_keys/ OS command injection vulnerability
|
2022-10-14
|
CVE-2022-34850
|
9.1
|
TALOS-2022-1576
|
Robustel R1510 sysupgrade command injection OS command injection vulnerability
|
2022-10-14
|
CVE-2022-32765
|
9.1
|
TALOS-2022-1587
|
VMware vCenter Server Platform Services Controller Unsafe Deserialization vulnerability
|
2022-10-10
|
CVE-2022-31680
|
8.7
|
TALOS-2022-1574
|
Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability
|
2022-10-04
|
CVE-2022-33896
|
7.8
|
TALOS-2022-1517
|
uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities
|
2022-09-22
|
CVE-2022-29503
|
8.1
|
TALOS-2022-1497
|
Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability
|
2022-08-17
|
CVE-2022-35821
|
4.4
|
TALOS-2022-1545
|
WWBN AVideo password hash improper authentication vulnerability
|
2022-08-16
|
CVE-2022-32282
|
7.2
|
TALOS-2022-1546
|
WWBN AVideo aVideoEncoder chunkfile OS command injection vulnerability
|
2022-08-16
|
CVE-2022-30534
|
9.9
|
TALOS-2022-1539
|
WWBN AVideo image403 cross-site scripting (XSS) vulnerability
|
2022-08-16
|
CVE-2022-30690
|
9.6
|
TALOS-2022-1536
|
WWBN AVideo objects id handling authentication bypass vulnerability
|
2022-08-16
|
CVE-2022-32768,CVE-2022-32769
|
4.8
|
TALOS-2022-1549
|
WWBN AVideo aVideoEncoderReceiveImage information disclosure vulnerability
|
2022-08-16
|
CVE-2022-32761
|
6.5
|
TALOS-2022-1487
|
HDF5 Group libhdf5 gif2h5 heap-based buffer overflow vulnerability
|
2022-08-16
|
CVE-2022-26061
|
7.8
|
TALOS-2022-1550
|
WWBN AVideo chunkFile information disclosure vulnerability
|
2022-08-16
|
CVE-2022-28710
|
6.5
|
TALOS-2022-1486
|
HDF5 Group libhdf5 gif2h5 out-of-bounds read vulnerability
|
2022-08-16
|
CVE-2022-25942
|
7.8
|
TALOS-2022-1535
|
WWBN AVideo session id privilege escalation vulnerability
|
2022-08-16
|
CVE-2022-30605
|
8.8
|
TALOS-2022-1540
|
WWBN AVideo videoAddNew cross-site scripting (XSS) vulnerability
|
2022-08-16
|
CVE-2022-28712
|
9.0
|
TALOS-2022-1538
|
WWBN AVideo footer alerts cross-site scripting (XSS) vulnerability
|
2022-08-16
|
CVE-2022-32770,CVE-2022-32772,CVE-2022-32771
|
9.6
|
TALOS-2022-1542
|
WWBN AVideo cookie information disclosure vulnerability
|
2022-08-16
|
CVE-2022-32777,CVE-2022-32778
|
7.5
|
TALOS-2022-1547
|
WWBN AVideo aVideoEncoder unzipDirectory directory traversal vulnerability
|
2022-08-16
|
CVE-2022-30547
|
9.9
|
TALOS-2022-1515
|
Microsoft DirectComposition GetWeakReferenceBase null pointer dereference vulnerability
|
2022-08-16
|
CVE-2022-40733
|
5.0
|
TALOS-2022-1551
|
WWBN AVideo ObjectYPT SQL injection vulnerability
|
2022-08-16
|
CVE-2022-33147,CVE-2022-34652,CVE-2022-33149,CVE-2022-33148
|
8.3
|
TALOS-2022-1514
|
Microsoft DirectComposition CCompositionSurfaceBitmapMarshaler null pointer dereference vulnerability
|
2022-08-16
|
CVE-2022-40732
|
5.0
|
TALOS-2022-1548
|
WWBN AVideo aVideoEncoder wget OS command injection vulnerability
|
2022-08-16
|
CVE-2022-32572
|
9.9
|
TALOS-2022-1534
|
WWBN AVideo all cross-site request forgery (csrf) vulnerability
|
2022-08-16
|
CVE-2022-29468
|
8.8
|
TALOS-2022-1485
|
HDF5 Group libhdf5 gif2h5 out-of-bounds write vulnerability
|
2022-08-16
|
CVE-2022-25972
|
7.8
|
TALOS-2022-1537
|
WWBN AVideo charts tab selection cross-site scripting (XSS) vulnerability
|
2022-08-16
|
CVE-2022-26842
|
9.6
|
TALOS-2022-1533
|
ESTsoft Alyac OLE header Mini FAT sectors integer overflow
|
2022-08-03
|
CVE-2022-29886
|
7.3
|
TALOS-2022-1527
|
ESTsoft Alyac OLE header parsing integer overflow
|
2022-08-03
|
CVE-2022-32543
|
7.3
|
TALOS-2022-1482
|
TCL LinkHub Mesh Wi-Fi confsrv addTimeGroup stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-25996
|
8.8
|
TALOS-2022-1457
|
TCL LinkHub Mesh Wifi confsrv ucloud_add_node_new OS command injection vulnerability
|
2022-08-01
|
CVE-2022-21178
|
9.6
|
TALOS-2022-1456
|
TCL LinkHub Mesh Wifi confers ucloud_add_node_new stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-21201
|
8.8
|
TALOS-2022-1455
|
TCL LinkHub Mesh Wifi confsrv set_mf_rule stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-23919,CVE-2022-23918
|
8.8
|
TALOS-2022-1458
|
TCL LinkHub Mesh Wifi confsrv ucloud_add_node OS command injection vulnerability
|
2022-08-01
|
CVE-2022-22140
|
9.6
|
TALOS-2022-1505
|
TCL LinkHub Mesh Wifi confctl_set_master_wlan denial of service vulnerability
|
2022-08-01
|
CVE-2022-27185
|
9.3
|
TALOS-2022-1502
|
TCL LinkHub Mesh Wifi confctl_set_guest_wlan denial of service vulnerability
|
2022-08-01
|
CVE-2022-27660
|
9.3
|
TALOS-2022-1484
|
TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-26342
|
8.8
|
TALOS-2022-1483
|
TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-26009
|
8.8
|
TALOS-2022-1507
|
TCL LinkHub Mesh Wifi ucloud_del_node denial of service vulnerability
|
2022-08-01
|
CVE-2022-26346
|
9.6
|
TALOS-2022-1504
|
TCL LinkHub Mesh Wifi confctl_get_master_wlan information disclosure vulnerability
|
2022-08-01
|
CVE-2022-27630
|
6.5
|
TALOS-2022-1454
|
TCL LinkHub Mesh Wifi confsrv set_port_fwd_rule stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-23399
|
8.8
|
TALOS-2022-1503
|
TCL LinkHub Mesh Wifi confctl_get_guest_wlan information disclosure vulnerability
|
2022-08-01
|
CVE-2022-27633
|
6.5
|
TALOS-2022-1459
|
TCL LinkHub Mesh Wifi libcommonprod.so prod_change_root_passwd hard-coded password vulnerability
|
2022-08-01
|
CVE-2022-22144
|
7.5
|
TALOS-2022-1462
|
TCL LinkHub Mesh Wi-Fi confsrv confctl_set_app_language stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-23103
|
8.8
|
TALOS-2022-1463
|
TCL LinkHub Mesh Wifi GetValue buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-24021,CVE-2022-24011,CVE-2022-24028,CVE-2022-24023,CVE-2022-24026,CVE-2022-24016,CVE-2022-24005,CVE-2022-24019,CVE-2022-24029,CVE-2022-24007,CVE-2022-24017,CVE-2022-24008,CVE-2022-24006,CVE-2022-24013,CVE-2022-24009,CVE-2022-24010,CVE-2022-24020,CVE-2022-24015,CVE-2022-24012,CVE-2022-24022,CVE-2022-24014,CVE-2022-24027,CVE-2022-24025,CVE-2022-24018,CVE-2022-24024
|
9.6
|
TALOS-2022-1506
|
TCL LinkHub Mesh Wi-Fi confctl_set_wan_cfg denial of service vulnerability
|
2022-08-01
|
CVE-2022-27178
|
9.6
|
TALOS-2022-1510
|
DD-WRT httpd unescape memory corruption vulnerability
|
2022-07-27
|
CVE-2022-27631
|
5.3
|
TALOS-2022-1509
|
FreshTomato httpd unescape memory corruption vulnerability
|
2022-07-27
|
CVE-2022-28665,CVE-2022-28664
|
5.3
|
TALOS-2022-1511
|
Asuswrt and Asuswrt-Merlin New Gen httpd unescape memory corruption vulnerability
|
2022-07-27
|
CVE-2022-26376
|
5.3
|
TALOS-2022-1526
|
Accusoft ImageGear PSD Header processing memory allocation out-of-bounds write vulnerability
|
2022-07-18
|
CVE-2022-29465
|
8.1
|
TALOS-2022-1508
|
Google Chrome WebGPU DoBufferDestroy kDirect allocation use-after-free vulnerability
|
2022-07-14
|
CVE-2022-2399
|
8.3
|
TALOS-2022-1516
|
Adobe Acrobat Reader DC overlapping annotations type confusion vulnerability
|
2022-07-13
|
CVE-2022-34221
|
8.8
|
TALOS-2022-1525
|
Adobe Acrobat Reader DC event value use-after-free
|
2022-07-13
|
CVE-2022-34230
|
8.8
|
TALOS-2022-1571
|
Robustel R1510 web_server /action/remove/ API data removal vulnerability
|
2022-06-30
|
CVE-2022-28127
|
8.7
|
TALOS-2022-1570
|
Robustel R1510 clish art2 command execution vulnerability
|
2022-06-30
|
CVE-2022-32585
|
9.1
|
TALOS-2022-1572
|
Robustel R1510 web_server action endpoints OS command injection vulnerabilities
|
2022-06-30
|
CVE-2022-33312,CVE-2022-33313,CVE-2022-33314
|
9.1
|
TALOS-2022-1573
|
Robustel R1510 web_server ajax endpoints OS command injection vulnerabilities
|
2022-06-30
|
CVE-2022-33326,CVE-2022-33329,CVE-2022-33327,CVE-2022-33325,CVE-2022-33328
|
9.1
|
TALOS-2022-1461
|
Bachmann Visutec GmbH Atvise License registration information disclosure vulnerability
|
2022-06-15
|
CVE-2022-21184
|
5.9
|
TALOS-2022-1524
|
Blynk Blynk-Library BlynkConsole.h runCommand stack-based buffer overflow vulnerability
|
2022-06-15
|
CVE-2022-29496
|
9.0
|
TALOS-2022-1440
|
Anker Eufy Homebase 2 mips_collector appsrv_server use-after-free vulnerability
|
2022-06-15
|
CVE-2022-21806
|
10.0
|
TALOS-2022-1494
|
Open Automation Software Platform Engine SecureBrowseFile information disclosure vulnerability
|
2022-05-25
|
CVE-2022-27169
|
7.5
|
TALOS-2022-1493
|
Open Automation Software Platform Engine SecureTransferFiles file write vulnerability
|
2022-05-25
|
CVE-2022-26082
|
9.1
|
TALOS-2022-1492
|
Open Automation Software Platform Engine SecureTransferFiles information disclosure vulnerability
|
2022-05-25
|
CVE-2022-26067
|
4.9
|
TALOS-2022-1491
|
Open Automation Software Platform Engine SecureConfigValues denial of service vulnerability
|
2022-05-25
|
CVE-2022-26026
|
7.5
|
TALOS-2022-1489
|
Open Automation Software Platform Engine SecureAddSecurity external config control vulnerability
|
2022-05-25
|
CVE-2022-26043
|
7.5
|
TALOS-2022-1490
|
Open Automation Software Platform Engine cleartext transmission of sensitive information vulnerability
|
2022-05-25
|
CVE-2022-26077
|
7.5
|
TALOS-2022-1488
|
Open Automation Software Platform Engine SecureAddUser External config control vulnerability
|
2022-05-25
|
CVE-2022-26303
|
7.5
|
TALOS-2022-1513
|
Open Automation Software OAS Platform REST API unauthenticated vulnerability
|
2022-05-25
|
CVE-2022-26833
|
9.4
|
TALOS-2021-1436
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXRANGE memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28182
|
8.5
|
TALOS-2021-1438
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_RESOURCE_STRUCTURED memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28182
|
8.5
|
TALOS-2021-1435
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXABLE memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28181
|
8.5
|
TALOS-2021-1437
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_UNORDERED_ACCESS_VIEW_STRUCTURED memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28182
|
8.5
|
TALOS-2022-1478
|
InHand Networks InRouter302 daretools binary OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26042
|
9.9
|
TALOS-2022-1473
|
InHand Networks InRouter302 httpd wlscan_ASP OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26085
|
9.9
|
TALOS-2022-1477
|
InHand Networks InRouter302 console inhand command execution vulnerability
|
2022-05-10
|
CVE-2022-25995
|
9.9
|
TALOS-2022-1500
|
InHand Networks InRouter302 console infactory_wlan command injection vulnerability
|
2022-05-10
|
CVE-2022-26075
|
9.9
|
TALOS-2022-1452
|
ESTsoft Alyac PE section headers out of bounds read
|
2022-05-10
|
CVE-2022-21147
|
5.0
|
TALOS-2022-1481
|
InHand Networks InRouter302 libnvram.so nvram_import improper input validation vulnerabilities
|
2022-05-10
|
CVE-2022-26780,CVE-2022-26781,CVE-2022-26782
|
9.9
|
TALOS-2022-1501
|
InHand Networks InRouter302 console infactory_net command injection vulnerability
|
2022-05-10
|
CVE-2022-26518
|
9.9
|
TALOS-2022-1474
|
InHand Networks InRouter302 router configuration export information disclosure vulnerability
|
2022-05-10
|
CVE-2022-26020
|
6.3
|
TALOS-2022-1471
|
InHand Networks InRouter302 httpd parse_ping_result API buffer overflow vulnerability
|
2022-05-10
|
CVE-2022-24910
|
8.2
|
TALOS-2022-1495
|
InHand Networks InRouter302 iburn firmware checks firmware update vulnerability
|
2022-05-10
|
CVE-2022-26510
|
9.9
|
TALOS-2022-1470
|
InHand Networks InRouter302 web interface session cookie information disclosure vulnerability
|
2022-05-10
|
CVE-2022-25172
|
7.5
|
TALOS-2022-1499
|
InHand Networks InRouter302 console infactory_port OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26420
|
9.9
|
TALOS-2022-1472
|
InHand Networks InRouter302 router configuration import privilege escalation vulnerability
|
2022-05-10
|
CVE-2022-21182
|
7.4
|
TALOS-2022-1476
|
InHand Networks InRouter302 console factory stack-based buffer overflow vulnerability
|
2022-05-10
|
CVE-2022-26002
|
9.1
|
TALOS-2022-1468
|
InHand Networks InRouter302 httpd upload.cgi file write vulnerability
|
2022-05-10
|
CVE-2022-21809
|
9.9
|
TALOS-2022-1469
|
InHand Networks InRouter302 info.jsp cross-site scripting (XSS) vulnerability
|
2022-05-10
|
CVE-2022-21238
|
5.4
|
TALOS-2022-1496
|
InHand Networks InRouter302 console infactory hard-coded password vulnerability
|
2022-05-10
|
CVE-2022-27172
|
4.3
|
TALOS-2022-1475
|
InHand Networks InRouter302 console factory OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26007
|
9.1
|
TALOS-2021-1412
|
WPS Office HtmTableAlt use-after-free vulnerability
|
2022-05-09
|
CVE-2021-40399
|
8.8
|
TALOS-2022-1480
|
Anker Eufy Homebase 2 libxm_av.so DemuxCmdInBuffer buffer overflow vulnerability
|
2022-05-05
|
CVE-2022-26073
|
7.4
|
TALOS-2022-1479
|
Anker Eufy Homebase 2 libxm_av.so getpeermac() authentication bypass vulnerability
|
2022-05-05
|
CVE-2022-25989
|
7.1
|
TALOS-2022-1465
|
Accusoft ImageGear IGXMPXMLParser::parseDelimiter stack-based buffer overflow vulnerability
|
2022-05-02
|
CVE-2022-23400
|
7.1
|
TALOS-2022-1449
|
Accusoft ImageGear ioca_mys_rgb_allocate memory corruption vulnerability
|
2022-05-02
|
CVE-2022-22137
|
9.8
|
TALOS-2022-1512
|
ArduPilot APWeb cgi.c unescape memory corruption vulnerability
|
2022-04-14
|
CVE-2022-28711
|
5.3
|
TALOS-2021-1411
|
Accusoft ImageGear parse_raster_data out-of-bounds write vulnerability
|
2022-03-31
|
CVE-2021-40398
|
8.1
|
TALOS-2021-1434
|
Sound Exchange libsox sphere.c start_read() heap-based buffer overflow vulnerability
|
2022-03-23
|
CVE-2021-40426
|
10.0
|
TALOS-2022-1464
|
Leadtools fltSaveCMP integer overflow vulnerability
|
2022-03-15
|
CVE-2022-21154
|
8.8
|
TALOS-2021-1433
|
Webroot Secure Anywhere IOCTL GetProcessCommand and B_03 out-of-bounds read vulnerability
|
2022-03-15
|
CVE-2021-40425,CVE-2021-40424
|
7.1
|
TALOS-2022-1442
|
Lansweeper WebUserActions.aspx Stored XSS vulnerability
|
2022-02-28
|
CVE-2022-21145
|
9.1
|
TALOS-2022-1441
|
Lansweeper lansweeper HelpdeskSetupActions SQL injection vulnerability
|
2022-02-28
|
CVE-2022-22149
|
9.1
|
TALOS-2021-1413
|
Gerbv RS-274X aperture macro outline primitive out-of-bounds read vulnerability
|
2022-02-28
|
CVE-2021-40400
|
9.3
|
TALOS-2022-1443
|
Lansweeper lansweeper EchoAssets.aspx SQL injection vulnerability
|
2022-02-28
|
CVE-2022-21234
|
9.1
|
TALOS-2021-1431
|
Swift Sensors Gateway device password generation authentication bypass vulnerability
|
2022-02-28
|
CVE-2021-40422
|
10.0
|
TALOS-2022-1444
|
Lansweeper lansweeper AssetActions.aspx SQL injection vulnerability
|
2022-02-28
|
CVE-2022-21210
|
6.6
|
TALOS-2022-1467
|
MZ Automation GmbH libiec61850 parseNormalModeParameters denial of service vulnerability
|
2022-02-28
|
CVE-2022-21159
|
7.5
|
TALOS-2021-1416
|
Gerbv RS-274X aperture macro multiple outline primitives out-of-bounds read vulnerability
|
2022-02-28
|
CVE-2021-40402
|
9.3
|
TALOS-2021-1368
|
Accusoft ImageGear XWD parser heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21939
|
9.8
|
TALOS-2021-1374
|
Accusoft ImageGear TIFF parser heap-based buffer overflow vulnerabilities
|
2022-02-23
|
CVE-2021-21945,CVE-2021-21944
|
9.8
|
TALOS-2021-1362
|
Accusoft ImageGear DecoderStream::Append heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21914
|
9.8
|
TALOS-2021-1373
|
Accusoft ImageGear XWD parser::xwdread_pixmapformat_0_or_1 heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21943
|
9.8
|
TALOS-2021-1371
|
Accusoft ImageGear TIFF YCbCr image parser out-of-bounds write vulnerability
|
2022-02-23
|
CVE-2021-21942
|
9.8
|
TALOS-2021-1377
|
Accusoft ImageGear JPEG-JFIF Scan header parser out-of-bounds write vulnerability
|
2022-02-23
|
CVE-2021-21949
|
9.8
|
TALOS-2021-1375
|
Accusoft ImageGear JPEG-JFIF lossless Huffman parser heap-based buffer overflow vulnerabilities
|
2022-02-23
|
CVE-2021-21947,CVE-2021-21946
|
9.8
|
TALOS-2021-1367
|
Accusoft ImageGear Palette box parser heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21938
|
9.8
|
TALOS-2022-1453
|
KiCad EDA Gerber Viewer gerber and excellon coordinates parsing stack-based buffer overflow vulnerability
|
2022-02-16
|
CVE-2022-23804,CVE-2022-23803
|
7.8
|
TALOS-2022-1460
|
KiCad EDA Gerber Viewer gerber and excellon GCode/Dcode parsing stack-based buffer overflow vulnerability
|
2022-02-16
|
CVE-2022-23947,CVE-2022-23946
|
7.8
|
TALOS-2021-1386
|
Hancom Office 2020 Hword HwordApp.dll SectorLoc heap-based buffer overflow
|
2022-02-15
|
CVE-2021-21958
|
7.8
|
TALOS-2021-1393
|
Texas Instruments CC3200 SimpleLink Solution HTTP Server /ping.html information disclosure vulnerability
|
2022-02-15
|
CVE-2021-21966
|
5.3
|
TALOS-2021-1403
|
Moxa MXView Series Web Application information disclosure vulnerability
|
2022-02-11
|
CVE-2021-40392
|
5.3
|
TALOS-2021-1401
|
Moxa MXView Series Web Application authentication bypass vulnerability
|
2022-02-11
|
CVE-2021-40390
|
10.0
|
TALOS-2021-1396
|
Sealevel Systems, Inc. SeaConnect 370W HandleSeaCloudMessage out-of-bounds write vulnerabilities
|
2022-02-01
|
CVE-2021-21970,CVE-2021-21969
|
3.7
|
TALOS-2021-1391
|
Sealevel Systems, Inc. SeaConnect 370W Web Server information disclosure vulnerability
|
2022-02-01
|
CVE-2021-21963
|
7.4
|
TALOS-2021-1392
|
Sealevel Systems, Inc. SeaConnect 370W Modbus/SeaMAX Remote Configuration denial of service vulnerabilities
|
2022-02-01
|
CVE-2021-21965,CVE-2021-21964
|
8.6
|
TALOS-2021-1394
|
Sealevel Systems, Inc. SeaConnect 370W OTA update task out-of-bounds write vulnerability
|
2022-02-01
|
CVE-2021-21967
|
6.5
|
TALOS-2021-1395
|
Sealevel Systems, Inc. SeaConnect 370W OTA update task file overwrite vulnerability
|
2022-02-01
|
CVE-2021-21968
|
8.1
|
TALOS-2021-1397
|
Sealevel Systems, Inc. SeaConnect 370W URL_decode out-of-bounds write vulnerability
|
2022-02-01
|
CVE-2021-21971
|
3.7
|
TALOS-2021-1390
|
Sealevel Systems, Inc. SeaConnect 370W OTA Update "u-download" heap-based buffer overflow vulnerability
|
2022-02-01
|
CVE-2021-21962
|
9.0
|
TALOS-2021-1389
|
Sealevel Systems, Inc. SeaConnect 370W LLMNR/NBNS stack-based buffer overflow vulnerabilities
|
2022-02-01
|
CVE-2021-21960,CVE-2021-21961
|
10.0
|
TALOS-2021-1388
|
Sealevel Systems, Inc. SeaConnect 370W MQTTS Certificate Validation vulnerability
|
2022-02-01
|
CVE-2021-21959
|
7.7
|
TALOS-2021-1406
|
Eclipse Foundation Paho MQTTClient-C library readPacket out-of-bounds write vulnerability
|
2022-02-01
|
CVE-2021-41036
|
9.8
|
TALOS-2021-1417
|
Gerbv pick-and-place rotation parsing use of uninitialized variable vulnerability
|
2022-01-31
|
CVE-2021-40403
|
5.8
|
TALOS-2021-1415
|
Gerbv RS-274X aperture definition tokenization use-after-free vulnerability
|
2022-01-31
|
CVE-2021-40401
|
10.0
|
TALOS-2021-1429
|
Foxit Reader deletePages use-after-free vulnerability
|
2022-01-31
|
CVE-2021-40420
|
8.8
|
TALOS-2022-1439
|
Foxit Reader getPageNthWordQuads mishandled exception vulnerability
|
2022-01-31
|
CVE-2022-22150
|
8.8
|
TALOS-2021-1398
|
Google Chrome MediaStreamTrackGenerator use after free vulnerability
|
2022-01-27
|
CVE-2021-38008
|
8.3
|
TALOS-2021-1420
|
Reolink RLC-410W cgiserver.cgi Login authentication bypass vulnerability
|
2022-01-26
|
CVE-2021-40404
|
5.3
|
TALOS-2021-1424
|
Reolink RLC-410W device network settings OS command injection vulnerabilities
|
2022-01-26
|
CVE-2021-40407,CVE-2021-40408, CVE-2021-40409, CVE-2021-40410,CVE-2021-40411,CVE-2021-40412
|
9.1
|
TALOS-2021-1421
|
Reolink RLC-410W cgiserver.cgi JSON command parser denial of service vulnerabilities
|
2022-01-26
|
CVE-2021-44354,CVE-2021-44355, CVE-2021-44356, CVE-2021-44357, CVE-2021-44358, CVE-2021-44359, CVE-2021-44360, CVE-2021-44361, CVE-2021-44362, CVE-2021-44363, CVE-2021-44364, CVE-2021-44365, CVE-2021-44366, CVE-2021-44367, CVE-2021-44368, CVE-2021-44369, CVE-2021-44370, CVE-2021-44371, CVE-2021-44372, CVE-2021-44373, CVE-2021-44374, CVE-2021-44375, CVE-2021-44376, CVE-2021-44377, CVE-2021-44378, CVE-2021-44379, CVE-2021-44380, CVE-2021-44381, CVE-2021-44382, CVE-2021-44383, CVE-2021-44384, CVE-2021-44385, CVE-2021-44386, CVE-2021-44387, CVE-2021-44388, CVE-2021-44389, CVE-2021-44390, CVE-2021-44391, CVE-2021-44392, CVE-2021-44393, CVE-2021-44394, CVE-2021-44395, CVE-2021-44396, CVE-2021-44397, CVE-2021-44398, CVE-2021-44399, CVE-2021-44400,CVE-2021-44401, CVE-2021-44402,CVE-2021-44403,CVE-2021-44404,CVE-2021-44405, CVE-2021-44406, CVE-2021-44407, CVE-2021-44408, CVE-2021-44409, CVE-2021-44410, CVE-2021-44411, CVE-2021-44412, CVE-2021-44413, CVE-2021-44414, CVE-2021-44415, CVE-2021-44416, CVE-2021-44417, CVE-2021-44418, CVE-2021-44419
|
8.6
|
TALOS-2022-1447
|
Reolink RLC-410W "update" firmware checks firmware update vulnerability
|
2022-01-26
|
CVE-2022-21134
|
8.3
|
TALOS-2021-1428
|
Reolink RLC-410W "factory" binary firmware update vulnerability
|
2022-01-26
|
CVE-2021-40419
|
10.0
|
TALOS-2022-1445
|
Reolink RLC-410W device TestEmail out-of-bounds write vulnerability
|
2022-01-26
|
CVE-2022-21217
|
9.1
|
TALOS-2021-1422
|
Reolink RLC-410W cgiserver.cgi Upgrade API denial of service vulnerability
|
2022-01-26
|
CVE-2021-40405
|
7.7
|
TALOS-2022-1446
|
Reolink RLC-410W web server misconfiguration information disclosure vulnerability
|
2022-01-26
|
CVE-2022-21236
|
8.1
|
TALOS-2022-1451
|
Reolink RLC-410W netserver parse_command_list memory corruption vulnerability
|
2022-01-26
|
CVE-2022-21796
|
9.3
|
TALOS-2021-1423
|
Reolink RLC-410W cgiserver.cgi session creation denial of service vulnerability
|
2022-01-26
|
CVE-2021-40406
|
7.5
|
TALOS-2021-1425
|
Reolink RLC-410W cgiserver.cgi cgi_check_ability improper access control vulnerabilities
|
2022-01-26
|
CVE-2021-40413, CVE-2021-40414, CVE-2021-40415,CVE-2021-40416
|
7.1
|
TALOS-2022-1448
|
Reolink RLC-410W hardcoded TLS key information disclosure vulnerability
|
2022-01-26
|
CVE-2022-21199
|
7.5
|
TALOS-2022-1450
|
Reolink RLC-410W netserver recv_command denial of service vulnerability
|
2022-01-26
|
CVE-2022-21801
|
8.6
|
TALOS-2021-1432
|
Reolink RLC-410W cgiserver.cgi command parser denial of service vulnerability
|
2022-01-26
|
CVE-2021-40423
|
7.5
|
TALOS-2021-1414
|
Apple macOS ImageIO DDS image out-of-bounds read vulnerability
|
2022-01-25
|
CVE-2021-30939
|
5.3
|
TALOS-2021-1400
|
Advantech DeviceOn/iEdge Server 1.0.2 privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40389
|
8.8
|
TALOS-2021-1409
|
Advantech WISE-PaaS/OTA 3.0.9 Server installation privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40397
|
8.8
|
TALOS-2021-1408
|
Advantech DeviceOn/iService 1.1.7 Server installation privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40396
|
8.8
|
TALOS-2021-1399
|
Advantech SQ Manager Server 1.0.6 privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40388
|
8.8
|
TALOS-2021-1387
|
Adobe Acrobat Reader Javascript event.richValue use-after-free vulnerability
|
2022-01-11
|
CVE-2021-44710
|
8.8
|
TALOS-2021-1410
|
Adobe Acrobat Reader DC annotation gestures integer overflow vulnerability
|
2022-01-11
|
CVE-2021-44711
|
8.8
|
TALOS-2021-1376
|
AnyCubic Chitubox AnyCubic Plugin readDatHeadVec heap-based buffer overflow vulnerability
|
2022-01-10
|
CVE-2021-21948
|
7.8
|
TALOS-2021-1372
|
Google Chrome WebRTC RTPSenderVideoFrameTransformerDelegate memory corruption vulnerability
|
2022-01-10
|
CVE-2021-37979
|
7.1
|
TALOS-2021-1358
|
Garrett Metal Detectors iC Module CMA CLI getenv command directory traversal vulnerability
|
2021-12-20
|
CVE-2021-21907
|
4.9
|
TALOS-2021-1427
|
Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame parsing uninitialized uuid object vulnerability
|
2021-12-20
|
CVE-2021-40418
|
9.8
|
TALOS-2021-1356
|
Garrett Metal Detectors iC Module CMA CLI setenv command directory traversal vulnerability
|
2021-12-20
|
CVE-2021-21904
|
9.1
|
TALOS-2021-1359
|
Garrett Metal Detectors iC Module CMA CLI del[env] command directory traversal vulnerabilities
|
2021-12-20
|
CVE-2021-21908,CVE-2021-21909
|
6.0
|
TALOS-2021-1355
|
Garrett Metal Detectors iC Module CMA check_udp_crc strcpy stack-based buffer overflow vulnerability
|
2021-12-20
|
CVE-2021-21903
|
9.8
|
TALOS-2021-1426
|
Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame decoding heap-based buffer overflow vulnerability
|
2021-12-20
|
CVE-2021-40417
|
9.8
|
TALOS-2021-1354
|
Garrett Metal Detectors iC Module CMA run_server_6877 authentication bypass vulnerability
|
2021-12-20
|
CVE-2021-21902
|
7.5
|
TALOS-2021-1353
|
Garrett Metal Detectors iC Module CMA check_udp_crc memcpy stack-based buffer overflow vulnerability
|
2021-12-20
|
CVE-2021-21901
|
9.8
|
TALOS-2021-1357
|
Garrett Metal Detectors iC Module CMA CLI readfile stack-based buffer overflow vulnerabilities
|
2021-12-20
|
CVE-2021-21905,CVE-2021-21906
|
8.2
|
TALOS-2021-1405
|
Gerbv RS-274X aperture macro outline primitive integer overflow vulnerability
|
2021-12-06
|
CVE-2021-40394
|
10.0
|
TALOS-2021-1384
|
Dream Report ODS Remote Connector privilege escalation vulnerability
|
2021-12-06
|
CVE-2021-21957
|
8.8
|
TALOS-2021-1404
|
Gerbv RS-274X format aperture macro variables out-of-bounds write vulnerability
|
2021-12-06
|
CVE-2021-40393
|
10.0
|
TALOS-2021-1352
|
Google Chrome Blink setBaseAndExtent use after free vulnerability
|
2021-11-30
|
CVE-2021-30625
|
8.3
|
TALOS-2021-1381
|
Anker Eufy Homebase 2 home_security wifi_country_code_update command execution vulnerability
|
2021-11-29
|
CVE-2021-21954
|
9.9
|
TALOS-2021-1378
|
Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_SERVER_LIST_REQUEST out-of-bounds write vulnerability
|
2021-11-29
|
CVE-2021-21950,CVE-2021-21951
|
10.0
|
TALOS-2021-1380
|
Anker Eufy Homebase 2 home_security process_msg() authentication bypass vulnerability
|
2021-11-29
|
CVE-2021-21953
|
7.7
|
TALOS-2021-1382
|
Anker Eufy Homebase 2 home_security get_aes_key_info_by_packetid() authentication bypass vulnerability
|
2021-11-29
|
CVE-2021-21955
|
7.7
|
TALOS-2021-1379
|
Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_RSA_KEY_REQUEST authentication bypass vulnerability
|
2021-11-29
|
CVE-2021-21952
|
9.4
|
TALOS-2021-1383
|
CloudLinux Inc Imunify360 Ai-Bolit php unserialize vulnerability
|
2021-11-22
|
CVE-021-21956
|
8.2
|
TALOS-2021-1363
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'group_list' page
|
2021-11-22
|
CVE-2021-21915,CVE-2021-21916,CVE-2021-21917
|
7.7
|
TALOS-2021-1364
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'company_list' page
|
2021-11-22
|
CVE-2021-21918,CVE-2021-21919
|
7.7
|
TALOS-2021-1366
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'device_list' page
|
2021-11-22
|
CVE-2021-21924,CVE-2021-21925,CVE-21926,CVE-2021-21927,CVE-2021-21928,CVE-2021-21929,CVE-2021-21930,CVE-2021-21931,CVE-2021-21932,CVE-2021-21933,CVE-2021-21934,CVE-2021-21935,CVE-2021-21936,CVE-2021-21937
|
7.7
|
TALOS-2021-1365
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'user_list' page
|
2021-11-22
|
CVE-2021-21920,CVE-2021-21921, CVE-2021-21922,CVE-2021-21923
|
7.7
|
TALOS-2021-1360
|
Advantech R-SeeNet installation privilege escalation vulnerability
|
2021-11-22
|
CVE-2021-21910, CVE-2021-21911, CVE-2021-21912
|
8.8
|
TALOS-2021-1351
|
LibreCad libdxfrw dxfRW::processLType() use-after-free vulnerability
|
2021-11-17
|
CVE-2021-21900
|
8.8
|
TALOS-2021-1350
|
LibreCad libdxfrw dwgCompressor::copyCompBytes21 heap-based buffer overflow vulnerability
|
2021-11-17
|
CVE-2021-21899
|
8.8
|
TALOS-2021-1349
|
LibreCad libdxfrw dwgCompressor::decompress18() out-of-bounds write vulnerability
|
2021-11-17
|
CVE-2021-21898
|
8.8
|
TALOS-2021-1348
|
Google Chrome WebRTC addIceCandidate use after free vulnerability
|
2021-11-16
|
CVE-2021-30602
|
8.3
|
TALOS-2021-1335
|
Lantronix PremierWave 2050 Web Manager FsUnmount stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21892
|
9.9
|
TALOS-2021-1326
|
Lantronix PremierWave 2050 Web Manager FsUnmount OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21882
|
9.9
|
TALOS-2021-1323
|
Lantronix PremierWave 2050 Web Manager File Upload directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21879
|
9.9
|
TALOS-2021-1330
|
Lantronix PremierWave 2050 Web Manager FSBrowsePage directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21886
|
4.3
|
TALOS-2021-1315
|
Lantronix PremierWave 2050 Web Manager FsTFtp OS command injection vulnerabilities
|
2021-11-15
|
CVE-2021-21876,CVE-2021-21877
|
9.1
|
TALOS-2021-1327
|
Lantronix PremierWave 2050 Web Manager Diagnostics: Ping OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21883
|
9.9
|
TALOS-2021-1338
|
Lantronix PremierWave 2050 Web Manager FsBrowseClean directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21896
|
4.9
|
TALOS-2021-1331
|
Lantronix PremierWave 2050 Web Manager SslGenerateCSR stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21887
|
9.1
|
TALOS-2021-1328
|
Lantronix PremierWave 2050 Web Manager SslGenerateCSR OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21884
|
9.1
|
TALOS-2021-1333
|
Lantronix PremierWave 2050 Web Manager Ping stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21889
|
9.9
|
TALOS-2021-1334
|
Lantronix PremierWave 2050 Web Manager FsBrowseClean stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21890,CVE-2021-21891
|
9.1
|
TALOS-2021-1337
|
Lantronix PremierWave 2050 Web Manager FsTFtp directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21894,CVE-2021-21895
|
9.1
|
TALOS-2021-1312
|
Lantronix PremierWave 2050 Web Manager Diagnostics: Traceroute OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21872
|
9.9
|
TALOS-2021-1329
|
Lantronix PremierWave 2050 Web Manager FsMove directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21885
|
7.2
|
TALOS-2021-1314
|
Lantronix PremierWave 2050 Web Manager SSL Credential Upload OS command injection vulnerabilities
|
2021-11-15
|
CVE-2021-21873,CVE-2021-21874,CVE-2021-21875
|
9.1
|
TALOS-2021-1322
|
Lantronix PremierWave 2050 Web Manager Applications and FsBrowse local file inclusion vulnerability
|
2021-11-15
|
CVE-2021-21878
|
4.9
|
TALOS-2021-1325
|
Lantronix PremierWave 2050 Web Manager Wireless Network Scanner OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21881
|
9.9
|
TALOS-2021-1332
|
Lantronix PremierWave 2050 Web Manager SslGenerateCertificate OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21888
|
9.1
|
TALOS-2021-1324
|
Lantronix PremierWave 2050 Web Manager FsCopyFile directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21880
|
7.2
|
TALOS-2021-1343
|
Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests offset calculation out-of-bounds read vulnerability
|
2021-11-09
|
CVE-2021-41376
|
2.3
|
TALOS-2021-1347
|
Microsoft Azure Sphere Pluton concurrent syscalls denial of service vulnerability
|
2021-11-09
|
--
|
6.2
|
TALOS-2021-1339
|
Microsoft Azure Sphere Kernel GPIO_SET_PIN_CONFIG_IOCTL information disclosure vulnerability
|
2021-11-09
|
None
|
6.7
|
TALOS-2021-1344
|
Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging 1BL firmware downgrade vulnerability
|
2021-11-09
|
--
|
6.0
|
TALOS-2021-1341
|
Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging stage-without-manifest denial of service vulnerability
|
2021-11-09
|
--
|
6.0
|
TALOS-2021-1342
|
Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests image validation signature check bypass vulnerability
|
2021-11-09
|
CVE-2021-42300
|
6.0
|
TALOS-2021-1340
|
Microsoft Azure Sphere Kernel GPIO_GET_PIN_ACCESS_CONTROL_USER information disclosure vulnerability
|
2021-11-09
|
None
|
4.4
|
TALOS-2021-1402
|
Gerbv drill format T-code tool number out-of-bounds write vulnerability
|
2021-11-04
|
CVE-2021-40391
|
10.0
|
TALOS-2021-1319
|
ZTE MF971R xmlclient cross-site scripting vulnerability
|
2021-10-18
|
CVE-2021-21747
|
6.1
|
TALOS-2021-1318
|
ZTE MF971R sms_cmd_status_info cross-site scripting vulnerability
|
2021-10-18
|
CVE-2021-21746
|
6.1
|
TALOS-2021-1317
|
ZTE MF971R Referer authentication bypass vulnerability
|
2021-10-18
|
CVE-2021-21745
|
4.7
|
TALOS-2021-1316
|
ZTE MF971R goform_get_cmd_process Config Control External config control vulnerability
|
2021-10-18
|
CVE-2021-21744
|
5.4
|
TALOS-2021-1321
|
ZTE MF971R STK_PROCESS stack-based buffer overflow vulnerability
|
2021-10-18
|
CVE-2021-21749
|
8.3
|
TALOS-2021-1313
|
ZTE MF971R HTTP_HOST CRLF Injection vulnerability
|
2021-10-18
|
CVE-2021-21743
|
6.3
|
TALOS-2021-1320
|
ZTE MF971R ADB_MODE_SWITCH stack-based buffer overflow vulnerability
|
2021-10-18
|
CVE-2021-21748
|
9.6
|
TALOS-2021-1266
|
Nitro Pro PDF JavaScript TimeOutObject double free vulnerability
|
2021-10-13
|
CVE-2021-21797
|
8.8
|
TALOS-2021-1265
|
Nitro Pro PDF JavaScript local_file_path Object use-after-free vulnerability
|
2021-10-13
|
CVE-2021-21796
|
8.8
|
TALOS-2021-1259
|
Microsoft Office Excel 2019/365 ConditionalFormatting code execution vulnerability
|
2021-10-12
|
CVE-2021-40474
|
8.8
|
TALOS-2021-1369
|
Anker Eufy Homebase 2 pushMuxer processRtspInfo heap buffer overflow vulnerability
|
2021-10-11
|
CVE-2021-21940
|
10.0
|
TALOS-2021-1370
|
Anker Eufy Homebase 2 pushMuxer CreatePushThread use-after-free vulnerability
|
2021-10-11
|
CVE-2021-21941
|
10.0
|
TALOS-2021-1361
|
D-LINK DIR-3040 WiFi Smart Mesh information disclosure vulnerability
|
2021-09-23
|
CVE-2021-21913
|
10.0
|
TALOS-2021-1309
|
Microsoft Azure Sphere Security Monitor SMSyscallPeripheralAcquire information disclosure vulnerability
|
2021-09-14
|
None
|
4.4
|
TALOS-2021-1267
|
Nitro Pro PDF JavaScript document.flattenPages JSStackFrame stack-based use-after-free vulnerability
|
2021-09-13
|
CVE-2021-21798
|
8.8
|
TALOS-2021-1346
|
Ribbonsoft dxflib DL_Dxf::handleLWPolylineData heap-based buffer overflow vulnerability
|
2021-09-07
|
CVE-2021-21897
|
8.8
|
TALOS-2021-1295
|
Disc Soft Ltd Daemon Tools Pro ISO Parsing memory corruption vulnerability
|
2021-08-17
|
CVE-2021-21832
|
8.1
|
TALOS-2021-1298
|
GPAC Project Advanced Content MPEG-4 Decoding multiple integer truncation vulnerabilities
|
2021-08-16
|
CVE-2021-21859,CVE-2021-21860,CVE-2021-21861,CVE-2021-21862
|
8.8
|
TALOS-2021-1297
|
GPAC Project on Advanced Content library MPEG-4 Decoding multiple multiplication integer overflow vulnerabilities
|
2021-08-16
|
CVE-2021-21834, CVE-2021-21835, CVE-2021-21836, CVE-2021-21837, CVE-2021-21838, CVE-2021-21839, CVE-2021-21840, CVE-2021-21841, CVE-2021-21842, CVE-2021-21843, CVE-2021-21844, CVE-2021-21845, CVE-2021-21846, CVE-2021-21847, CVE-2021-21848, CVE-2021-21849, CVE-2021-21850, CVE-2021-21851, CVE-2021-21852
|
8.8
|
TALOS-2021-1299
|
GPAC Project Advanced Content MPEG-4 Decoding multiple integer addition overflow vulnerabilities
|
2021-08-16
|
CVE-2021-21853, CVE-2021-21854,CVE-2021-21855,CVE-2021-21856,CVE-2021-21857,CVE-2021-21858
|
8.8
|
TALOS-2021-1279
|
AT&T Labs Xmill XML parsing CreateLabelOrAttrib memory corruption vulnerability
|
2021-08-11
|
CVE-2021-21811
|
8.1
|
TALOS-2021-1278
|
AT&T Labs Xmill XML parsing ParseAttribs memory corruption vulnerability
|
2021-08-10
|
CVE-2021-21810
|
8.1
|
TALOS-2021-1280
|
AT&T Labs Xmill multiple command line parsing vulnerabilities
|
2021-08-10
|
CVE-2021-21812, CVE-2021-21813, CVE-2021-21814, CVE-2021-21815
|
7.8
|
TALOS-2021-1292
|
AT&T Labs Xmill XML decompression EnumerationUncompressor::UncompressItem heap-based buffer overflow vulnerability
|
2021-08-10
|
CVE-2021-21829
|
8.1
|
TALOS-2021-1290
|
AT&T Labs Xmill XML decompression PlainTextUncompressor::UncompressItem heap-based buffer overflow vulnerability
|
2021-08-10
|
CVE-2021-21825
|
8.1
|
TALOS-2021-1310
|
Microsoft Azure Sphere Security Monitor SMSyscallWriteBlockToStageImage information disclosure vulnerability
|
2021-08-10
|
None
|
4.4
|
TALOS-2021-1293
|
AT&T Labs Xmill XML decompression LabelDict::Load heap-based buffer overflow vulnerability
|
2021-08-10
|
CVE-2021-21830
|
8.1
|
TALOS-2021-1291
|
AT&T Labs Xmill XML decompression DecodeTreeBlock multiple heap-based buffer overflow vulnerabilities
|
2021-08-10
|
CVE-2021-21826, CVE-2021-21827, CVE-2021-21828
|
8.1
|
TALOS-2021-1311
|
Microsoft Azure Sphere Security Monitor SECTION_ABIDepends denial of service vulnerability
|
2021-08-10
|
None
|
6.0
|
TALOS-2021-1345
|
Mozilla Firefox MediaCacheStream::NotifyDataReceived use-after-free vulnerability
|
2021-08-10
|
CVE-2021-29985
|
8.8
|
TALOS-2020-1212
|
tinyobjloader LoadObj improper array index validation vulnerability
|
2021-07-30
|
CVE-2020-28589
|
9.6
|
TALOS-2021-1307
|
Foxit Reader FileAttachment annotation use-after-free vulnerability redux
|
2021-07-27
|
CVE-2021-21870
|
8.8
|
TALOS-2021-1336
|
Foxit Reader Field OnFocus event use-after-free vulnerability
|
2021-07-27
|
CVE-2021-21893
|
8.8
|
TALOS-2021-1294
|
Foxit Reader removeField use-after-free vulnerability
|
2021-07-27
|
CVE-2021-21831
|
8.8
|
TALOS-2021-1306
|
CODESYS Development System Engine.plugin ProfileInformation ProfileData Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21869
|
8.8
|
TALOS-2021-1305
|
CODESYS Development System ObjectManager.plugin Project.get_MissingTypes() Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21868
|
8.8
|
TALOS-2021-1300
|
CODESYS Development System ComponentModel Profile.FromFile() Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21863
|
8.8
|
TALOS-2021-1304
|
CODESYS Development System ObjectManager.plugin ObjectStream.ProfileByteArray Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21867
|
8.8
|
TALOS-2021-1303
|
CODESYS Development System ObjectManager.plugin ProfileInformation.ProfileData Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21866
|
8.8
|
TALOS-2021-1302
|
CODESYS Development System PackageManagement.plugin ExtensionMethods.Clone() Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21865
|
8.8
|
TALOS-2021-1301
|
CODESYS Development System ComponentModel ComponentManager.StartupCultureSettings Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21864
|
7.8
|
TALOS-2021-1274
|
Advantech R-SeeNet ping.php OS Command Injection vulnerability
|
2021-07-15
|
CVE-2021-21805
|
9.8
|
TALOS-2021-1273
|
Advantech R-SeeNet options.php local file inclusion (LFI) vulnerability
|
2021-07-15
|
CVE-2021-21804
|
8.1
|
TALOS-2021-1272
|
Advantech R-SeeNet device_graph_page.php Multiple Reflected XSS vulnerabilities
|
2021-07-15
|
CVE-2021-21801, CVE-2021-21802, CVE-2021-21803
|
9.6
|
TALOS-2021-1271
|
Advantech R-SeeNet ssh_form.php Reflected XSS vulnerability
|
2021-07-15
|
CVE-2021-21800
|
9.6
|
TALOS-2021-1285
|
D-LINK DIR-3040 Libcli test environment hard-coded password vulnerability
|
2021-07-15
|
CVE-2021-21820
|
10.0
|
TALOS-2021-1283
|
D-LINK DIR-3040 Syslog information disclosure vulnerability
|
2021-07-15
|
CVE-2021-21818
|
6.5
|
TALOS-2021-1281
|
D-LINK DIR-3040 Syslog information disclosure vulnerability
|
2021-07-15
|
CVE-2021-21816
|
6.5
|
TALOS-2021-1282
|
D-LINK DIR-3040 Zebra IP routing manager information disclosure vulnerability
|
2021-07-15
|
CVE-2021-21817
|
7.5
|
TALOS-2021-1284
|
D-LINK DIR-3040 Libcli command injection vulnerability
|
2021-07-15
|
CVE-2021-21819
|
9.1
|
TALOS-2021-1270
|
Advantech R-SeeNet telnet_form.php Reflected XSS vulnerability
|
2021-07-15
|
CVE-2021-21799
|
9.6
|
TALOS-2021-1252
|
IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c40a148 vulnerability
|
2021-07-07
|
CVE-2021-21785
|
6.5
|
TALOS-2021-1254
|
IOBit Advanced SystemCare ultimate privileged I/O write vulnerabilities
|
2021-07-07
|
CVE-2021-21787, CVE-2021-21788,CVE-2021-21789
|
8.8
|
TALOS-2021-1255
|
IOBit Advanced SystemCare Ultimate Privileged I/O Read vulnerabilities
|
2021-07-07
|
CVE-2021-21790, CVE-2021-21791, CVE-2021-21792
|
6.5
|
TALOS-2021-1253
|
IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c406144 vulnerability
|
2021-07-07
|
CVE-2021-21786
|
8.8
|
TALOS-2021-1308
|
PowerISO DMG File Format Handler memory corruption vulnerability
|
2021-06-28
|
CVE-2021-21871
|
8.8
|
TALOS-2021-1277
|
Moodle spellchecker plugin command execution vulnerability
|
2021-06-22
|
CVE-2021-21809
|
8.2
|
TALOS-2021-1234
|
EIP Stack Group OpENer Ethernet/IP UDP handler information disclosure vulnerability
|
2021-06-16
|
CVE-2021-21777
|
8.6
|
TALOS-2021-1288
|
Komoot GmbH Komoot Friend finder information disclosure vulnerability
|
2021-06-09
|
CVE-2021-21823
|
5.3
|
TALOS-2021-1251
|
Google Chrome WebAudio blink::AudioNodeOutput::Pull code execution vulnerability
|
2021-06-08
|
CVE-2021-30522
|
8.3
|
TALOS-2021-1238
|
Webkit WebCore::GraphicsContext use-after-free vulnerability
|
2021-06-02
|
CVE-2021-21779
|
6.8
|
TALOS-2021-1246
|
Apple macOS SMB server TREE_CONNECT stack buffer overflow vulnerability
|
2021-06-02
|
CVE-2020-10005
|
8.5
|
TALOS-2021-1229
|
Webkit ImageLoader dispatchPendingErrorEvent use-after-free vulnerability
|
2021-06-02
|
CVE-2021-21775
|
6.8
|
TALOS-2021-1268
|
Apple macOS SMB server create file request uninitialized memory disclosure
|
2021-06-02
|
CVE-2021-30722
|
6.5
|
TALOS-2021-1260
|
Apple macOS SMB server directory query request integer overflow vulnerability
|
2021-06-02
|
CVE-2021-30717
|
7.5
|
TALOS-2021-1263
|
Apple macOS SMB server lock request infinite loop
|
2021-06-02
|
CVE-2021-30716
|
6.5
|
TALOS-2021-1269
|
Apple macOS SMB server directory query arbitrary file access
|
2021-06-02
|
CVE-2021-30721
|
4.3
|
TALOS-2021-1258
|
Apple macOS SMB server IOCTL request uninitialized stack variable vulnerability
|
2021-06-02
|
CVE-2021-30712
|
4.2
|
TALOS-2021-1276
|
Accusoft ImageGear PNG png_palette_process memory corruption vulnerability
|
2021-06-01
|
CVE-2021-21808
|
8.1
|
TALOS-2021-1296
|
Accusoft ImageGear TIF IP_planar_raster_unpack improper array index validation vulnerability
|
2021-06-01
|
CVE-2021-21833
|
9.8
|
TALOS-2021-1261
|
Accusoft ImageGear TIF bits_per_sample processing out-of-bounds write vulnerability
|
2021-06-01
|
CVE-2021-21794
|
9.8
|
TALOS-2021-1257
|
Accusoft ImageGear JPG sof_nb_comp header processing out-of-bounds write vulnerability
|
2021-06-01
|
CVE-2021-21793
|
9.8
|
TALOS-2021-1286
|
Accusoft ImageGear PDF process_fontname stack-based buffer overflow vulnerability
|
2021-06-01
|
CVE-2021-21821
|
9.8
|
TALOS-2021-1289
|
Accusoft ImageGear JPG Handle_JPEG420 out-of-bounds write vulnerability
|
2021-06-01
|
CVE-2021-21824
|
8.1
|
TALOS-2021-1275
|
Accusoft ImageGear DICOM parse_dicom_meta_info integer overflow vulnerability
|
2021-06-01
|
CVE-2021-21807
|
9.8
|
TALOS-2021-1243
|
Linux Kernel Arm SIGPAGE information disclosure vulnerability
|
2021-05-28
|
CVE-2021-21781
|
4.0
|
TALOS-2021-1230
|
Trend Micro, Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability
|
2021-05-24
|
CVE-2021-32457
|
7.8
|
TALOS-2021-1241
|
Trend Micro Inc. Home Network Security SFTP log collection server hard-coded password vulnerability
|
2021-05-24
|
CVE-2021-32459
|
4.9
|
TALOS-2021-1231
|
Trend Micro Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability
|
2021-05-24
|
CVE-2021-32458
|
7.8
|
TALOS-2021-1237
|
Apple macOS SMB server signature verification information disclosure vulnerability
|
2021-05-19
|
CVE-2021-1878
|
7.1
|
TALOS-2021-1235
|
Google Chrome AudioDelayDSPKernel::ProcessKRate heap-based buffer overflow vulnerability
|
2021-05-19
|
CVE-2021-21160
|
8.8
|
TALOS-2021-1233
|
Adobe Acrobat Reader DC JavaScript search query code execution vulnerability
|
2021-05-11
|
CVE-2021-28562
|
8.0
|
TALOS-2021-1287
|
Foxit Reader FileAttachment annotation use-after-free vulnerability
|
2021-05-06
|
CVE-2021-21822
|
8.8
|
TALOS-2021-1236
|
MZ Automation GmbH lib60870.NET ASDU message processing denial of service vulnerability
|
2021-04-26
|
CVE-2021-21778
|
7.5
|
TALOS-2020-1142
|
Systemd DHCP client denial-of-service vulnerability
|
2021-04-26
|
CVE-2020-13529
|
6.1
|
TALOS-2021-1240
|
Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability
|
2021-04-22
|
None
|
7.4
|
TALOS-2021-1239
|
Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability
|
2021-04-22
|
None
|
7.4
|
TALOS-2020-1219
|
Prusa Research PrusaSlicer Obj.cpp load_obj() out-of-bounds write vulnerability
|
2021-04-21
|
CVE-2020-28595
|
8.8
|
TALOS-2020-1220
|
Prusa Research PrusaSlicer Objparser::objparse() stack-based buffer overflow vulnerability
|
2021-04-21
|
CVE-2020-28596
|
8.8
|
TALOS-2020-1222
|
Prusa Research PrusaSlicer Admesh stl_fix_normal_directions() out-of-bounds write vulnerability
|
2021-04-21
|
CVE-2020-28598
|
8.8
|
TALOS-2020-1160
|
Synology QuickConnect servers HTTP redirection Information Disclosure Vulnerability
|
2021-04-19
|
CVE-2021-26564, CVE-2021-26565, CVE-2021-26566
|
8.3
|
TALOS-2020-1159
|
Synology DSM synoagentregisterd server finder out-of-bounds write vulnerability
|
2021-04-19
|
CVE-2021-26560, CVE-2021-26561, CVE-2021-26562
|
9.4
|
TALOS-2020-1216
|
Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability
|
2021-04-15
|
CVE-2020-28592
|
8.1
|
TALOS-2020-1217
|
Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability
|
2021-04-15
|
CVE-2020-28593
|
8.1
|
TALOS-2021-1262
|
Microsoft Azure Sphere Kernel pwm_ioctl_apply_state kfree() code execution vulnerability
|
2021-04-13
|
CVE-2021-28460
|
8.1
|
TALOS-2020-1204
|
OpenClinic GA installation privilege escalation vulnerability
|
2021-04-13
|
CVE-2020-27228
|
8.8
|
TALOS-2020-1207
|
OpenClinic GA web portal multiple SQL injection vulnerabilities in the 'getAssets.jsp' page
|
2021-04-13
|
CVE-2020-27233, CVE-2020-27234, CVE-2020-27235, CVE-2020-27236, CVE-2020-27237, CVE-2020-27238, CVE-2020-27239, CVE-2020-27240, CVE-2020-27241
|
6.4
|
TALOS-2021-1249
|
Microsoft Azure Sphere Linux namespace ptrace unsigned code execution vulnerability
|
2021-04-13
|
CVE-2021-27074
|
6.2
|
TALOS-2020-1206
|
OpenClinic GA Web portal SQL injection vulnerability in 'manageServiceStocks.jsp' page
|
2021-04-13
|
CVE-2020-27232
|
6.4
|
TALOS-2020-1203
|
OpenClinic GA unauthenticated command injection vulnerability
|
2021-04-13
|
CVE-2020-27227
|
10.0
|
TALOS-2021-1247
|
Microsoft Azure Sphere mount namespace unsigned code execution vulnerability
|
2021-04-13
|
CVE-2021-27074
|
6.2
|
TALOS-2021-1250
|
Microsoft Azure Sphere mqueue inode initialization kernel code execution vulnerability
|
2021-04-13
|
CVE-2021-27080
|
9.3
|
TALOS-2020-1202
|
OpenClinic GA web portal SQL injection vulnerability in 'statistics/quickFile.jsp' page
|
2021-04-13
|
CVE-2020-27226
|
6.4
|
TALOS-2020-1205
|
OpenClinic GA web portal multiple SQL injection vulnerabilities in 'patientslist.do' page
|
2021-04-13
|
CVE-2020-27229, CVE-2020-27230, CVE-2020-27231
|
6.4
|
TALOS-2020-1208
|
OpenClinic GA web portal multiple SQL injection vulnerabilities in 'listImmoLabels.jsp' page
|
2021-04-13
|
CVE-2020-27242, CVE-2020-27243, CVE-2020-27244, CVE-2020-27245, CVE-2020-27246
|
6.4
|
TALOS-2020-1200
|
Rukovoditel Project Management App application SQL injection vulnerability in the 'access_rules/rules_form' page
|
2021-04-08
|
CVE-2020-13591
|
5.4
|
TALOS-2020-1199
|
Rukovoditel Project Management App multiple SQL injection vulnerabilities in the 'entities/fields' page
|
2021-04-08
|
CVE-2020-13588, CVE-2020-13589, CVE-2020-13599
|
5.4
|
TALOS-2020-1201
|
Rukovoditel Project Management App application SQL injection vulnerability in the 'global_lists/choices' page
|
2021-04-08
|
CVE-2020-13592
|
5.4
|
TALOS-2020-1146
|
Dream Report platform privilege escalation vulnerability
|
2021-04-08
|
CVE-2020-13532, CVE-2020-13533, CVE-2020-13534
|
9.3
|
TALOS-2020-1198
|
Rukovoditel Project Management App SQL injection vulnerability in the 'forms_fields_rules/rules' page
|
2021-04-08
|
CVE-2020-13587
|
5.4
|
TALOS-2021-1244
|
Accusoft ImageGear SGI format buffer size processing out-of-bounds write vulnerability
|
2021-03-30
|
CVE-2021-21782
|
9.8
|
TALOS-2021-1232
|
Accusoft ImageGear SGI Format Buffer Size Processing out-of-bounds write vulnerability
|
2021-03-30
|
CVE-2021-21776
|
9.8
|
TALOS-2021-1227
|
Accusoft ImageGear TIFF Header count processing out-of-bounds write vulnerability
|
2021-03-30
|
CVE-2021-21773
|
8.1
|
TALOS-2021-1245
|
Genivia gSOAP WS-Addressing plugin code execution vulnerability redux
|
2021-03-24
|
CVE-2021-21783
|
9.8
|
TALOS-2021-1264
|
Accusoft ImageGear PSD read_icc_icCurve_data heap-based buffer overflow vulnerability
|
2021-03-16
|
CVE-2021-21795
|
9.8
|
TALOS-2020-1226
|
3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability
|
2021-03-10
|
CVE-2021-21772
|
8.1
|
TALOS-2021-1226
|
3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability
|
2021-03-10
|
CVE-2021-21772
|
8.1
|
TALOS-2021-1248
|
Accusoft ImageGear JPG format SOF marker processing out-of-bounds write vulnerability
|
2021-03-02
|
CVE-2021-21784
|
9.8
|
TALOS-2020-1213
|
Slic3r libslic3r Obj File TriangleMesh::TriangleMesh() out-of-bounds read vulnerability
|
2021-02-24
|
CVE-2020-28590
|
8.6
|
TALOS-2020-1225
|
CGAL libcgal multiple code execution vulnerabilities in Nef polygon-parsing code
|
2021-02-24
|
CVE-2020-28601,CVE-2020-28602,CVE-2020-28603,CVE-2020-28604,CVE-2020-28605,CVE-2020-28606,CVE-2020-28607,CVE-2020-28608,CVE-2020-28609,CVE-2020-28610,CVE-2020-28611,CVE-2020-28612,CVE-2020-28613,CVE-2020-28614,CVE-2020-28615,CVE-2020-28616, CVE-2020-28617,CVE-2020-28618,CVE-2020-28619,CVE-2020-28620, CVE-2020-28621,CVE-2020-28622,CVE-2020-28623,CVE-2020-28624,CVE-2020-28625,CVE-2020-28626,CVE-2020-28627,CVE-2020-28628,CVE-2020-28629,CVE-2020-28630,CVE-2020-28631,CVE-2020-28632,CVE-2020-28633,CVE-2020-28634,CVE-2020-28635,CVE-2020-28636,CVE-2020-35628,CVE-2020-35629,CVE-2020-35630, CVE-2020-35631,CVE-2020-35632,CVE-2020-35633,CVE-2020-35634,CVE-2020-35635,CVE-2020-35636
|
10.0
|
TALOS-2020-1224
|
Openscad import_stl.cc:import_stl() out-of-bounds stack write vulnerability
|
2021-02-23
|
CVE-2020-28600
|
8.8
|
TALOS-2020-1223
|
Openscad import_stl.cc:import_stl() stack-based buffer overflow vulnerability
|
2021-02-23
|
CVE-2020-28599
|
8.8
|
TALOS-2020-1167
|
Sytech XL reporter installation privilege escalation vulnerability
|
2021-02-19
|
CVE-2020-13549
|
8.8
|
TALOS-2020-1169
|
Advantech WebAccess/SCADA installation privilege escalation vulnerability
|
2021-02-16
|
CVE-2020-13551, CVE-2020-13552, CVE-2020-13553, CVE-2020-13554, CVE-2020-13555
|
8.8
|
TALOS-2020-1168
|
Advantech WebAccess/SCADA installation local file inclusion
|
2021-02-16
|
CVE-2020-13550
|
7.7
|
TALOS-2020-1182
|
Accusoft ImageGear SGI RLE decompression out-of-bounds write vulnerability
|
2021-02-09
|
CVE-2020-13571
|
9.8
|
TALOS-2020-1196
|
Accusoft ImageGear PSD Header processing out-of-bounds write vulnerability
|
2021-02-09
|
CVE-2020-13585
|
9.8
|
TALOS-2020-1176
|
Accusoft ImageGear TIFF index record out-of-bounds write vulnerability
|
2021-02-09
|
CVE-2020-13561
|
9.8
|
TALOS-2020-1183
|
Accusoft ImageGear GIF LZW decoder heap overflow vulnerability
|
2021-02-05
|
CVE-2020-13572
|
9.8
|
TALOS-2020-1191
|
SoftMaker Office PlanMaker Document Record 0x8010 out-of-bounds write vulnerability
|
2021-02-03
|
CVE-2020-13580
|
8.8
|
TALOS-2020-1210
|
SoftMaker Office PlanMaker Excel document CEscherObject::ReadNativeProperties multiple heap buffer overflow vulnerabilities
|
2021-02-03
|
CVE-2020-27247, CVE-2020-27248, CVE-2020-27249,CVE-2020-27250,CVE-2020-28587
|
8.8
|
TALOS-2020-1190
|
SoftMaker Office PlanMaker Document Records 0x8011 and 0x820a integer overflow vulnerability
|
2021-02-03
|
CVE-2020-13579
|
8.8
|
TALOS-2020-1192
|
SoftMaker Office PlanMaker Document Record 0x800d memory corruption vulnerability
|
2021-02-03
|
CVE-2020-13581
|
8.8
|
TALOS-2020-1197
|
SoftMaker Office PlanMaker Excel document record 0x00fc memory corruption vulnerability
|
2021-02-03
|
CVE-2020-13586
|
8.8
|
TALOS-2020-1008
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Network Segment Denial of Service Vulnerability
|
2021-02-02
|
CVE-2020-6088
|
7.5
|
TALOS-2020-1179
|
phpGACL database multiple SQL injection vulnerabilities
|
2021-01-27
|
CVE-2020-13566, CVE-2020-13568
|
8.8
|
TALOS-2020-1177
|
phpGACL template multiple cross-site scripting vulnerabilities
|
2021-01-27
|
CVE-2020-13562, CVE-2020-13563, CVE-2020-13564
|
9.6
|
TALOS-2020-1180
|
OpenEMR GACL cross-site request forgery vulnerability
|
2021-01-27
|
CVE-2020-13569
|
8.8
|
TALOS-2020-1178
|
phpGACL return_page redirection open redirect vulnerability
|
2021-01-27
|
CVE-2020-13565
|
6.1
|
TALOS-2020-1194
|
Micrium uC-HTTP HTTP Server null pointer dereference denial-of-service vulnerability
|
2021-01-26
|
CVE-2020-13583
|
8.6
|
TALOS-2020-1193
|
Micrium uC-HTTP HTTP Server unchecked return value denial-of-service vulnerability
|
2021-01-26
|
CVE-2020-13582
|
8.6
|
TALOS-2020-1174
|
FreyrSCADA IEC-60879-5-104 server simulator traffic logging denial-of-service vulnerability
|
2021-01-11
|
CVE--2020-13559
|
5.9
|
TALOS-2020-1184
|
Rockwell Automation RSLinx classic ethernet/IP server denial-of-service vulnerability
|
2021-01-07
|
CVE-2020-13573
|
7.5
|
TALOS-2020-1161
|
SoftMaker Office TextMaker Document Record 0x001f sign-extension vulnerability
|
2021-01-05
|
CVE-2020-13544
|
8.8
|
TALOS-2020-1162
|
SoftMaker Office TextMaker Document Record 0x003f integer conversion vulnerability
|
2021-01-05
|
CVE-2020-13545
|
8.8
|
TALOS-2020-1187
|
Genivia gSOAP WS-Addressing plugin code execution vulnerability
|
2021-01-05
|
CVE-2020-13576
|
9.8
|
TALOS-2020-1185
|
Genivia gSOAP WS-Security plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13574
|
7.5
|
TALOS-2020-1163
|
SoftMaker Office TextMaker Document Record 0x002a integer overflow vulnerability
|
2021-01-05
|
CVE-2020-13546
|
8.8
|
TALOS-2020-1189
|
Genivia gSOAP WS-Security plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13578
|
7.5
|
TALOS-2020-1186
|
Genivia gSOAP WS-Addressing plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13575
|
7.5
|
TALOS-2020-1188
|
Genivia gSOAP WS-Security plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13577
|
7.5
|
TALOS-2020-1150
|
Win-911 Enterprise Platform privilege escalation vulnerability
|
2021-01-04
|
CVE-2020-13539, CVE-2020-13540
|
9.3
|
TALOS-2020-1151
|
Win-911 mobile server platform privilege escalation vulnerability
|
2021-01-04
|
CVE-2020-13541
|
9.3
|
TALOS-2020-1141
|
Microsoft Azure Sphere networkd mdns denial-of-service vulnerability
|
2020-12-18
|
--
|
5.9
|
TALOS-2020-1111
|
NZXT CAM WinRing0x64 Driver Privileged I/O Write IRPs Privilege Escalation Vulnerability
|
2020-12-16
|
CVE-2020-13512, CVE-2020-13513, CVE-2020-13514
|
8.8
|
TALOS-2020-1113
|
NZXT CAM WinRing0x64 driver IRP 0x9c406144 information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13516
|
6.5
|
TALOS-2020-1136
|
Lantronix XPort EDGE Web Manager and telnet CLI cleartext transmission of sensitive information vulnerability
|
2020-12-16
|
CVE-2020-13528
|
3.1
|
TALOS-2020-1147
|
Kepware LinkMaster Service privilege escalation vulnerability
|
2020-12-16
|
CVE-2020-13535
|
9 .3
|
TALOS-2020-1116
|
NZXT CAM WinRing0x64 driver IRP 0x9c402088 privilege escalation vulnerability
|
2020-12-16
|
CVE-2020-13519
|
8.8
|
TALOS-2020-1114
|
NZXT CAM WinRing0x64 Driver IRP 0x9c406104 information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13517
|
6.5
|
TALOS-2020-1110
|
NZXT CAM WinRing0x64 driver privileged I/O read IRPs information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13509, CVE-2020-13511
|
6.5
|
TALOS-2020-1112
|
NZXT CAM WinRing0x64 driver IRP 0x9c40a148 privilege escalation vulnerability
|
2020-12-16
|
CVE-2020-13515
|
8.8
|
TALOS-2020-1135
|
Lantronix XPort EDGE Web Manager CSRF vulnerability
|
2020-12-16
|
CVE-2020-13527
|
4.8
|
TALOS-2020-1115
|
NZXT CAM WinRing0x64 driver IRP 0x9c402084 information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13518
|
6.5
|
TALOS-2020-1171
|
Foxit Reader JavaScript choice field use-after-free vulnerability
|
2020-12-09
|
CVE-2020-13557
|
8.8
|
TALOS-2020-1166
|
Foxit Reader Javascript Field fileSelect Use After Free Vulnerability
|
2020-12-09
|
CVE-2020-13548
|
8.0
|
TALOS-2020-1165
|
Foxit Reader JavaScript media openPlayer type confusion vulnerability
|
2020-12-09
|
CVE-2020-13547
|
8.8
|
TALOS-2020-1181
|
Foxit Reader JavaScript remove template use-after-free vulnerability
|
2020-12-09
|
CVE-2020-13570
|
7.5
|
TALOS-2020-1175
|
Foxit Reader JavaScript choice field format event use-after-free vulnerability
|
2020-12-09
|
CVE-2020-13560
|
8.8
|
TALOS-2020-1153
|
Microsoft Office ElementType code execution vulnerability
|
2020-12-08
|
CVE-2020-17123
|
8.8
|
TALOS-2020-1140
|
Schneider Electric EcoStruxure Control Expert PLC Simulator Modbus message processing remote code execution vulnerability
|
2020-12-08
|
CVE-2020-7559
|
10.0
|
TALOS-2020-1144
|
Schneider Electric EcoStruxure Control Expert APX project file processing code execution vulnerability
|
2020-12-08
|
CVE-2020-7560
|
8.6
|
TALOS-2020-1170
|
EIP Stack Group OpENer Ethernet/IP server out-of-bounds write vulnerability
|
2020-12-02
|
CVE-2020-13556
|
9.8
|
TALOS-2020-1143
|
EIP Stack Group OpENer ethernet/IP server denial-of-service vulnerability
|
2020-12-02
|
CVE-2020-13530
|
7.5
|
TALOS-2020-1155
|
Webkit WebSocket code execution vulnerability
|
2020-11-30
|
CVE-2020-13543
|
8.8
|
TALOS-2020-1195
|
Webkit ImageDecoderGStreamer use-after-free vulnerability
|
2020-11-30
|
CVE-2020-13584
|
8.8
|
TALOS-2020-1126
|
ProcessMaker sort parameter multiple SQL Injection Vulnerabilities
|
2020-11-17
|
CVE-2020-13525, CVE-2020-13526
|
6.4
|
TALOS-2020-1125
|
Pixar OpenUSD binary file format specs memory corruption
|
2020-11-12
|
CVE-2020-13524
|
6.3
|
TALOS-2020-1103
|
Pixar OpenUSD Binary File Format Token Strings Information Leak Vulnerability
|
2020-11-12
|
CVE-2020-13494
|
4.3
|
TALOS-2020-1101
|
Pixar OpenUSD Binary File Format Compressed Value Reps Code Execution Vulnerabilities
|
2020-11-12
|
CVE-2020-6155
|
8.8
|
TALOS-2020-1120
|
Pixar OpenUSD Binary File Format Decompressed Path Rebuilding Memory corruption
|
2020-11-12
|
CVE-2020-13520
|
8.8
|
TALOS-2020-1105
|
Pixar OpenUSD binary file format index type values information leak vulnerability
|
2020-11-12
|
CVE-2020-13498,CVE-2020-13496,CVE-2020-13497
|
4.3
|
TALOS-2020-1094
|
Pixar OpenUSD binary file format compressed sections code execution vulnerabilities
|
2020-11-12
|
CVE-2020-6147, CVE-2020-6148, CVE-2020-6149, CVE-2020-6150, CVE-2020-6156, CVE-2020-13493
|
8.8
|
TALOS-2020-1145
|
Pixar OpenUSD SDF layer path remote code execution
|
2020-11-12
|
CVE-2020-13531
|
8.8
|
TALOS-2020-1104
|
Pixar OpenUSD binary file format offset seek information leak vulnerability
|
2020-11-12
|
CVE-2020-9973
|
4.3
|
TALOS-2020-1154
|
LogicalDoc installation privilege escalation vulnerability
|
2020-11-10
|
CVE-2020-13542
|
9.3
|
TALOS-2020-1032
|
BIMx Desktop Viewer Resource Parsing Integer Overflow Vulnerability
|
2020-11-06
|
CVE-2020-6099
|
8.8
|
TALOS-2020-1156
|
Adobe Acrobat Reader DC form field format use after free
|
2020-11-05
|
CVE-2020-24437
|
8.8
|
TALOS-2020-1157
|
Adobe Acrobat Reader DC JavaScript submitForm heap buffer overflow redux
|
2020-11-05
|
CVE-2020-24435
|
8.8
|
TALOS-2020-1148
|
Moxa MXView series installation privilege escalation vulnerability
|
2020-11-03
|
CVE-2020-13537,CVE-2020-13536
|
9.3
|
TALOS-2020-1086
|
Synology SRM web interface session cookie HttpOnly flag information disclosure vulnerability
|
2020-10-30
|
CVE-2020-27658
|
7.5
|
TALOS-2020-1058
|
Synology SRM QuickConnect authentication Information Disclosure Vulnerability
|
2020-10-29
|
CVE-2020-27649
|
8.3
|
TALOS-2020-1061
|
Synology SRM QuickConnect HTTP connection Information Disclosure Vulnerability
|
2020-10-29
|
CVE-2020-27653
|
8.3
|
TALOS-2020-1060
|
Synology QuickConnect servers HTTP redirection Information Disclosure Vulnerability
|
2020-10-29
|
None
|
8.3
|
TALOS-2020-1071
|
Synology SRM dnsExit DDNS provider information disclosure vulnerability
|
2020-10-29
|
CVE-2020-27656-CVE-2020-27657
|
4.0
|
TALOS-2020-1065
|
Synology SRM lbd service Command Execution Vulnerability
|
2020-10-29
|
CVE-2020-27654, CVE-2020-11117
|
9.6
|
TALOS-2020-1066
|
Synology SRM QuickConnect iptables network misconfiguration vulnerability
|
2020-10-29
|
CVE-2020-27655
|
6.5
|
TALOS-2020-1059
|
Synology SRM web interface session cookie secure flag Information Disclosure Vulnerability
|
2020-10-29
|
CVE-2020-27651
|
8.3
|
TALOS-2020-1064
|
Synology QuickConnect servers network misconfiguration vulnerability
|
2020-10-29
|
--
|
6.5
|
TALOS-2020-1123
|
Google Chrome DrawElementsInstanced information leak vulnerability
|
2020-10-22
|
CVE-2020-6555
|
6.8
|
TALOS-2020-1127
|
Google Chrome WebGL Buffer11::getBufferStorage Code Execution Vulnerability
|
2020-10-20
|
CVE-2020-6542
|
8.3
|
TALOS-2020-1049
|
F2fs-Tools F2fs.Fsck dev_read Information Disclosure Vulnerability
|
2020-10-14
|
CVE-2020-6107
|
4.4
|
TALOS-2020-1050
|
F2fs-Tools F2fs.Fsck fsck_chk_orphan_node Code Execution Vulnerability
|
2020-10-14
|
CVE-2020-6108
|
8.2
|
TALOS-2020-1046
|
F2fs-Tools F2fs.Fsck filesystem checking Information Disclosure Vulnerability
|
2020-10-14
|
CVE-2020-6104
|
4.4
|
TALOS-2020-1047
|
F2fs-Tools F2fs.Fsck Multiple Devices Code Execution Vulnerability
|
2020-10-14
|
CVE-2020-6105
|
8.2
|
TALOS-2020-1048
|
F2fs-Tools F2fs.Fsck init_node_manager Information Disclosure Vulnerability
|
2020-10-14
|
CVE-2020-6106
|
4.4
|
TALOS-2020-1005
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Port Segment Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-6083
|
7.5
|
TALOS-2020-1006
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Logical Segment Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-6084, CVE-2020-6085
|
7.5
|
TALOS-2020-1057
|
Allen-Bradley MicroLogix 1100 programmable logic controller systems IPv4 denial-of-service vulnerability
|
2020-10-13
|
CVE-2020-6111
|
7.5
|
TALOS-2020-1007
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Data Segment Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-6086, CVE-2020-6087
|
7.5
|
TALOS-2020-1102
|
AMD ATIKMDAG.SYS D3DKMTEscape handler Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-12933
|
7.1
|
TALOS-2020-1119
|
AMD ATIKMDAG.SYS D3DKMTCreateAllocation handler denial-of-service vulnerability
|
2020-10-07
|
CVE-2020-12911
|
7.1
|
TALOS-2020-1035
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
TALOS-2020-1038
|
NVIDIA D3D10 Driver nvwgf2umx_cfg.dll nvwg DCL_CONSTANT_BUFFER code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
TALOS-2020-1034
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV_SAT code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
TALOS-2020-1037
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MUL code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
TALOS-2020-1124
|
Apple Safari/Webkit aboutBlankURL() code execution vulnerability
|
2020-09-30
|
CVE-2020-9951
|
8.8
|
TALOS-2020-1129
|
Microsoft Azure Sphere Littlefs Quota denial of service vulnerability
|
2020-09-23
|
CVE-2020-16986
|
9.0
|
TALOS-2020-1106
|
Aveva eDNA Enterprise data historian CHaD.asmx multiple SQL injection vulnerabilities
|
2020-09-23
|
CVE-2020-13501,CVE-2020-13499,CVE-2020-13500
|
9.8
|
TALOS-2020-1130
|
Microsoft Azure Sphere Littlefs truncate information disclosure vulnerability
|
2020-09-23
|
None
|
7.1
|
TALOS-2020-1134
|
Microsoft Azure Sphere Normal World application PACKET_MMAP unsigned code execution vulnerability
|
2020-09-23
|
None
|
5.5
|
TALOS-2020-1139
|
Microsoft Azure Sphere Pluton SIGN_WITH_TENANT_ATTESTATION_KEY memory corruption vulnerability
|
2020-09-23
|
None
|
9.3
|
TALOS-2020-1084
|
Nitro Pro PDF ICCBased ColorSpace Stroke Color Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6146
|
8.8
|
TALOS-2020-1070
|
Nitro Pro Indexed ColorSpace Rendering Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6116
|
8.8
|
TALOS-2020-1068
|
Nitro Pro XRefTable Entry Missing Object Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6115
|
8.8
|
TALOS-2020-1063
|
Nitro Pro PDF Object Stream Parsing Number of Objects Remote Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6113
|
8.8
|
TALOS-2020-1062
|
Nitro Pro PDF JPEG2000 Stripe Sub-sample Decoding Out-of-bounds Write Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6112
|
8.8
|
TALOS-2020-1092
|
Google Chrome PDFium Javascript Active Document Memory Corruption Vulnerability
|
2020-09-14
|
CVE-2020-6513
|
6.3
|
TALOS-2020-1098
|
Microsoft Windows 10 CLFS.sys ValidateRegionBlocks privilege escalation vulnerability
|
2020-09-08
|
CVE-2020-1115
|
8.8
|
TALOS-2020-1096
|
Accusoft ImageGear DICOM parse_dicom_meta_info code execution vulnerability
|
2020-09-01
|
CVE-2020-6152
|
9.8
|
TALOS-2020-1095
|
Accusoft ImageGear TIFF handle_COMPRESSION_PACKBITS memory corruption vulnerability
|
2020-09-01
|
CVE-2020-6151
|
8.1
|
TALOS-2020-1073
|
OS4Ed openSIS email parameter SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6123, CVE-2020-6124
|
6.4
|
TALOS-2020-1081
|
OS4Ed openSIS login SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6141
|
9.8
|
TALOS-2020-1077
|
OS4Ed openSIS id parameter multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6132, CVE-2020-6133, CVE-2020-6134
|
6.4
|
TALOS-2020-1076
|
OS4Ed openSIS course_period_id parameter multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6129, CVE-2020-6130, CVE-2020-6131
|
6.4
|
TALOS-2020-1075
|
OS4Ed openSIS CoursePeriodModal.php page multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6126, CVE-2020-6127, CVE-2020-6128
|
6.4
|
TALOS-2020-1082
|
OS4Ed openSIS Modules.php remote code execution vulnerability
|
2020-08-31
|
CVE-2020-6142
|
9.9
|
TALOS-2020-1072
|
OS4Ed openSIS CheckDuplicateStudent.php page SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6117,CVE-2020-6119,CVE-2020-6121,CVE-2020-6118,CVE-2020-6120,CVE-2020-6122
|
6.4
|
TALOS-2020-1078
|
OS4Ed openSIS Validator.php SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6135
|
6.4
|
TALOS-2020-1083
|
OS4Ed openSIS install remote code execution vulnerability
|
2020-08-31
|
CVE-2020-6143, CVE-2020-6144
|
10.0
|
TALOS-2020-1074
|
OS4Ed openSIS GetSchool.php SQL injection Vulnerability
|
2020-08-31
|
CVE-2020-6125
|
6.4
|
TALOS-2020-1080
|
OS4Ed openSIS Password Reset Multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6137, CVE-2020-6138, CVE-2020-6139, CVE-2020-6140
|
9.8
|
TALOS-2020-1079
|
OS4Ed openSIS DownloadWindow.php SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6136
|
6.4
|
TALOS-2020-1036
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV2 code execution vulnerability
|
2020-08-30
|
CVE‑2020‑5981
|
8.5
|
TALOS-2020-1029
|
atftpd daemon Denial of Service Vulnerability
|
2020-08-26
|
CVE-2020-6097
|
7.5
|
TALOS-2020-1128
|
Microsoft Azure Sphere Normal World application READ_IMPLIES_EXEC personality unsigned code execution vulnerability
|
2020-08-24
|
CVE-2020-16984
|
6.2
|
TALOS-2020-1137
|
Microsoft Azure Sphere uid_map UID uniqueness privilege escalation vulnerability
|
2020-08-24
|
CVE-2020-16993
|
8.1
|
TALOS-2020-1085
|
Google Chrome WebGL code execution vulnerability
|
2020-08-24
|
CVE-2020-6492
|
8.3
|
TALOS-2020-1138
|
Microsoft Azure Sphere Normal World application /proc/thread-self/mem unsigned code execution vulnerability
|
2020-08-24
|
CVE-2020-16987
|
6.2
|
TALOS-2020-1133
|
Microsoft Azure Sphere Capability access control privilege escalation vulnerability
|
2020-08-24
|
None
|
8.1
|
TALOS-2020-1100
|
Internet Systems Consortium's BIND TCP Receive Buffer Length Assertion Check Denial of Service Vulnerability
|
2020-08-20
|
CVE-2020-8620
|
7.5
|
TALOS-2020-1091
|
ERPNext frappe.desk.reportview.get SQL injection vulnerability
|
2020-08-18
|
CVE-2020-6145
|
6.4
|
TALOS-2020-1122
|
SoftPerfect RAM Disk spvve.sys 0x222024 information disclosure vulnerability
|
2020-08-04
|
CVE-2020-13523
|
3.8
|
TALOS-2020-1121
|
SoftPerfect RAM Disk spvve.sys 0x222004 arbitrary file deletion vulnerability
|
2020-08-04
|
CVE-2020-13522
|
8.8
|
TALOS-2020-1132
|
Microsoft Azure Sphere mtd character device driver privilege escalation vulnerability
|
2020-07-31
|
CVE-2020-16982
|
8.1
|
TALOS-2020-1118
|
Microsoft Azure Sphere AF_AZSPIO socket memory corruption vulnerability
|
2020-07-31
|
CVE-2020-16970
|
8.1
|
TALOS-2020-1131
|
Microsoft Azure Sphere ASXipFS inode type privilege escalation vulnerability
|
2020-07-31
|
None
|
8.1
|
TALOS-2020-1117
|
Microsoft Azure Sphere asynchronous ioctl denial-of-service vulnerability
|
2020-07-31
|
CVE-2020-35609
|
7.1
|
TALOS-2020-1093
|
Microsoft Azure Sphere Normal World application /proc/self/mem unsigned code execution vulnerability
|
2020-07-31
|
CVE-2020-16994
|
6.2
|
TALOS-2020-1090
|
Microsoft Azure Sphere Normal World application ptrace unsigned code execution vulnerability
|
2020-07-31
|
CVE-2020-16991
|
6.2
|
TALOS-2020-1089
|
Microsoft Azure Sphere kernel message ring buffer Information Disclosure Vulnerability
|
2020-07-31
|
CVE-2020-16990
|
4.3
|
TALOS-2020-1030
|
freeDiameter freeDiameterd Denial of Service Vulnerability
|
2020-07-28
|
CVE-2020-6098
|
7.5
|
TALOS-2020-1069
|
Siemens LOGO! Web Server Code Execution Vulnerability
|
2020-07-15
|
CVE-2020-7593
|
10.0
|
TALOS-2020-1043
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality ROUND_NI Code Execution Vulnerability
|
2020-07-14
|
CVE-2020-6103
|
8.5
|
TALOS-2020-0979
|
Intel IGC64.DLL shader functionality ATOMIC_ADD code execution vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1036
|
8.5
|
TALOS-2020-0980
|
Intel IGC64.DLL shader functionality DCL_INDEXABLETEMP code execution vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1040
|
8.5
|
TALOS-2020-1040
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality MOV REG Code Execution Vulnerability
|
2020-07-14
|
CVE-2020-6100
|
8.5
|
TALOS-2020-0982
|
Intel IGC64.DLL Shader Functionality HeapReAlloc code execution vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1042
|
8.5
|
TALOS-2020-1042
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality RESOURCE Code Execution Vulnerability
|
2020-07-14
|
CVE-2020-6102
|
8.5
|
TALOS-2020-1041
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality DCL_OUTPUT Code Execution Vulnerability
|
2020-07-14
|
CVE-2020-6101
|
8.5
|
TALOS-2020-0983
|
Intel IGC64.DLL Shader Functionality hull shader denial of service vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1043
|
6.3
|
TALOS-2020-0981
|
Intel IGC64.DLL shader functionality realloc code execution vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1041
|
8.5
|
TALOS-2020-0978
|
Intel IGC64.DLL Shader Functionality DCL_OUTPUT code execution vulnerability
|
2020-07-14
|
Microsoft Hyper-V/RemoteFX: CVE-2020-1032
|
8.5
|
TALOS-2020-1067
|
Glacies IceHRM Admin Reports SQL injection Vulnerability
|
2020-07-10
|
CVE-2020-6114
|
6.6
|
TALOS-2020-1044
|
Google Chrome PDFium Javascript Regexp Memory Corruption Vulnerability
|
2020-07-02
|
CVE-2020-6458
|
8.8
|
TALOS-2020-1009
|
Leadtools Image Parser Animated Icon Code Execution Vulnerability
|
2020-07-01
|
CVE-2020-6089
|
8.8
|
TALOS-2020-1088
|
Mozilla Firefox URL mPath Information Disclosure Vulnerability
|
2020-07-01
|
CVE-2020-12418
|
6.5
|
TALOS-2019-0971
|
NVIDIA NVWGF2UMX_CFG.DLL shader functionality denial-of-service vulnerability
|
2020-06-24
|
CVE-2020-5965
|
8.5
|
TALOS-2020-1027
|
Microsoft Office Excel PivotField code execution vulnerability
|
2020-06-10
|
CVE-2020-1226
|
8.8
|
TALOS-2020-1010
|
WAGO PFC 200 Web-Based Management (WBM) Code Execution Vulnerability
|
2020-06-10
|
CVE-2020-6090
|
9.1
|
TALOS-2020-1053
|
Mozilla Firefox SharedWorkerService Code Execution Vulnerability
|
2020-06-10
|
CVE-2020-12405
|
8.8
|
TALOS-2020-1045
|
Microsoft Office Excel HTML and XML Table Code Execution Vulnerability
|
2020-06-10
|
CVE-2020-1225
|
8.8
|
TALOS-2020-1024
|
Siemens LOGO! TDE service "NFSAccess" Delete Denial of Service Vulnerability
|
2020-06-09
|
CVE-2020-7589
|
9.3
|
TALOS-2020-1026
|
Siemens LOGO! TDE service "NFSAccess" Upload File Write Vulnerability
|
2020-06-09
|
CVE-2020-7589
|
7.5
|
TALOS-2020-1025
|
Siemens LOGO! TDE service "DELETEPROG" Denial of Service Vulnerability
|
2020-06-09
|
CVE-2020-7589
|
9.3
|
TALOS-2020-1056
|
Zoom Client Application Chat Code Snippet Remote Code Execution Vulnerability
|
2020-06-03
|
CVE-2020-6110
|
8.0
|
TALOS-2020-1055
|
Zoom client application chat Giphy arbitrary file write
|
2020-06-03
|
CVE-2020-6109
|
8.5
|
TALOS-2020-1214
|
Webkit fireEventListeners use-after-free vulnerability
|
2020-06-02
|
CVE-2021-21806
|
8.8
|
TALOS-2019-0957
|
VMware Workstation 15 shader functionality round_ni denial of service vulnerability
|
2020-06-01
|
CVE-2020-3958
|
6.5
|
TALOS-2020-1011
|
Epson EB-1470Ui ESPON Web Control Authentication Bypass Vulnerability
|
2020-05-21
|
CVE-2020-6091
|
9.8
|
TALOS-2020-1019
|
GNU glibc ARMv7 memcpy() memory corruption vulnerability
|
2020-05-21
|
CVE-2020-6096
|
8.1
|
TALOS-2020-1087
|
Synology SRM SafeAccess 1.2.1-0220 code execution Vvulnerability
|
2020-05-18
|
CVE-2020-27659, CVE-2020-27660
|
8.3
|
TALOS-2020-0997
|
Nitro PRO PDF nested pages remote code execution vulnerability
|
2020-05-18
|
CVE-2020-6074
|
8.8
|
TALOS-2020-1013
|
Nitro Pro PDF Pattern Object Code Execution Vulnerability
|
2020-05-18
|
CVE-2020-6092
|
8.8
|
TALOS-2020-1014
|
Nitro Pro PDF Javascript XML error handling Information Disclosure Vulnerability
|
2020-05-18
|
CVE-2020-6093
|
6.5
|
TALOS-2020-1031
|
Adobe Acrobat Reader DC Javascript submitForm Remote Code Execution Vulnerability
|
2020-05-12
|
CVE-2020-9609
|
8.8
|
TALOS-2020-1028
|
Adobe Acrobat Reader DC Annotation Destroy Remote Code Execution
|
2020-05-12
|
CVE-2020-9607
|
8.8
|
TALOS-2020-1015
|
Microsoft Office Excel s_Schema Code Execution Vulnerability
|
2020-05-12
|
CVE-2020-0901
|
8.8
|
TALOS-2020-1051
|
Synology SRM DHCP monitor hostname parsing Denial of Service Vulnerability
|
2020-05-06
|
CVE-2019-11823
|
7.4
|
TALOS-2020-1003
|
3S-Smart Software Solutions GmbH CODESYS Runtime PLC_Task Code Execution Vulnerability
|
2020-05-06
|
CVE-2020-6081
|
9.9
|
TALOS-2020-1004
|
Accusoft ImageGear ICO ico_read buffer size computation code execution vulnerability
|
2020-05-05
|
CVE-2020-6082
|
9.8
|
TALOS-2020-1017
|
Accusoft ImageGear TIFF fill_in_raster buffer copy operation code execution vulnerability
|
2020-05-05
|
CVE-2020-6094
|
9.8
|
TALOS-2020-0998
|
Accusoft ImageGear PNG store_data_buffer size computation code execution vulnerability
|
2020-05-05
|
CVE-2020-6075
|
9.8
|
TALOS-2020-0999
|
Accusoft ImageGear ICO icoread code execution vulnerability
|
2020-05-05
|
CVE-2020-6076
|
9.8
|
TALOS-2020-1033
|
Windows 10 Insider Preview Fast win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability Regression
|
2020-05-05
|
--
|
8.4
|
TALOS-2020-1211
|
Linux Kernel /proc/pid/syscall information disclosure vulnerability
|
2020-04-27
|
CVE-2020-28588
|
4.0
|
TALOS-2020-1218
|
Prusa Research PrusaSlicer _3MF_Importer::_handle_end_model() use-after-free vulnerability
|
2020-04-21
|
CVE-2020-28594
|
8.8
|
TALOS-2020-1052
|
Zoom Communications Registered Users Enumeration
|
2020-04-21
|
--
|
6.5
|
TALOS-2020-1158
|
Synology DSM AppArmor synosearchagent misconfiguration vulnerability
|
2020-04-19
|
CVE-2021-26563
|
6.7
|
TALOS-2020-1012
|
Microsoft Media Foundation CQTMetadataKeysAtom GetKeyForIndex Information Disclosure Vulnerability
|
2020-04-14
|
CVE-2020-0939
|
6.5
|
TALOS-2020-0988
|
F2fs-tools fsck.f2fs sanity_check_area_boundary code execution vulnerability
|
2020-04-09
|
CVE-2020-6070
|
6.7
|
TALOS-2020-1039
|
NVIDIA D3D10 Driver nvwgf2umx_cfg.dll nvwg FTOI code execution vulnerability
|
2020-03-25
|
CVE‑2020‑5981
|
8.5
|
TALOS-2019-0897
|
3S-Smart Software Solutions CODESYS GatewayService memory corruption vulnerability
|
2020-03-25
|
CVE-2019-5105
|
7.5
|
TALOS-2019-0894
|
Intel Raid Web Console 3 add server denial-of-service vulnerability
|
2020-03-24
|
CVE-2020-8688
|
7.5
|
TALOS-2019-0914
|
Intel Raid Web Console 3 DISCOVERY Denial of Service
|
2020-03-24
|
CVE-2020-8688
|
7.5
|
TALOS-2020-1000
|
Videolabs libmicrodns 0.1.0 message-parsing bounds denial-of-service vulnerability
|
2020-03-23
|
CVE-2020-6077
|
7.5
|
TALOS-2020-0996
|
Videolabs libmicrodns 0.1.0 TXT record RDATA-parsing denial-of-service vulnerability
|
2020-03-23
|
CVE-2020-6073
|
7.5
|
TALOS-2020-1002
|
Videolabs libmicrodns 0.1.0 resource allocation denial-of-service vulnerabilities
|
2020-03-23
|
CVE-2020-6079, CVE-2020-6080
|
7.5
|
TALOS-2020-0994
|
Videolabs libmicrodns 0.1.0 resource record recursive label uncompression denial-of-service vulnerability
|
2020-03-23
|
CVE-2020-6071
|
7.5
|
TALOS-2020-0995
|
Videolabs libmicrodns 0.1.0 rr_decode return value remote code execution vulnerability
|
2020-03-23
|
CVE-2020-6072
|
9.8
|
TALOS-2020-1018
|
GStreamer gst-rtsp-server GstRTSPAuth Denial of Service Vulnerability
|
2020-03-23
|
CVE-2020-6095
|
7.5
|
TALOS-2020-1001
|
Videolabs libmicrodns 0.1.0 mdns_recv return value denial-of-service vulnerability
|
2020-03-23
|
CVE-2020-6078
|
7.5
|
TALOS-2020-1016
|
Microsoft Windows 10 Kernel SetMapMode MM_HIENGLISH information disclosure vulnerability
|
2020-03-10
|
CVE-2020-0791
|
7.3
|
TALOS-2019-0952
|
WAGO e!COCKPIT file path improper input validation vulnerability
|
2020-03-09
|
CVE-2019-5159
|
8.6
|
TALOS-2019-0923
|
WAGO PFC100/200 Web-Based Management (WBM) Authentication Regex Information Disclosure Vulnerability
|
2020-03-09
|
CVE-2019-5134
|
5.3
|
TALOS-2019-0966
|
WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Memory Corruption Vulnerabilities
|
2020-03-09
|
CVE-2019-5185, CVE-2019-5186
|
7.0
|
TALOS-2019-0924
|
WAGO PFC100/200 Web-Based Management (WBM) Authentication Timing Information Disclosure Vulnerability
|
2020-03-09
|
CVE-2019-5135
|
5.3
|
TALOS-2019-0939
|
WAGO PFC100/200 Web-Based Management (WBM) FastCGI configuration insufficient resource pool denial of service
|
2020-03-09
|
CVE-2019-5149
|
5.3
|
TALOS-2019-0949
|
WAGO PFC200 Cloud Connectivity TimeoutPrepared Command Injection Vulnerability
|
2020-03-09
|
CVE-2019-5156
|
7.2
|
TALOS-2019-0962
|
WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Command Injection Vulnerabilities
|
2020-03-09
|
CVE-2019-5167, CVE-2019-5168, CVE-2019-5169, CVE-2019-5170, CVE-2019-5171, CVE-2019-5172, CVE-2019-5173, CVE-2019-5174, CVE-2019-5175
|
8.8
|
TALOS-2019-0948
|
WAGO PFC200 Cloud Connectivity Multiple Command Injection Vulnerabilities
|
2020-03-09
|
CVE-2019-5155
|
7.2
|
TALOS-2019-0965
|
WAGO PFC200 iocheckd service "I/O-Check" cache gateway Memory Corruption Vulnerability
|
2020-03-09
|
CVE-2019-5184
|
7.0
|
TALOS-2019-0950
|
WAGO PFC200 Cloud Connectivity TimeoutUnconfirmed Command Injection Vulnerability
|
2020-03-09
|
CVE-2019-5157
|
7.2
|
TALOS-2019-0899
|
WAGO e!Cockpit network communication cleartext transmission vulnerability
|
2020-03-09
|
CVE-2019-5107
|
7.5
|
TALOS-2019-0954
|
WAGO PFC200 Cloud Connectivity Remote Code Execution Vulnerability
|
2020-03-09
|
CVE-2019-5161
|
9.1
|
TALOS-2019-0953
|
WAGO PFC200 Cloud Connectivity Improper Host Validation Vulnerability
|
2020-03-09
|
CVE-2019-5160
|
9.1
|
TALOS-2019-0963
|
WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Code Execution Vulnerabilities
|
2020-03-09
|
CVE-2019-5176, CVE-2019-5177, CVE-2019-5178, CVE-2019-5179, CVE-2019-5180, CVE-2019-5181, CVE-2019-5182
|
8.8
|
TALOS-2019-0969
|
Zoom conference room connector service insufficient session invalidation
|
2020-03-05
|
--
|
6.4
|
TALOS-2020-1172
|
Webkit AudioSourceProviderGStreamer use-after-free vulnerability
|
2020-03-03
|
CVE-2020-13558
|
8.8
|
TALOS-2020-1221
|
Epignosis eFront LMS Password Reset authentication bypass vulnerability
|
2020-03-03
|
CVE-2020-28597
|
9.8
|
TALOS-2020-1173
|
Synology DSM findhostd unencrypted credentials disclosure vulnerability
|
2020-02-25
|
--
|
8.0
|
TALOS-2019-0928
|
Moxa AWK-3131A multiple iw_* utilities Use of Hard-coded Credentials Vulnerability
|
2020-02-24
|
CVE-2019-5139
|
6.2
|
TALOS-2019-0927
|
Moxa AWK-3131A Encrypted Diagnostic Script Command Injection Vulnerability
|
2020-02-24
|
CVE-2019-5138
|
9.9
|
TALOS-2019-0960
|
Moxa AWK-3131A iw_webs hostname Authentication Bypass Vulnerability
|
2020-02-24
|
CVE-2019-5165
|
8.0
|
TALOS-2019-0938
|
Moxa AWK-3131A ServiceAgent denial-of-service vulnerability
|
2020-02-24
|
CVE-2019-5148
|
7.5
|
TALOS-2019-0929
|
Moxa AWK-3131A iw_webs DecryptScriptFile file name Command Injection Vulnerability
|
2020-02-24
|
CVE-2019-5140
|
8.8
|
TALOS-2019-0925
|
Moxa AWK-3131A iw_console Privilege Escalation Vulnerability
|
2020-02-24
|
CVE-2019-5136
|
8.8
|
TALOS-2019-0930
|
Moxa AWK-3131A iw_webs iw_serverip Parameter Command Injection Vulnerability
|
2020-02-24
|
CVE-2019-5141
|
8.8
|
TALOS-2019-0944
|
Moxa AWK-3131A iw_webs User Configuration Remote Code Execution Vulnerability
|
2020-02-24
|
CVE-2019-5153
|
9.9
|
TALOS-2020-1215
|
Slic3r libslic3r AMF File AMFParserContext::endElement() out-of-bounds read vulnerability
|
2020-02-24
|
CVE-2020-28591
|
8.6
|
TALOS-2019-0955
|
Moxa AWK-3131A iw_webs Account Settings Improper Access Control Vulnerability
|
2020-02-24
|
CVE-2019-5162
|
9.9
|
TALOS-2019-0926
|
Moxa AWK-3131A ServiceAgent Use of Hard-coded Cryptographic Key
|
2020-02-24
|
CVE-2019-5137
|
7.5
|
TALOS-2019-0932
|
Moxa AWK-3131A iw_console conio_writestr Remote Code Execution Vulnerability
|
2020-02-24
|
CVE-2019-5143
|
8.8
|
TALOS-2019-0931
|
Moxa AWK-3131A WAP Hostname Command Injection Vulnerability
|
2020-02-24
|
CVE-2019-5142
|
7.2
|
TALOS-2020-0984
|
CoTURN HTTP Server POST-parsing information leak vulnerability
|
2020-02-18
|
CVE-2020-6061
|
7.0
|
TALOS-2020-0985
|
CoTURN HTTP Server POST-parsing denial-of-service vulnerability
|
2020-02-18
|
CVE-2020-6062
|
5.9
|
TALOS-2019-0967
|
Apple Safari FontFaceSet Remote Code Execution Vulnerability
|
2020-02-12
|
CVE-2020-3868
|
8.8
|
TALOS-2019-0959
|
Adobe Acrobat Reader DC Javascript Field Name Information Leak
|
2020-02-11
|
CVE-2020-3744
|
6.8
|
TALOS-2019-0970
|
Windows 10 win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability
|
2020-02-11
|
CVE-2020-0731
|
8.4
|
TALOS-2019-0946
|
Microsoft Media Foundation IMFASFSplitter::Initialize Code Execution Vulnerability
|
2020-02-11
|
CVE-2020-0738
|
8.8
|
TALOS-2019-0968
|
Microsoft Office Excel Ordinal43 code execution vulnerability
|
2020-02-11
|
CVE-2020-0759
|
8.8
|
TALOS-2020-0986
|
Accusoft ImageGear PCX uncompress_scan_line buffer size computation code execution vulnerability
|
2020-02-10
|
CVE-2020-6063
|
9.8
|
TALOS-2020-0989
|
Accusoft ImageGear BMP bmp_parsing buffer size computation code execution vulnerability
|
2020-02-10
|
CVE-2020-6065
|
9.8
|
TALOS-2020-0990
|
Accusoft ImageGear JPEG SOFx Code Execution Vulnerability
|
2020-02-10
|
CVE-2020-6066
|
9.8
|
TALOS-2020-0993
|
Accusoft ImageGear JPEG jpegread precision code execution vulnerability
|
2020-02-10
|
CVE-2020-6069
|
9.8
|
TALOS-2020-0987
|
Accusoft ImageGear PCX uncompress_scan_line buffer copy operation code execution vulnerability
|
2020-02-10
|
CVE-2020-6064
|
9.8
|
TALOS-2020-0991
|
Accusoft ImageGear TIFF tifread code execution vulnerability
|
2020-02-10
|
CVE-2020-6067
|
9.8
|
TALOS-2019-0972
|
Accusoft ImageGear TIFF TIF_read_stripdata code execution vulnerability
|
2020-02-05
|
CVE-2019-5187
|
9.8
|
TALOS-2020-0976
|
Mini-SNMPD decode_int Information Leak Vulnerability
|
2020-02-03
|
CVE-2020-6059
|
8.2
|
TALOS-2020-0977
|
Mini-SNMPD socket disconnect denial-of-service vulnerability
|
2020-02-03
|
CVE-2020-6060
|
7.5
|
TALOS-2020-0975
|
Mini-SNMPD decode_cnt information leak vulnerability
|
2020-02-03
|
CVE-2020-6058
|
8.2
|
TALOS-2020-0992
|
Accusoft ImageGear PNG pngread width code execution vulnerability
|
2020-01-27
|
CVE-2020-6068
|
9.8
|
TALOS-2019-0937
|
AMD ATI Radeon ATIDXX64.DLL MAD shader functionality denial-of-service vulnerability
|
2020-01-21
|
CVE-2019-5146
|
8.6
|
TALOS-2019-0964
|
AMD ATI Radeon ATIDXX64.DLL shader functionality VTABLE remote code execution vulnerability
|
2020-01-21
|
CVE-2019-5183
|
9.0
|
TALOS-2019-0913
|
AMD ATI Radeon ATIDXX64.DLL shader functionality constant buffer denial-of-service vulnerability
|
2020-01-21
|
CVE-2019-5124
|
8.6
|
TALOS-2019-0936
|
AMD ATI Radeon ATIDXX64.DLL MOVC shader functionality denial-of-service vulnerability
|
2020-01-21
|
CVE-2019-5147
|
8.6
|
TALOS-2019-0915
|
Foxit PDF Reader Javascript Field Action Validate Remote Code Execution Vulnerability
|
2020-01-16
|
CVE-2019-5126
|
8.8
|
TALOS-2019-0920
|
Foxit PDF Reader JavaScript field action OnBlur remote code execution vulnerability
|
2020-01-16
|
CVE-2019-5131
|
8.8
|
TALOS-2019-0934
|
Foxit PDF Reader JavaScript field keystroke action remote code execution vulnerability
|
2020-01-16
|
CVE-2019-5145
|
8.8
|
TALOS-2019-0935
|
Foxit PDF Reader Javascript createTemplate Invalid Page Code Execution Vulnerability
|
2020-01-16
|
CVE-2019-5130
|
8.0
|
TALOS-2019-0973
|
E2fsprogs e2fsck rehash.c mutate_name() Code Execution Vulnerability
|
2020-01-07
|
CVE-2019-5188
|
7.5
|
TALOS-2019-0852
|
OpenCV XML Persistence Parser Buffer Overflow Vulnerability
|
2020-01-02
|
CVE-2019-5063
|
8.8
|
TALOS-2019-0853
|
OpenCV JSON persistence parser buffer overflow vulnerability
|
2020-01-02
|
CVE-2019-5064
|
8.8
|
TALOS-2019-0870
|
WAGO PFC200 iocheckd service "I/O-Check" Erase Denial of Service Vulnerability
|
2019-12-16
|
CVE-2019-5078
|
10.0
|
TALOS-2019-0872
|
WAGO PFC200 iocheckd service "I/O-Check" factory restore denial-of-service vulnerability
|
2019-12-16
|
CVE-2019-5080
|
10.0
|
TALOS-2019-0863
|
WAGO PFC200 iocheckd service "I/O-Check" BC_ProductLabel remote code execution vulnerability
|
2019-12-16
|
CVE-2019-5074
|
9.8
|
TALOS-2019-0871
|
WAGO PFC200 iocheckd service "I/O-Check" ReadPSN remote code execution vulnerability
|
2019-12-16
|
CVE-2019-5079
|
10.0
|
TALOS-2019-0869
|
WAGO PFC200 iocheckd service "I/O-Check" MAC Address overwrite Denial of Service Vulnerability
|
2019-12-16
|
CVE-2019-5077
|
10.0
|
TALOS-2019-0873
|
WAGO PFC200 iocheckd service "I/O-Check" ReadPCBManuNum remote code execution vulnerability
|
2019-12-16
|
CVE-2019-5081
|
10.0
|
TALOS-2019-0874
|
WAGO PFC200 iocheckd service "I/O-Check" ReadPCBManuNum remote code execution vulnerability
|
2019-12-16
|
CVE-2019-5082
|
10.0
|
TALOS-2019-0864
|
WAGO PFC200 iocheckd service "I/O-Check" get_coupler_details remote code execution vulnerability
|
2019-12-16
|
CVE-2019-5075
|
9.8
|
TALOS-2019-0862
|
WAGO PFC200 iocheckd service "I/O-Check" external tool information exposure vulnerability
|
2019-12-16
|
CVE-2019-5073
|
5.3
|
TALOS-2019-0900
|
Linux kernel CAM table denial-of-service vulnerability
|
2019-12-11
|
CVE-2019-5108
|
7.4
|
TALOS-2019-0849
|
W1.fi hostapd CAM table denial-of-service vulnerability
|
2019-12-11
|
CVE-2019-5061
|
7.4
|
TALOS-2019-0943
|
Apple Safari SVG Marker Element baseVal Remote Code Execution Vulnerability
|
2019-12-11
|
CVE-2019-8846
|
8.8
|
TALOS-2019-0850
|
W1.fi hostapd deauthentication denial-of-service vulnerability
|
2019-12-11
|
CVE-2019-5062
|
7.4
|
TALOS-2019-0933
|
Kakadu Software SDK ATK marker code execution vulnerability
|
2019-12-11
|
CVE-2019-5144
|
8.1
|
TALOS-2019-0895
|
Microsoft Remote Desktop Services (RDP7) Windows XP Multiple Information Leak Vulnerabilities
|
2019-12-10
|
CVE-2019-1489
|
5.3
|
TALOS-2019-0882
|
LEADTOOLS libltdic.so DICOM LDicomNet::receive information disclosure vulnerability
|
2019-12-10
|
CVE-2019-5090
|
9.1
|
TALOS-2019-0947
|
Adobe Acrobat Reader DC Javascript gotoNamedDest information leak vulnerability
|
2019-12-10
|
CVE-2019-16463
|
6.8
|
TALOS-2019-0877
|
LEADTOOLS libltdic.so DICOM receive code execution vulnerability
|
2019-12-10
|
CVE-2019-5085
|
9.8
|
TALOS-2019-0901
|
Microsoft Remote Desktop Services (RDP8) license negotiation denial-of-service vulnerability
|
2019-12-10
|
CVE-2019-1453
|
7.5
|
TALOS-2019-0945
|
LEADTOOLS JPEG2000 Isot parsing Memory Corruption Vulnerability
|
2019-12-10
|
CVE-2019-5154
|
8.8
|
TALOS-2019-0885
|
LEADTOOLS libltdic.so DICOM LDicomNet::SendData Code Execution Vulnerability
|
2019-12-10
|
CVE-2019-5093
|
8.1
|
TALOS-2019-0884
|
LEADTOOLS DICOM UI Parsing Code Execution Vulnerability
|
2019-12-10
|
CVE-2019-5092
|
8.8
|
TALOS-2019-0883
|
LEADTOOLS libltdic.so LDicomAssociate::SetBinary denial-of-service vulnerability
|
2019-12-10
|
CVE-2019-5091
|
7.5
|
TALOS-2019-0890
|
AMD ATI Radeon ATIDXX64.DLL shader functionality sincos denial-of-service vulnerability
|
2019-12-05
|
CVE-2019-5098
|
8.6
|
TALOS-2019-0958
|
Shadowsocks-libev ss-manager add_server Code Execution Vulnerability
|
2019-12-03
|
CVE-2019-5164
|
7.8
|
TALOS-2019-0942
|
Shadowsocks-libev ss-server Stream Cipher Information Disclosure Vulnerability
|
2019-12-03
|
CVE-2019-5152
|
7.4
|
TALOS-2019-0956
|
Shadowsocks-libev ss-server UdpRelay Denial-of-Service Vulnerability
|
2019-12-03
|
CVE-2019-5163
|
5.9
|
TALOS-2019-0904
|
Forma LMS 2.2.1 /appLms/ajax.server.php filter_cat and filter_status parameters SQL injections
|
2019-12-02
|
CVE-2019-5111 - CVE-2019-5112
|
7.4
|
TALOS-2019-0888
|
EmbedThis GoAhead web server code execution vulnerability
|
2019-12-02
|
CVE-2019-5096
|
9.8
|
TALOS-2019-0865
|
Accusoft ImageGear PNG IHDR width code execution vulnerability
|
2019-12-02
|
CVE-2019-5076
|
9.8
|
TALOS-2019-0889
|
EmbedThis GoAhead web server denial-of-service vulnerability
|
2019-12-02
|
CVE-2019-5097
|
5.3
|
TALOS-2019-0922
|
Accusoft ImageGear BMP code execution vulnerability
|
2019-12-02
|
CVE-2019-5133
|
9.8
|
TALOS-2019-0902
|
Forma LMS 2.2.1 ajax.adm_server.php dir parameter SQL injections
|
2019-12-02
|
CVE-2019-5109
|
7.4
|
TALOS-2019-0903
|
Forma LMS 2.2.1 /appCore/index.php users parameter SQL injections
|
2019-12-02
|
CVE-2019-5110
|
7.4
|
TALOS-2019-0921
|
Accusoft ImageGear GEM Raster Code Execution Vulnerability
|
2019-12-02
|
CVE-2019-5132
|
9.8
|
TALOS-2019-0875
|
Accusoft ImageGear TIFF TIF_decode_thunderscan code execution vulnerability
|
2019-12-02
|
CVE-2019-5083
|
9.8
|
TALOS-2019-0861
|
Tenda AC9 /goform/WanParameterSetting Command Injection Vulnerability
|
2019-11-21
|
CVE-2019-5071-CVE-2019-5072
|
7.8
|
TALOS-2019-0878
|
xcftools flattenIncrementally tiles walk code execution vulnerability
|
2019-11-21
|
CVE-2019-5086
|
7.5
|
TALOS-2019-0879
|
xcftools flattenIncrementally rows allocation code execution vulnerability
|
2019-11-20
|
CVE-2019-5087
|
8.8
|
TALOS-2019-0893
|
OpenWrt ustream-ssl certificate verification information leak vulnerability
|
2019-11-15
|
CVE-2019-5101,CVE-2019-5102
|
4.0
|
TALOS-2019-0845
|
Intel IGC64.DLL shader functionality DCL_INDEXABLE_TEMP denial-of-service vulnerability
|
2019-11-13
|
CVE-2019-14574
|
8.5
|
TALOS-2019-0790
|
Exhibitor UI command injection vulnerability
|
2019-11-13
|
CVE-2019-5029
|
9.8
|
TALOS-2019-0886
|
Microsoft Office Excel WorksheetOptions Code Execution Vulnerability
|
2019-11-12
|
CVE-2019-1448
|
8.8
|
TALOS-2019-0912
|
Microsoft Media Foundation CMP4MetadataHandler AddQTMetadata Code Execution Vulnerability
|
2019-11-12
|
CVE-2019-1430
|
8.8
|
TALOS-2019-0891
|
LEADTOOLS CMP-parsing code execution vulnerability
|
2019-11-05
|
CVE-2019-5099
|
8.8
|
TALOS-2019-0892
|
LEADTOOLS BMP Parsing Remote Code Execution Vulnerability
|
2019-11-05
|
CVE-2019-5100
|
8.8
|
TALOS-2019-0876
|
LEADTOOLS TIF ImageWidth code execution vulnerability
|
2019-11-05
|
CVE-2019-5084
|
8.8
|
TALOS-2019-0916
|
LEADTOOLS JPEG2000 j2pc Parsing Remote Code Execution Vulnerability
|
2019-11-05
|
CVE-2019-5125
|
8.8
|
TALOS-2019-0881
|
Investintech Able2Extract professional JPEG decoding code execution vulnerability
|
2019-11-04
|
CVE-2019-5089
|
8.8
|
TALOS-2019-0880
|
Investintech Able2Extract Professional BMP decoding biClrUsed code execution vulnerability
|
2019-11-04
|
CVE-2019-5088
|
8.8
|
TALOS-2019-0941
|
YouPHPTube /objects/video.php getVideo videoName code execution vulnerability
|
2019-10-30
|
CVE-2019-5151
|
10.0
|
TALOS-2019-0940
|
YouPHPTube /objects/video.php getVideo search code execution vulnerability
|
2019-10-30
|
CVE-2019-5150
|
8.9
|
TALOS-2019-0848
|
VMware Fusion 11 Shader Functionality Denial Of Service
|
2019-10-28
|
CVE-2019-5536
|
6.5
|
TALOS-2019-0857
|
X11 Mesa 3D Graphics Library shared memory permissions vulnerability
|
2019-10-23
|
CVE-2019-5068
|
5.1
|
TALOS-2019-0910
|
YouPHPTube /plugin/AD_Server/view/campaignsVideos.json.php id SQL injection vulnerability
|
2019-10-17
|
CVE-2019-5120
|
7.4
|
TALOS-2019-0911
|
YouPHPTube /objects/pluginSwitch.json.php Multiple SQL Injection Vulnerabilities
|
2019-10-17
|
CVE-2019-5121 - CVE-2019-5123
|
7.4
|
TALOS-2019-0908
|
YouPHPTube /objects/subscribe.json.php SQL injection vulnerability
|
2019-10-17
|
CVE-2019-5117
|
7.4
|
TALOS-2019-0906
|
YouPHPTube /objects/commentAddNew.json.php comments_id SQL injection vulnerability
|
2019-10-17
|
CVE-2019-5114
|
7.4
|
TALOS-2019-0907
|
YouPHPTube /objects/videoAddNew.json.php SQL injection vulnerability
|
2019-10-17
|
CVE-2019-5116
|
7.4
|
TALOS-2019-0909
|
YouPHPTube /objects/subscribeNotify.json.php user_id SQL injection vulnerability
|
2019-10-17
|
CVE-2019-5119
|
7.4
|
TALOS-2019-0917
|
YouPHPTube Encoder base64Url multiple command injections
|
2019-10-17
|
CVE-2019-5127 - CVE-2019-5129
|
10.0
|
TALOS-2019-0860
|
Adobe Acrobat Reader DC text field value remote code execution vulnerability redux
|
2019-10-15
|
CVE-2019-8183
|
8.8
|
TALOS-2019-0819
|
NitroPDF Page Kids Remote Code Execution Vulnerability
|
2019-10-09
|
CVE-2019-5050
|
8.8
|
TALOS-2019-0814
|
NitroPDF jpeg2000 ssizDepth Remote Code Execution Vulnerability
|
2019-10-09
|
CVE-2019-5045
|
8.8
|
TALOS-2019-0830
|
NitroPDF Stream Length Memory Corruption Vulnerability
|
2019-10-09
|
CVE-2019-5053
|
7.5
|
TALOS-2019-0816
|
NitroPDF CharProcs Remote Code Execution Vulnerability
|
2019-10-09
|
CVE-2019-5047
|
7.5
|
TALOS-2019-0815
|
NitroPDF jpeg2000 yTsiz Remote Code Execution Vulnerability
|
2019-10-09
|
CVE-2019-5046
|
8.8
|
TALOS-2019-0817
|
NitroPDF ICCBased Color Space Remote Code Execution Vulnerability
|
2019-10-09
|
CVE-2019-5048
|
8.8
|
TALOS-2019-0822
|
Schneider Electric Modicon M580 FTP firmware update loader service denial-of-service vulnerability
|
2019-10-08
|
CVE-2019-6841
|
4.9
|
TALOS-2019-0851
|
Schneider Electric Modicon M580 TFTP server information disclosure vulnerability
|
2019-10-08
|
CVE-2019-6851
|
7.5
|
TALOS-2019-0827
|
Schneider Electric Modicon M580 FTP cleartext authentication vulnerability
|
2019-10-08
|
CVE-2019-6846
|
5.9
|
TALOS-2019-0826
|
Schneider Electric Modicon M580 UMAS cleartext data transmission vulnerability
|
2019-10-08
|
CVE-2019-6845
|
5.9
|
TALOS-2019-0823
|
Schneider Electric Modicon M580 FTP incomplete firmware update denial-of-service vulnerability
|
2019-10-08
|
CVE-2019-6842
|
4.9
|
TALOS-2019-0824
|
Schneider Electric Modicon M580 malformed firmware image FTP upgrade denial-of-service vulnerability
|
2019-10-08
|
CVE-2019-6843
|
4.9
|
TALOS-2019-0867
|
Schneider Electric Modicon M580 UMAS REST API getcominfo information disclosure vulnerability
|
2019-10-08
|
CVE-2019-6849
|
7.5
|
TALOS-2019-0825
|
Schneider Electric Modicon M580 Mismatched Firmware Image FTP Upgrade Denial of Service Vulnerability
|
2019-10-08
|
CVE-2019-6844
|
4.9
|
TALOS-2019-0868
|
Schneider Electric Modicon M580 UMAS REST API readbolarray information disclosure vulnerability
|
2019-10-08
|
CVE-2019-6850
|
7.5
|
TALOS-2019-0866
|
Schneider Electric Modicon M580 UMAS REST API getcominfo denial-of-service vulnerability
|
2019-10-08
|
CVE-2019-6848
|
8.6
|
TALOS-2019-0847
|
Schneider Electric Modicon M580 outdated firmware image FTP upgrade denial-of-service vulnerability
|
2019-10-08
|
CVE-2019-6847
|
4.9
|
TALOS-2019-0793
|
Foxit PDF Reader JavaScript Array.includes remote code execution vulnerability
|
2019-09-30
|
CVE-2019-5031
|
8.8
|
TALOS-2019-0887
|
E2fsprogs quotaio_tree.c report_tree() code execution vulnerability
|
2019-09-24
|
CVE-2019-5094
|
7.5
|
TALOS-2019-0855
|
Aspose.PDF for C++ LZWDecode filter predictor remote code execution vulnerability
|
2019-09-17
|
CVE-2019-5066
|
9.8
|
TALOS-2019-0856
|
Aspose.PDF for C++ parent generation remote code execution vulnerability
|
2019-09-17
|
CVE-2019-5067
|
9.8
|
TALOS-2019-0809
|
Aspose.PDF for C++ Remote Code Execution Vulnerability
|
2019-09-17
|
CVE-2019-5042
|
8.8
|
TALOS-2019-0840
|
Atlassian Jira Worklog Information Disclosure Vulnerability
|
2019-09-16
|
CVE-2019-8445
|
4.3
|
TALOS-2019-0839
|
Atlassian Jira issueTable username information disclosure vulnerability
|
2019-09-16
|
CVE-2019-8446
|
5.3
|
TALOS-2019-0836
|
Atlassian Jira Issue Key Information Disclosure Vulnerability
|
2019-09-16
|
CVE-2019-14995
|
5.3
|
TALOS-2019-0838
|
Atlassian Jira Tempo plugin issue summary information disclosure vulnerability
|
2019-09-16
|
CVE-2019-5095
|
4.3
|
TALOS-2019-0818
|
AMD ATI Radeon ATIDXX64.DLL shader functionality remote code execution vulnerability
|
2019-09-16
|
CVE-2019-5049
|
9.0
|
TALOS-2019-0833
|
Atlassian Jira WikiRenderer parser XSS vulnerability
|
2019-09-16
|
CVE-2019-8444
|
7.4
|
TALOS-2019-0837
|
Atlassian Jira issue attachment name information disclosure vulnerability
|
2019-09-16
|
CVE-2019-14995
|
5.3
|
TALOS-2019-0834
|
Atlassian Jira CSRF Login Vulnerability
|
2019-09-16
|
CVE-2019-15002
|
3.5
|
TALOS-2019-0835
|
Atlassian Jira CSRF Protections Bypass Vulnerability
|
2019-09-16
|
CVE-2019-14998
|
5.4
|
TALOS-2019-0831
|
NETGEAR N300 WNR2000v5 unauthenticated HTTP denial-of-service vulnerability
|
2019-09-09
|
CVE-2019-5054
|
7.5
|
TALOS-2019-0832
|
NETGEAR N300 WNR2000v5 unauthenticated host access point daemon denial-of-service vulnerability
|
2019-09-09
|
CVE-2019-5055
|
7.5
|
TALOS-2019-0854
|
Blynk inc. Blynk-Library BlynkProtocol<Transp>::processInput() information disclosure vulnerability
|
2019-09-04
|
CVE-2019-5065
|
5.3
|
TALOS-2019-0858
|
Epignosis eFront LMS PHP deserialization code execution vulnerability
|
2019-09-03
|
CVE-2019-5069
|
8.8
|
TALOS-2019-0859
|
Epignosis eFront LMS unauthenticated SQL injection vulnerability
|
2019-09-03
|
CVE-2019-5070
|
6.5
|
TALOS-2019-0794
|
Aspose Aspose.Cells for C++ LabelSst Code Execution Vulnerability
|
2019-08-20
|
CVE-2019-5032
|
9.8
|
TALOS-2019-0805
|
Aspose Aspose.Words for C++ EnumMetaInfo Code Execution Vulnerability
|
2019-08-20
|
CVE-2019-5041
|
9.8
|
TALOS-2019-0795
|
Aspose Aspose.Cells for C++ Number Code Execution Vulnerability
|
2019-08-20
|
CVE-2019-5033
|
9.8
|
TALOS-2019-0802
|
Nest Labs Openweave Weave ASN1Writer PutValue Code Execution Vulnerability
|
2019-08-19
|
CVE-2019-5039
|
7.5
|
TALOS-2019-0800
|
Nest Labs Nest Cam IQ Indoor WeaveCASEEngine::DecodeCertificateInfo denial-of-service vulnerability
|
2019-08-19
|
CVE-2019-5037
|
7.5
|
TALOS-2019-0797
|
Nest Labs Nest Cam IQ Indoor Weave Legacy Pairing Information Disclosure Vulnerability
|
2019-08-19
|
CVE-2019-5034
|
5.3
|
TALOS-2019-0801
|
Nest Labs Openweave Weave tool Print-TLV code execution vulnerability
|
2019-08-19
|
CVE-2019-5038
|
7.5
|
TALOS-2019-0803
|
Nest Labs Openweave Weave DecodeMessageWithLength Information Disclosure Vulnerability
|
2019-08-19
|
CVE-2019-5040
|
8.2
|
TALOS-2019-0798
|
Nest Labs Nest Cam IQ Indoor Weave PASE pairing brute force vulnerability
|
2019-08-19
|
CVE-2019-5035
|
9.0
|
TALOS-2019-0799
|
Nest Labs Nest Cam IQ Indoor Weave KeyError denial-of-service vulnerability
|
2019-08-19
|
CVE-2019-5036
|
7.5
|
TALOS-2019-0810
|
Nest Labs Nest Cam IQ Indoor Weave TCP connection denial-of-service vulnerability
|
2019-08-19
|
CVE-2019-5043
|
5.3
|
TALOS-2018-0736
|
Schneider Electric Modicon M580 UMAS read strategy denial-of-service vulnerability
|
2019-08-13
|
CVE-2019-6809
|
7.5
|
TALOS-2019-0807
|
Schneider Electric Modicon M580 UMAS Function Code 0x29 Denial of Service Vulnerability
|
2019-08-13
|
CVE-2019-6829
|
7.5
|
TALOS-2019-0806
|
Schneider Electric Modicon M580 UMAS Read System Coils and Registers Denial of Service Vulnerability
|
2019-08-13
|
CVE-2019-6828
|
7.5
|
TALOS-2019-0808
|
Schneider Electric Modicon M580 HTTP Request Denial of Service Vulnerability
|
2019-08-13
|
CVE-2019-6830
|
5.9
|
TALOS-2019-0829
|
MongoDB Server session reuse vulnerability
|
2019-08-06
|
CVE-2019-2386
|
7.1
|
TALOS-2019-0813
|
NVIDIA NVWGF2UMX_CFG.DLL Shader functionality DCL_INDEXABLETEMP code execution vulnerability
|
2019-08-05
|
CVE-2019- 5685
|
9.0
|
TALOS-2019-0779
|
NVIDIA NVWGF2UMX_CFG.DLL shader functionality code execution vulnerability
|
2019-08-05
|
CVE‑2019‑5684
|
9.0
|
TALOS-2019-0757
|
VMware Workstation 15 pixel shader functionality denial of service vulnerability
|
2019-08-05
|
CVE‑2019‑5521
|
6.5
|
TALOS-2019-0812
|
NVIDIA NVWGF2UMX_CFG.DLL Shader functionality DCL_INDEXABLETEMP code execution vulnerability
|
2019-08-05
|
CVE-2019-5685
|
9.0
|
TALOS-2019-0781
|
Yara Object Lookup Denial of Service Vulnerability
|
2019-07-30
|
CVE-2019-5020
|
6.5
|
TALOS-2019-0844
|
SDL_image XPM image colorhash parsing Code Execution Vulnerability
|
2019-07-29
|
CVE-2019-5060
|
8.8
|
TALOS-2019-0843
|
SDL_image XPM image color code code execution vulnerability
|
2019-07-29
|
CVE-2019-5059
|
8.8
|
TALOS-2019-0841
|
SDL_image PCX Image Code execution Vulnerability
|
2019-07-29
|
CVE-2019-5057
|
8.8
|
TALOS-2019-0842
|
SDL_image XCF Image Code Execution Vulnerability
|
2019-07-29
|
CVE-2019-5058
|
8.8
|
TALOS-2019-0820
|
Simple DirectMedia Layer SDL2_image IMG_LoadPCX_RW code execution vulnerability
|
2019-07-02
|
CVE-2019-5051
|
8.8
|
TALOS-2019-0821
|
Simple DirectMedia Layer SDL2_image IMG_LoadPCX_RW signed comparison code execution vulnerability
|
2019-07-02
|
CVE-2019-5052
|
8.8
|
TALOS-2019-0791
|
Google V8 Array.prototype Memory Corruption Vulnerability
|
2019-07-01
|
CVE-2019-5831
|
7.5
|
TALOS-2019-0776
|
KCodes NetUSB unauthenticated remote kernel information disclosure vulnerability
|
2019-06-17
|
CVE-2019-5017
|
5.8
|
TALOS-2019-0775
|
KCodes NetUSB unauthenticated remote kernel arbitrary memory read vulnerability
|
2019-06-14
|
CVE-2019-5016
|
10.0
|
TALOS-2019-0763
|
Schneider Electric Modicon M580 UMAS function code 0x6d multiple denial-of-service vulnerabilities
|
2019-06-10
|
CVE-2018-7852
|
7.5
|
TALOS-2018-0735
|
Schneider Electric Modicon M580 UMAS release reservation denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7846
|
5.3
|
TALOS-2018-0740
|
Schneider Electric Modicon M580 UMAS strategy read information disclosure vulnerability
|
2019-06-10
|
CVE-2018-7848
|
7.5
|
TALOS-2019-0770
|
Schneider Electric Modicon M580 UMAS write system bits and blocks denial-of-service vulnerability
|
2019-06-10
|
CVE-2019-6807
|
7.5
|
TALOS-2019-0764
|
Schneider Electric Modicon M580 UMAS function code 0x28 denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7853
|
7.5
|
TALOS-2019-0765
|
Schneider Electric Modicon M580 UMAS function code 0x65 denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7854
|
7.5
|
TALOS-2018-0742
|
Schneider Electric Modicon M580 UMAS Strategy File Write Vulnerability
|
2019-06-10
|
CVE-2018-7847
|
9.8
|
TALOS-2019-0768
|
Schneider Electric Modicon M580 UMAS write system coils and holding registers denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7857
|
7.5
|
TALOS-2018-0738
|
Schneider Electric Modicon M580 UMAS memory block read denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7843
|
7.5
|
TALOS-2019-0766
|
Schneider Electric Modicon M580 UMAS set breakpoint denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7855
|
7.5
|
TALOS-2019-0769
|
Schneider Electric Modicon M580 UMAS read system blocks and bits information disclosure vulnerability
|
2019-06-10
|
CVE-2019-6806
|
7.5
|
TALOS-2018-0741
|
Schneider Electric Modicon M580 UMAS Improper Authentication Vulnerability
|
2019-06-10
|
CVE-2018-7842
|
7.5
|
TALOS-2018-0745
|
Schneider Electric Modicon M580 UMAS Read Memory Block Out Of Bounds Information Disclosure Vulnerability
|
2019-06-10
|
CVE-2018-7845
|
7.5
|
TALOS-2019-0771
|
Schneider Electric UnityPro PLC simulator remote code execution vulnerability
|
2019-06-10
|
CVE-2019-6808
|
10.0
|
TALOS-2018-0737
|
Schneider Electric Modicon M580 UMAS strategy transfer denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7849
|
7.5
|
TALOS-2018-0739
|
Schneider Electric Modicon M580 UMAS read memory block information disclosure vulnerability
|
2019-06-10
|
CVE-2018-7844
|
7.5
|
TALOS-2018-0743
|
Schneider Electric Modicon M580 UnityPro reliance on untrusted inputs vulnerability
|
2019-06-10
|
CVE-2018-7850
|
7.5
|
TALOS-2019-0767
|
Schneider Electric Modicon M580 UMAS memory block write denial-of-service vulnerability
|
2019-06-10
|
CVE-2018-7856
|
7.5
|
TALOS-2019-0846
|
Jenkins Artifactory Plugin fillCredentialsIdItems information disclosure vulnerability
|
2019-06-04
|
CVE-2019-10323
|
4.3
|
TALOS-2019-0787
|
Jenkins Artifactory Plugin information disclosure vulnerability
|
2019-06-04
|
CVE-2019-10321 - CVE-2019-10322
|
7.7
|
TALOS-2019-0784
|
PaX read_kmem denial of service vulnerability
|
2019-05-29
|
CVE-2019-5023
|
5.3
|
TALOS-2019-0760
|
Wacom update helper tool startProcess privilege escalation vulnerability
|
2019-05-16
|
CVE-2019-5012
|
7.8
|
TALOS-2019-0761
|
Wacom update helper tool start/stopLaunchDProcess privilege escalation vulnerability
|
2019-05-16
|
CVE-2019-5013
|
7.1
|
TALOS-2019-0778
|
Adobe Acrobat Reader DC OCGs state change remote code execution vulnerability
|
2019-05-14
|
CVE-2019-7761
|
8.8
|
TALOS-2019-0792
|
Antenna House Rainbow PDF Office server document converter TxMasterStyleAtom parsing code execution vulnerability
|
2019-05-14
|
CVE-2019-5030
|
8.8
|
TALOS-2019-0796
|
Adobe Acrobat Reader DC app.thermometer Remote Code Execution Vulnerability
|
2019-05-14
|
CVE-2019-7831
|
8.0
|
TALOS-2018-0696
|
Novatek NT9665X XML_GetThumbNail denial-of-service vulnerability
|
2019-05-13
|
CVE-2018-4024
|
7.5
|
TALOS-2018-0688
|
Anker Roav A1 Dashcam Wifi AP Default Credential Vulnerability
|
2019-05-13
|
CVE-2018-4017
|
7.1
|
TALOS-2018-0685
|
Anker Roav A1 Dashcam WifiCmd 9999 Code Execution Vulnerability
|
2019-05-13
|
CVE-2018-4014
|
8.0
|
TALOS-2018-0700
|
Novatek NT9665X HFS Overwrite denial-of-service vulnerability
|
2019-05-13
|
CVE-2018-4028
|
5.3
|
TALOS-2018-0687
|
Anker Roav A1 Dashcam HTTP Path Overflow Code Execution Vulnerability
|
2019-05-13
|
CVE-2018-4016
|
8.0
|
TALOS-2018-0699
|
Novatek NT9665X XML_UploadFile WifiCmd denial-of-service vulnerability
|
2019-05-13
|
CVE-2018-4027
|
5.3
|
TALOS-2018-0701
|
Novatek NT9665X HFS Recv buffer overflow code execution vulnerability
|
2019-05-13
|
CVE-2018-4029
|
10.0
|
TALOS-2018-0698
|
Novatek NT9665X XML_GetScreen Strncmp denial-of-service vulnerability
|
2019-05-13
|
CVE-2018-4026
|
7.5
|
TALOS-2018-0689
|
Novatek NT9665X HTTP Upload Firmware Update Vulnerability
|
2019-05-13
|
CVE-2018-4018
|
10.0
|
TALOS-2018-0695
|
Novatek NT9665X XML_UploadFile path overflow code execution vulnerability
|
2019-05-13
|
CVE-2018-4023
|
10.0
|
TALOS-2018-0697
|
Novatek NT9665X XML_GetRawEncJpg denial-of-service vulnerability
|
2019-05-13
|
CVE-2018-4025
|
7.5
|
TALOS-2019-0777
|
Sqlite3 Window Function Remote Code Execution Vulnerability
|
2019-05-09
|
CVE-2019-5018
|
8.1
|
TALOS-2019-0782
|
Alpine Linux Docker Image root User Hard-Coded Credential Vulnerability
|
2019-05-08
|
CVE-2019-5021
|
9.8
|
TALOS-2019-0772
|
Winco Fireworks FireFly Bluetooth Low Energy Improper Access Control Vulnerability
|
2019-05-08
|
CVE-2019-5014
|
6.5
|
TALOS-2019-0786
|
Jenkins Ansible Tower Plugin information disclosure vulnerability
|
2019-05-06
|
CVE-2019-10310
|
7.7
|
TALOS-2019-0783
|
Jenkins Swarm Plugin XML external entities information disclosure vulnerability
|
2019-05-06
|
CVE-2019-10309
|
6.1
|
TALOS-2019-0788
|
Jenkins GitLab Plugin Information Disclosure Vulnerability
|
2019-05-06
|
CVE-2019-10300
|
7.7
|
TALOS-2018-0749
|
Sierra Wireless AirLink ES450 ACEManager upload.cgi Unverified Password Change Vulnerability
|
2019-04-25
|
CVE-2018-4064
|
8.5
|
TALOS-2018-0751
|
Sierra Wireless AirLink ES450 ACEManager Cross-Site Request Forgery Vulnerability
|
2019-04-25
|
CVE-2018-4066
|
6.4
|
TALOS-2018-0756
|
Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Set_Task.cgi Permission Assignment Vulnerability
|
2019-04-25
|
CVE-2018-4072, CVE-2018-4073
|
9.9
|
TALOS-2018-0750
|
Sierra Wireless AirLink ES450 ACEManager ping_result.cgi Cross-Site Scripting Vulnerability
|
2019-04-25
|
CVE-2018-4065
|
6.1
|
TALOS-2018-0755
|
Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Get_Task.cgi Information Disclosure Vulnerability
|
2019-04-25
|
CVE-2018-4070, CVE-2018-4071
|
7.7
|
TALOS-2018-0752
|
Sierra Wireless AirLink ES450 ACEManager template_load.cgi Information Disclosure Vulnerability
|
2019-04-25
|
CVE-2018-4067
|
5.0
|
TALOS-2018-0753
|
Sierra Wireless AirLink ES450 ACEManager Information Disclosure Vulnerability
|
2019-04-25
|
CVE-2018-4068
|
5.3
|
TALOS-2018-0748
|
Sierra Wireless AirLink ES450 ACEManager upload.cgi Remote Code Execution Vulnerability
|
2019-04-25
|
CVE-2018-4063
|
9.9
|
TALOS-2018-0754
|
Sierra Wireless AirLink ES450 ACEManager Information Exposure Vulnerability
|
2019-04-25
|
CVE-2018-4069
|
5.9
|
TALOS-2018-0746
|
Sierra Wireless AirLink ES450 ACEManager iplogging.cgi command injection vulnerability
|
2019-04-25
|
CVE-2018-4061
|
9.9
|
TALOS-2018-0747
|
Sierra Wireless AirLink ES450 SNMPD hard-coded credentials vulnerability
|
2019-04-25
|
CVE-2018-4062
|
7.7
|
TALOS-2018-0693
|
Symantec Endpoint Protection Small Business Edition ccSetx86.sys 0x224844 kernel memory information disclosure vulnerability
|
2019-04-23
|
CVE-2018-18366
|
4.3
|
TALOS-2018-0673
|
Shimo VPN Helper Tool disconnectService denial-of-service vulnerability
|
2019-04-15
|
CVE-2018-4004
|
7.1
|
TALOS-2018-0674
|
Shimo VPN helper tool configureRoutingWithCommand privilege escalation vulnerability
|
2019-04-15
|
CVE-2018-4005
|
9.3
|
TALOS-2018-0678
|
Shimo VPN helper tool code-signing privilege escalation vulnerability
|
2019-04-15
|
CVE-2018-4009
|
8.8
|
TALOS-2018-0677
|
Shimo VPN helper tool RunVpncScript privilege escalation vulnerability
|
2019-04-15
|
CVE-2018-4008
|
9.3
|
TALOS-2018-0675
|
Shimo VPN helper tool writeConfig privilege escalation vulnerability
|
2019-04-15
|
CVE-2018-4006
|
9.3
|
TALOS-2018-0676
|
Shimo VPN helper tool deleteConfig denial-of-service vulnerability
|
2019-04-15
|
CVE-2018-4007
|
9.0
|
TALOS-2019-0762
|
VMware Workstation 15 vertex shader functionality denial-of-service vulnerability
|
2019-04-15
|
CVE-2019-5516
|
6.5
|
TALOS-2019-0774
|
Adobe Acrobat Reader DC text field value remote code execution vulnerability — redux
|
2019-04-09
|
CVE-2019-7125
|
8.8
|
TALOS-2019-0785
|
Capsule Technologies SmartLinx Neuron 2 restricted environment protection mechanism failure vulnerability
|
2019-04-08
|
CVE-2019-5024
|
7.6
|
TALOS-2018-0725
|
GOG Galaxy Games createFolderAtPath privilege escalation vulnerability
|
2019-03-26
|
CVE-2018-4051
|
7.1
|
TALOS-2018-0724
|
GOG Galaxy Games changeFolderPermissionsAtPath privilege escalation vulnerability
|
2019-03-26
|
CVE-2018-4050
|
7.1
|
TALOS-2018-0722
|
GOG Galaxy updater temp directory insecure file permissions local privilege elevation vulnerability
|
2019-03-26
|
CVE-2018-4048
|
9.3
|
TALOS-2018-0727
|
GOG Galaxy Games privileged helper denial-of-service vulnerability
|
2019-03-26
|
CVE-2018-4053
|
6.2
|
TALOS-2018-0723
|
GOG Galaxy Games directory insecure file permissions local privilege elevation vulnerability
|
2019-03-26
|
CVE-2018-4049
|
9.3
|
TALOS-2018-0647
|
Nouveau Display Driver Remote Denial of Service
|
2019-03-26
|
CVE-2018-3979
|
7.4
|
TALOS-2018-0640
|
GOG Galaxy service insecure file permissions local privilege elevation vulnerability
|
2019-03-26
|
CVE-2018-3974
|
9.3
|
TALOS-2018-0726
|
GOG Galaxy Games fillProcessInformationForPids information leak vulnerability
|
2019-03-26
|
CVE-2018-4052
|
6.2
|
TALOS-2018-0703
|
CUJO Smart Firewall threatd hostname reputation check code execution vulnerability
|
2019-03-19
|
CVE-2018-4031
|
9.0
|
TALOS-2018-0681
|
CUJO Smart Firewall mdnscap mDNS SRV record denial-of-service vulnerability
|
2019-03-19
|
CVE-2018-4011
|
6.5
|
TALOS-2018-0633
|
Das U-Boot verified boot bypass
|
2019-03-19
|
CVE-2018-3968
|
8.2
|
TALOS-2018-0672
|
CUJO Smart Firewall mdnscap mDNS character-strings code execution vulnerability
|
2019-03-19
|
CVE-2018-4003
|
8.3
|
TALOS-2018-0702
|
CUJO Smart Firewall safe browsing Host header-parsing firewall bypass vulnerability
|
2019-03-19
|
CVE-2018-4030
|
5.3
|
TALOS-2018-0627
|
CUJO Smart Firewall static DHCP hostname command injection vulnerability
|
2019-03-19
|
CVE-2018-3963
|
9.0
|
TALOS-2018-0671
|
CUJO Smart Firewall mdnscap mDNS label compression denial-of-service vulnerability
|
2019-03-19
|
CVE-2018-4002
|
5.3
|
TALOS-2018-0634
|
CUJO Smart Firewall dhcpd.conf verified boot bypass
|
2019-03-19
|
CVE-2018-3969
|
8.2
|
TALOS-2018-0653
|
CUJO Smart Firewall mdnscap mDNS record parsing code execution vulnerability
|
2019-03-19
|
CVE-2018-3985
|
8.3
|
TALOS-2019-0759
|
CleanMyMac X incomplete update patch privilege escalation vulnerability
|
2019-03-11
|
CVE-2019-5011
|
7.1
|
TALOS-2019-0961
|
WAGO PFC200 iocheckd service "I/O-Check" cache DNS code execution vulnerability
|
2019-03-09
|
CVE-2019-5166
|
8.8
|
TALOS-2019-0951
|
WAGO e!COCKPIT Firmware Downgrade Vulnerability
|
2019-03-09
|
CVE-2019-5158
|
8.6
|
TALOS-2019-0898
|
WAGO e!Cockpit authentication hard-coded encryption key vulnerability
|
2019-03-09
|
CVE-2019-5106
|
6.2
|
TALOS-2019-0773
|
Pixar Renderman Install Helper Privilege Escalation Vulnerability
|
2019-03-07
|
CVE-2019-5015
|
9.0
|
TALOS-2019-0780
|
Antenna House Rainbow PDF Office server document converter getSummaryInformation NumProperties code execution vulnerability
|
2019-02-28
|
CVE-2019-5019
|
8.8
|
TALOS-2017-0509
|
McAfee GetSusp VersionInfo Parsing Denial of Service Vulnerability
|
2019-02-20
|
CVE-2018-6687
|
6.5
|
TALOS-2018-0682
|
AutoDesk AutoCAD 2019 LinetypeTableRecord Code Execution Vulnerability
|
2019-02-14
|
CVE-2019-7360
|
8.8
|
TALOS-2018-0670
|
AutoDesk AutoCAD 2019 DXF-parsing code execution vulnerability
|
2019-02-14
|
CVE-2019-7358
|
8.8
|
TALOS-2018-0680
|
AutoDesk AutoCAD 2019 cell margin code execution vulnerability
|
2019-02-14
|
CVE-2019-7359
|
8.8
|
TALOS-2018-0714
|
Adobe Acrobat Reader DC text field "comb" property remote code execution vulnerability
|
2019-02-12
|
CVE-2019-7039
|
8.8
|
TALOS-2018-0655
|
Rakuten Viber Android Secret Chats Information Disclosure Vulnerability
|
2019-02-07
|
CVE-2018-3987
|
4.2
|
TALOS-2018-0642
|
ACD Systems Canvas Draw 5 IO metadata out-of-bounds write code execution vulnerability
|
2019-01-30
|
CVE-2018-3976
|
8.8
|
TALOS-2018-0648
|
ACD Systems Canvas Draw 5 huff table out-of-bounds write code execution vulnerability
|
2019-01-30
|
CVE-2018-3980
|
8.8
|
TALOS-2018-0649
|
ACD Systems Canvas Draw 5 Resolution_Set out-of-bounds write code execution vulnerability
|
2019-01-30
|
CVE-2018-3981
|
8.8
|
TALOS-2018-0638
|
ACD Systems Canvas Draw 4 FillSpan Out of Bounds Write Code Execution Vulnerability
|
2019-01-30
|
CVE-2018-3973
|
8.8
|
TALOS-2019-0758
|
Python.org CPython X509 certificate parsing denial-of-service vulnerability
|
2019-01-28
|
CVE-2019-5010
|
5.9
|
TALOS-2018-0657
|
WIBU-SYSTEMS WibuKey.sys 0x8200E804 kernel memory information disclosure vulnerability
|
2019-01-28
|
CVE-2018-3989
|
4.3
|
TALOS-2018-0658
|
WIBU-SYSTEMS WibuKey.sys 0x8200E804 pool corruption privilege escalation vulnerability
|
2019-01-28
|
CVE-2018-3990
|
9.3
|
TALOS-2018-0659
|
WIBU-SYSTEMS WibuKey network server management WkbProgramLow remote code execution vulnerability
|
2019-01-28
|
CVE-2018-3991
|
10.0
|
TALOS-2019-0919
|
Bitdefender BOX 2 bootstrap download_image command injection vulnerability
|
2019-01-21
|
CVE-2019-17095, CVE-2019-17096
|
9.0
|
TALOS-2019-0918
|
Bitdefender BOX 2 bootstrap update_setup command execution vulnerability
|
2019-01-21
|
CVE-2019-17102
|
9.0
|
TALOS-2018-0728
|
Pixar Renderman install helper privilege escalation vulnerability
|
2019-01-14
|
CVE-2018-4054
|
9.0
|
TALOS-2018-0729
|
Pixar Renderman Install Helper Arbitrary File Read Privilege Escalation Vulnerability
|
2019-01-14
|
CVE-2018-4055
|
7.1
|
TALOS-2018-0615
|
Apple IntelHD5000 Graphics Process Token Privilege Escalation Vulnerability
|
2019-01-08
|
CVE-2018-4421
|
8.8
|
TALOS-2018-0614
|
Apple IntelHD5000 Graphics Delete Resource Privilege Escalation Vulnerability
|
2019-01-03
|
CVE-2018-4456, CVE-2018-4451
|
8.8
|
TALOS-2018-0626
|
Foxit PDF Reader XFA xdpContent information leak vulnerability
|
2019-01-03
|
CVE-2018-3956
|
6.8
|
TALOS-2018-0708
|
CleanMyMac X truncateFileAtPath Privilege Escalation Vulnerability
|
2019-01-02
|
CVE-2018-4035
|
7.1
|
TALOS-2018-0718
|
Clean My Mac X removePackageWithID privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4044
|
7.1
|
TALOS-2018-0719
|
Clean My Mac X securelyRemoveItemAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4045
|
7.1
|
TALOS-2018-0716
|
Clean My Mac X removeLaunchdAgentAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4042
|
7.1
|
TALOS-2018-0721
|
Clean My Mac X disableLaunchdAgentAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4047
|
7.1
|
TALOS-2018-0710
|
CleanMyMac X removeDiagnosticLogs privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4037
|
7.1
|
TALOS-2018-0707
|
CleanMyMac X removeItemAtPath Privilege Escalation Vulnerability
|
2019-01-02
|
CVE-2018-4034
|
7.1
|
TALOS-2018-0709
|
CleanMyMac X removeKextAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4036
|
7.1
|
TALOS-2018-0715
|
Clean My Mac X enableLaunchdAgentAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4041
|
7.1
|
TALOS-2018-0717
|
Clean My Mac X removeASL Privilege Escalation Vulnerability
|
2019-01-02
|
CVE-2018-4043
|
7.1
|
TALOS-2018-0706
|
CleanMyMac X moveToTrashItemAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4033
|
7.1
|
TALOS-2018-0705
|
CleanMyMac X moveItemAtPath privilege escalation vulnerability
|
2019-01-02
|
CVE-2018-4032
|
7.1
|
TALOS-2018-0720
|
Clean My Mac X pleaseTerminate denial-of-service vulnerability
|
2019-01-02
|
CVE-2018-4046
|
7.1
|
TALOS-2018-0654
|
Telegram Android Secret Chats Information Disclosure Vulnerability
|
2018-12-21
|
CVE-2018-3986
|
4.2
|
TALOS-2018-0683
|
Webroot BrightCloud SDK HTTP headers-parsing code execution vulnerability
|
2018-12-17
|
CVE-2018-4012
|
9.0
|
TALOS-2018-0686
|
Webroot BrightCloud SDK HTTP connection unsafe defaults vulnerability
|
2018-12-17
|
CVE-2018-4015
|
8.1
|
TALOS-2018-0704
|
Adobe Acrobat Reader DC Text Field Value Remote Code Execution Vulnerability
|
2018-12-11
|
CVE-2018-19716
|
8.8
|
TALOS-2018-0643
|
Facebook WhatsApp Desktop Multiple Web Connection Notice Bypass Vulnerability
|
2018-12-10
|
--
|
6.0
|
TALOS-2018-0656
|
Signal Messenger Android self deleting messages Information Disclosure Vulnerability
|
2018-12-06
|
CVE-2018-3988
|
3.3
|
TALOS-2018-0690
|
Netgate pfSense system_advanced_misc.php multiple remote command injection vulnerabilities
|
2018-12-03
|
CVE-2018-4019, CVE-2018-4020, CVE-2018-4021
|
7.2
|
TALOS-2018-0711
|
Atlantis Word Processor open document format unchecked NewAnsiString length remote code execution vulnerability
|
2018-11-20
|
CVE-2018-4038
|
8.8
|
TALOS-2018-0712
|
Atlantis Word Processor Huffman table code length remote code execution vulnerability
|
2018-11-20
|
CVE-2018-4039
|
8.8
|
TALOS-2018-0713
|
Atlantis Word Processor rich text format uninitialized TAutoList remote code execution vulnerability
|
2018-11-20
|
CVE-2018-4040
|
8.8
|
TALOS-2018-0618
|
TP-Link TL-R600VPN HTTP server information disclosure vulnerability
|
2018-11-19
|
CVE-2018-3949
|
7.5
|
TALOS-2018-0619
|
TP-Link TL-R600VPN HTTP server ping address remote code execution vulnerability
|
2018-11-19
|
CVE-2018-3950
|
7.2
|
TALOS-2018-0620
|
TP-Link TL-R600VPN HTTP Server fs directory Remote Code Execution Vulnerability
|
2018-11-19
|
CVE-2018-3951
|
7.2
|
TALOS-2018-0617
|
TP-Link TL-R600VPN HTTP server denial-of-service vulnerability
|
2018-11-19
|
CVE-2018-3948
|
7.5
|
TALOS-2018-0602
|
Yi Technology Home Camera 27US CRCDec denial-of-service vulnerability
|
2018-10-31
|
CVE-2018-3935
|
7.5
|
TALOS-2018-0645
|
Simple DirectMedia Layer SDL2_Image do_layer_surface code execution vulnerability
|
2018-10-31
|
CVE-2018-3977
|
8.8
|
TALOS-2018-0580
|
Yi Technology Home Camera 27US cloudAPI SSID Code Execution Vulnerability
|
2018-10-31
|
CVE-2018-3910
|
8.8
|
TALOS-2018-0616
|
Yi Technology Home Camera 27US p2p_tnp cleartext data transmission vulnerability
|
2018-10-31
|
CVE-2018-3947
|
9.0
|
TALOS-2018-0595
|
Yi Technology Home Camera 27US notice_to denial-of-service vulnerability
|
2018-10-31
|
CVE-2018-3928
|
7.5
|
TALOS-2018-0584
|
Yi Technology Home Camera 27US Firmware 7z CRC Collision Vulnerability
|
2018-10-31
|
CVE-2018-3920
|
7.6
|
TALOS-2018-0565
|
Yi Technology Home Camera 27US Firmware Update Code Execution Vulnerability
|
2018-10-31
|
CVE-2018-3890
|
7.6
|
TALOS-2018-0572
|
Yi Technology Home Camera 27US QR Code Base64 Code Execution Vulnerability
|
2018-10-31
|
CVE-2018-3900
|
9.1
|
TALOS-2018-0567
|
Yi Technology Home Camera 27US TimeSync Code Execution Vulnerability
|
2018-10-31
|
CVE-2018-3892
|
9.6
|
TALOS-2018-0601
|
Yi Technology Home Camera 27US nonce reuse authentication bypass vulnerability
|
2018-10-31
|
CVE-2018-3934
|
9.0
|
TALOS-2018-0566
|
Yi Technology Home Camera 27US Firmware Downgrade Vulnerability
|
2018-10-31
|
CVE-2018-3891
|
5.7
|
TALOS-2018-0571
|
Yi Technology Home Camera 27US QR Code trans_info Code Execution Vulnerability
|
2018-10-31
|
CVE-2018-3898, CVE-2018-3899
|
8.3
|
TALOS-2018-0694
|
MKVToolNix MKVINFO read_one_element code execution vulnerability
|
2018-10-26
|
CVE-2018-4022
|
7.3
|
TALOS-2018-0635
|
Sophos HitmanPro.Alert hmpalert 0x222000 kernel memory disclosure vulnerability
|
2018-10-25
|
CVE-2018-3970
|
4.0
|
TALOS-2018-0636
|
Sophos HitmanPro.Alert hmpalert 0x2222CC privilege escalation vulnerability
|
2018-10-25
|
CVE-2018-3971
|
9.3
|
TALOS-2018-0684
|
Live Networks LIVE555 streaming media RTSPServer lookForHeader code execution vulnerability
|
2018-10-18
|
CVE-2018-4013
|
10.0
|
TALOS-2018-0625
|
Linksys ESeries multiple OS command injection vulnerabilities
|
2018-10-16
|
CVE-2018-3953, CVE-2018-3954, CVE-2018-3955
|
7.2
|
TALOS-2018-0644
|
Microsoft WindowsCodecs.dll SniffAndConvertToWideString information leak vulnerability
|
2018-10-10
|
CVE-2018-8506
|
5.3
|
TALOS-2018-0589
|
VMware Workstation 14 Shader Functionality Assert Denial Of Service
|
2018-10-09
|
CVE-2018-6977
|
6.5
|
TALOS-2018-0533
|
Intel Unified Shader Compiler for Intel Graphics Accelerator Pointer Corruption
|
2018-10-09
|
CVE-2018-12152
|
9.0
|
TALOS-2018-0579
|
Intel Unified Shader Compiler for Intel Graphics Accelerator Remote Denial Of Service
|
2018-10-09
|
CVE-2018-12154
|
6.5
|
TALOS-2018-0568
|
Intel Unified Shader Compiler for Intel Graphics Accelerator Remote Denial Of Service
|
2018-10-09
|
CVE-2018-12153
|
7.7
|
TALOS-2018-0537
|
Intuit Quicken Deluxe 2018 for Mac Password Protection Authentication Bypass Vulnerability
|
2018-10-09
|
CVE-2018-3854
|
7.1
|
TALOS-2018-0639
|
Google PDFium JBIG2 image ComposeToOpt2WithRect information disclosure vulnerability
|
2018-10-03
|
CVE-2018-16076
|
5.9
|
TALOS-2018-0623
|
Adobe Acrobat Reader DC collab review server remote code execution vulnerability
|
2018-10-02
|
CVE-2018-12852
|
6.8
|
TALOS-2018-0631
|
Foxit PDF Reader JavaScript this.dataObjects remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3966
|
8.0
|
TALOS-2018-0613
|
Foxit PDF Reader JavaScript getPageNthWord remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3946
|
8.0
|
TALOS-2018-0666
|
Atlantis Word Processor Windows Enhanced Metafile Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3998
|
8.8
|
TALOS-2018-0629
|
Foxit PDF Reader JavaScript getPageNumWords remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3964
|
8.0
|
TALOS-2018-0664
|
Foxit PDF Reader JavaScript field object isDefaultChecked remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3996
|
8.0
|
TALOS-2018-0660
|
Foxit PDF Reader JavaScript page change remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3992
|
8.0
|
TALOS-2018-0650
|
Atlantis Word Processor document endnote reference code execution vulnerability
|
2018-10-01
|
CVE-2018-3982
|
8.8
|
TALOS-2018-0663
|
Foxit PDF Reader JavaScript Field object signatureInfo remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3995
|
8.0
|
TALOS-2018-0665
|
Foxit PDF Reader JavaScript field object signatureGetSeedValue remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3997
|
8.0
|
TALOS-2018-0669
|
Atlantis Word Processor Office Open XML uninitialized TTableRow code execution vulnerability
|
2018-10-01
|
CVE-2018-4001
|
8.8
|
TALOS-2018-0610
|
Foxit PDF Reader JavaScript getPageBox remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3943
|
8.0
|
TALOS-2018-0652
|
Atlantis Word Processor Word document paragraph property (0xD608) sprmTDefTable uninitialized length code execution vulnerability
|
2018-10-01
|
CVE-2018-3984
|
8.8
|
TALOS-2018-0661
|
Foxit PDF Reader Javascript Optional Content Group Remote Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3993
|
8.0
|
TALOS-2018-0641
|
Atlantis Word Processor uninitialized TDocOleObject code execution vulnerability
|
2018-10-01
|
CVE-2018-3975
|
7.5
|
TALOS-2018-0628
|
Foxit PDF Reader JavaScript this.info multiple remote code execution vulnerabilities
|
2018-10-01
|
CVE-2018-3957, CVE-2018-3958, CVE-2018-3959, CVE-2018-3960, CVE-2018-3961, CVE-2018-3962
|
8.0
|
TALOS-2018-0668
|
Atlantis Word Processor Office Open XML TTableRow double free code execution vulnerability
|
2018-10-01
|
CVE-2018-4000
|
8.8
|
TALOS-2018-0646
|
Atlantis Word Processor Word Document Complex Piece Descriptor Table Fc.Compressed Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3978
|
8.8
|
TALOS-2018-0611
|
Foxit PDF Reader JavaScript JSON.Stringify this remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3944
|
8.0
|
TALOS-2018-0607
|
Foxit PDF Reader Javascript removeDataObject Remote Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3940
|
8.0
|
TALOS-2018-0612
|
Foxit PDF Reader Javascript JSON.Stringify this.info Remote Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3945
|
8.0
|
TALOS-2018-0632
|
Foxit PDF Reader JavaScript this.event.target Remote Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3967
|
8.0
|
TALOS-2018-0608
|
Foxit PDF Reader JavaScript getNthFieldName remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3941
|
8.0
|
TALOS-2018-0651
|
Atlantis Word Processor empty TTableRow TList code execution vulnerability
|
2018-10-01
|
CVE-2018-3983
|
8.8
|
TALOS-2018-0630
|
Foxit PDF Reader JavaScript this.bookmarkRoot.children remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3965
|
8.0
|
TALOS-2018-0609
|
Foxit PDF Reader JavaScript getPageRotation remote code execution vulnerability
|
2018-10-01
|
CVE-2018-3942
|
8.0
|
TALOS-2018-0667
|
Atlantis Word Processor JPEG length underflow code execution vulnerability
|
2018-10-01
|
CVE-2018-3999
|
8.8
|
TALOS-2018-0662
|
Foxit PDF Reader Javascript importDataObject Remote Code Execution Vulnerability
|
2018-10-01
|
CVE-2018-3994
|
8.0
|
TALOS-2018-0637
|
Epee Levin Packet Deserialization Code Execution Vulnerability
|
2018-09-25
|
CVE-2018-3972
|
10.0
|
TALOS-2018-0622
|
NordVPN VPN client connect privilege escalation vulnerability
|
2018-09-07
|
CVE-2018-3952
|
8.8
|
TALOS-2018-0679
|
ProtonVPN VPN client connect privilege escalation vulnerability
|
2018-09-07
|
CVE-2018-4010
|
8.8
|
TALOS-2018-0560
|
ERPNext SQL Injection Vulnerabilities
|
2018-09-05
|
CVE-2018-3882, CVE-2018-3883, CVE-2018-3884, CVE-2018-3885
|
5.4
|
TALOS-2018-0549
|
Samsung SmartThings Hub video-core samsungWifiScan Callback Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3867
|
9.9
|
TALOS-2018-0575
|
Samsung SmartThings Hub video-core Camera Creation Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3905
|
8.5
|
TALOS-2018-0574
|
Samsung SmartThings Hub video-core Camera Update Code Execution Vulnerabilities
|
2018-07-26
|
CVE-2018-3903, CVE-2018-3904
|
9.9
|
TALOS-2018-0593
|
Samsung SmartThings Hub hubCore ZigBee firmware update CRC16 check denial-of-service vulnerability
|
2018-07-26
|
CVE-2018-3926
|
5.3
|
TALOS-2018-0554
|
Samsung SmartThings Hub video-core credentials videoHostUrl Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3872
|
9.9
|
TALOS-2018-0594
|
Samsung SmartThings Hub hubCore Google Breakpad backtrace.io information disclosure vulnerability
|
2018-07-26
|
CVE-2018-3927
|
6.8
|
TALOS-2018-0556
|
Samsung SmartThings Hub video-core credentials Parsing SQL Injection Vulnerability
|
2018-07-26
|
CVE-2018-3879
|
8.8
|
TALOS-2018-0577
|
Samsung SmartThings Hub video-core REST Request Parser HTTP Pipelining Injection Vulnerabilities
|
2018-07-26
|
CVE-2018-3907, CVE-2018-3908, CVE-2018-3909
|
9.1
|
TALOS-2018-0581
|
Samsung SmartThings Hub video-core database shard code execution vulnerabilities
|
2018-07-26
|
CVE-2018-3912, CVE-2018-3913, CVE-2018-3914, CVE-2018-3915, CVE-2018-3916, CVE-2018-3917
|
7.5
|
TALOS-2018-0570
|
Samsung SmartThings Hub video-core clips Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3893, CVE-2018-3894, CVE-2018-3895, CVE-2018-3896, CVE-2018-3897
|
9.9
|
TALOS-2018-0578
|
Samsung SmartThings Hub hubCore Port 39500 HTTP Header Injection Vulnerability
|
2018-07-26
|
CVE-2018-3911
|
8.6
|
TALOS-2018-0548
|
Samsung SmartThings Hub video-core samsungWifiScan Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3863, CVE-2018-3864, CVE-2018-3865, CVE-2018-3866
|
9.9
|
TALOS-2018-0576
|
Samsung SmartThings Hub video-core Database shard.videoHostURL Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3906
|
7.5
|
TALOS-2018-0557
|
Samsung SmartThings Hub video-core Database find-by-cameraId Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3880
|
8.2
|
TALOS-2018-0591
|
Samsung SmartThings Hub video-core AWSELB Cookie Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3925
|
8.5
|
TALOS-2018-0539
|
Samsung SmartThings Hub video-core RTSP Configuration Command Injection Vulnerability
|
2018-07-26
|
CVE-2018-3856
|
9.9
|
TALOS-2018-0573
|
Samsung SmartThings Hub video-core Camera URL Replace Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3902
|
9.9
|
TALOS-2018-0555
|
Samsung SmartThings Hub video-core credentials Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3873, CVE-2018-3874, CVE-2018-3875, CVE-2018-3876, CVE-2018-3877, CVE-2018-3878
|
9.9
|
TALOS-2018-0582
|
Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability
|
2018-07-26
|
CVE-2018-3918
|
6.5
|
TALOS-2018-0583
|
Samsung SmartThings Hub video-core Database clips Code Execution Vulnerability
|
2018-07-26
|
CVE-2018-3919
|
7.5
|
TALOS-2018-0559
|
FocalScope XML External Entity Injection Vulnerability
|
2018-07-20
|
CVE-2018-3881
|
9.4
|
TALOS-2018-0604
|
Sony IPELA E Series Camera measurementBitrateExec command injection vulnerability
|
2018-07-20
|
CVE-2018-3937
|
9.1
|
TALOS-2018-0605
|
Sony IPELA E Series Camera 802dot1xclientcert remote code execution vulnerability
|
2018-07-20
|
CVE-2018-3938
|
9.1
|
TALOS-2018-0588
|
Foxit PDF Reader Javascript MailForm Remote Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3924
|
8.8
|
TALOS-2018-0552
|
ACD Systems Canvas Draw 4 IO Metadata Out-of-Bounds Write Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3870
|
8.8
|
TALOS-2018-0544
|
ACD Systems Canvas Draw 4 Resolution_Set Out of Bounds Write Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3860
|
8.8
|
TALOS-2018-0553
|
ACD Systems Canvas Draw 4 Invert Map Out-of-Bounds Write Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3871
|
8.8
|
TALOS-2018-0543
|
ACD Systems Canvas Draw 4 Huff Table Out-of-bounds Write Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3859
|
8.8
|
TALOS-2018-0542
|
ACD Systems Canvas Draw 4 PlanarConfiguration Heap Overflow Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3858
|
8.8
|
TALOS-2018-0606
|
Foxit PDF Reader Javascript createTemplate nPage Remote Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3939
|
8.0
|
TALOS-2018-0541
|
ACD Systems Canvas Draw 4 setRasterData Heap Overflow Code Execution Vulnerability
|
2018-07-19
|
CVE-2018-3857
|
8.8
|
TALOS-2018-0586
|
Computerinsel Photoline ANI Parsing Code Execution Vulnerability
|
2018-07-11
|
CVE-2018-3922
|
8.8
|
TALOS-2018-0585
|
Computerinsel Photoline PSD Blending Channel Code Execution Vulnerability
|
2018-07-11
|
CVE-2018-3921
|
8.8
|
TALOS-2018-0587
|
Computerinsel Photoline PCX Run Length Encoding Code Execution Vulnerability
|
2018-07-11
|
CVE-2018-3923
|
8.8
|
TALOS-2018-0600
|
Antenna House Office Server Document Converter vbputanld code execution vulnerability
|
2018-07-10
|
CVE-2018-3933
|
8.8
|
TALOS-2018-0597
|
Antenna House Office Server Document Converter vbgetfp code execution vulnerability
|
2018-07-10
|
CVE-2018-3930
|
8.8
|
TALOS-2018-0596
|
Antenna House Office Server Document Converter OLEread Code Execuction Vulnerability
|
2018-07-10
|
CVE-2018-3929
|
8.8
|
TALOS-2018-0603
|
Antenna House Office Server Document Converter GetShapePropery 0x105 code execution vulnerability
|
2018-07-10
|
CVE-2018-3936
|
8.8
|
TALOS-2018-0598
|
Antenna House Office Server Document Converter putShapeProperty Code Execution Vulnerability
|
2018-07-10
|
CVE-2018-3931
|
8.8
|
TALOS-2018-0592
|
Adobe Acrobat Reader DC JSON Stringify Remote Code Execution Vulnerability
|
2018-07-10
|
CVE-2018-12815
|
6.8
|
TALOS-2018-0599
|
Antenna House Office Server Document Converter putlsttbl code execution vulnerability
|
2018-07-10
|
CVE-2018-3932
|
8.8
|
TALOS-2018-0590
|
Adobe Acrobat Reader DC Collab newWrStreamToCosObj Remote Code Execution Vulnerability
|
2018-07-10
|
CVE-2018-12756
|
6.8
|
TALOS-2018-0569
|
Adobe Acrobat Reader DC Collab.drivers Remote Code Execution Vulnerability
|
2018-07-10
|
CVE-2018-12812
|
6.8
|
TALOS-2018-0624
|
IBM AIX rmsock SetUID Binary Information Leak
|
2018-07-03
|
CVE-2018-1655
|
4.0
|
TALOS-2018-0540
|
VMware Workstation 14 Shader Functionality Denial Of Service
|
2018-06-28
|
CVE-2018-6965
|
6.5
|
TALOS-2017-0495
|
Insteon Hub HTTPExecuteGet Parameters Extraction Code Execution Vulnerability
|
2018-06-19
|
CVE-2017-14446
|
8.5
|
TALOS-2017-0485
|
Insteon Hub Reboot Task Denial Of Service Vulnerability
|
2018-06-19
|
CVE-2017-16348
|
7.5
|
TALOS-2017-0496
|
Insteon Hub PubNub "ad" Channel Message Handler Code Execution Vulnerability
|
2018-06-19
|
CVE-2017-14447
|
8.5
|
TALOS-2018-0511
|
Insteon Hub MPFS Upload Firmware Update Vulnerability
|
2018-06-19
|
CVE-2018-3832
|
9.9
|
TALOS-2017-0492
|
Insteon Hub HTTPExecuteGet Firmware Update Information Leak Vulnerability
|
2018-06-19
|
CVE-2017-14443
|
9.6
|
TALOS-2017-0483
|
Insteon Hub PubNub "cc" Channel Message Handler Multiple Stack Overflow Code Execution Vulnerabilities
|
2018-06-19
|
CVE-2017-16252, CVE-2017-16253, CVE-2017-16254, CVE-2017-16255, CVE-2017-16256, CVE-2017-16257, CVE-2017-16258, CVE-2017-16259, CVE-2017-16260, CVE-2017-16261, CVE-2017-16262, CVE-2017-16263, CVE-2017-16264, CVE-2017-16265, CVE-2017-16266, CVE-2017-16267, CVE-2017-16268, CVE-2017-16269, CVE-2017-16270, CVE-2017-16271, CVE-2017-16272, CVE-2017-16273, CVE-2017-16274, CVE-2017-16275, CVE-2017-16276, CVE-2017-16277, CVE-2017-16278, CVE-2017-16279, CVE-2017-16280, CVE-2017-16281, CVE-2017-16282, CVE-2017-16283, CVE-2017-16284, CVE-2017-16285, CVE-2017-16286, CVE-2017-16287, CVE-2017-16288, CVE-2017-16289, CVE-2017-16290, CVE-2017-16291, CVE-2017-16292, CVE-2017-16293, CVE-2017-16294, CVE-2017-16295, CVE-2017-16296, CVE-2017-16297, CVE-2017-16298, CVE-2017-16299, CVE-2017-16300, CVE-2017-16301, CVE-2017-16302, CVE-2017-16303, CVE-2017-16304, CVE-2017-16305, CVE-2017-16306, CVE-2017-16307, CVE-2017-16308, CVE-2017-16309, CVE-2017-16310, CVE-2017-16311, CVE-2017-16312, CVE-2017-16313, CVE-2017-16314, CVE-2017-16315, CVE-2017-16316, CVE-2017-16317, CVE-2017-16318, CVE-2017-16319, CVE-2017-16320, CVE-2017-16321, CVE-2017-16322, CVE-2017-16323, CVE-2017-16324, CVE-2017-16325, CVE-2017-16326, CVE-2017-16327, CVE-2017-16328, CVE-2017-16329, CVE-2017-16330, CVE-2017-16331, CVE-2017-16332, CVE-2017-16333, CVE-2017-16334, CVE-2017-16335, CVE-2017-16336, CVE-2017-16337
|
8.5
|
TALOS-2017-0494
|
Insteon Hub HTTPExecuteGet Firmware Update host Parameter Buffer Overflow Vulnerability
|
2018-06-19
|
CVE-2017-14445
|
5.3
|
TALOS-2018-0513
|
Insteon Hub PubNub Firmware Upgrade Confusion Permanent Denial Of Service Vulnerability
|
2018-06-19
|
CVE-2018-3834
|
8.7
|
TALOS-2017-0493
|
Insteon Hub HTTPExecuteGet Firmware Update URL Parameter Code Execution Vulnerability
|
2018-06-19
|
CVE-2017-14444
|
8.5
|
TALOS-2017-0484
|
Insteon Hub PubNub "cc" Channel Message Handler Multiple Global Overflow Code Execution Vulnerabilities
|
2018-06-19
|
CVE-2017-16338, CVE-2017-16339, CVE-2017-16340, CVE-2017-16341, CVE-2017-16342, CVE-2017-16343, CVE-2017-16344, CVE-2017-16345, CVE-2017-16346, CVE-2017-16347
|
8.5
|
TALOS-2018-0512
|
Insteon Hub PubNub Firmware Downgrade Vulnerability
|
2018-06-19
|
CVE-2018-3833
|
8.6
|
TALOS-2017-0502
|
Insteon Hub PubNub control Channel Message Handler Code Execution Vulnerabilities
|
2018-06-19
|
CVE-2017-14452, CVE-2017-14453, CVE-2017-14454, CVE-2017-14455
|
8.5
|
TALOS-2018-0523
|
Pixar Renderman IT Display Service 0x67 Command Denial of Service Vulnerability
|
2018-06-14
|
CVE-2018-3840
|
5.3
|
TALOS-2018-0524
|
Pixar Renderman IT Display Service 0x69 Command Denial-of-Service Vulnerability
|
2018-06-14
|
CVE-2018-3841
|
5.3
|
TALOS-2018-0545
|
Microsoft wimgapi LoadIntegrityInfo Code Execution Vulnerability
|
2018-06-12
|
CVE-2018-8210
|
8.8
|
TALOS-2018-0535
|
Ocularis Recorder VMS_VA Denial of Service Vulnerability
|
2018-06-05
|
CVE-2018-3852
|
7.5
|
TALOS-2017-0364
|
Natus Xltek EEG NeuroWorks Invalid KeyTree Entry Denial-of-Service Vulnerability
|
2018-05-31
|
CVE-2017-2860
|
7.5
|
TALOS-2017-0354
|
Natus Xltek EEG NeuroWorks ItemList Deserialization Denial-of-Service Vulnerability
|
2018-05-31
|
CVE-2017-2852
|
7.5
|
TALOS-2017-0362
|
Natus Xltek EEG NeuroWorks ItemList Traversal Denial-of-Service Vulnerability
|
2018-05-31
|
CVE-2017-2858
|
7.5
|
TALOS-2018-0517
|
Adobe Acrobat Reader DC Net.Discovery.queryServices Remote Code Execution Vulnerability
|
2018-05-15
|
CVE-2018-4996
|
7.1
|
TALOS-2018-0518
|
Adobe Acrobat Reader DC ANFancyAlertImpl Remote Code Execution Vulnerability
|
2018-05-15
|
CVE-2018-4947
|
6.8
|
TALOS-2017-0501
|
Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities
|
2018-05-07
|
CVE-2017-14474, CVE-2017-14475, CVE-2017-14476, CVE-2017-14477, CVE-2017-14478, CVE-2017-14479, CVE-2017-14480, CVE-2017-14481
|
9.8
|
TALOS-2018-0538
|
Hyland Perceptive Document Filters DOC to HTML updateNumbering Code Execution Vulnerability
|
2018-04-26
|
CVE-2018-3855
|
8.8
|
TALOS-2018-0534
|
Hyland Perceptive Document Filters Microsoft Word CDATA Code Execution Vulnerability
|
2018-04-26
|
CVE-2018-3851
|
8.8
|
TALOS-2018-0527
|
Hyland Perceptive Document Filters DOCX to HTML Code Execution Vulnerability
|
2018-04-26
|
CVE-2018-3844
|
8.8
|
TALOS-2018-0528
|
Hyland Perceptive Document Filters OpenDocument to JPEG conversion SkCanvas Code Execution vulnerability
|
2018-04-26
|
CVE-2018-3845
|
8.8
|
TALOS-2017-0506
|
Foxit PDF Reader Javascript Search Query Remote Code Execution Vulnerability
|
2018-04-19
|
CVE-2017-14458
|
8.8
|
TALOS-2018-0551
|
SAP BPC Web Application Information Disclosure Vulnerability
|
2018-04-19
|
CVE-2017-16349
|
6.4
|
TALOS-2018-0536
|
Foxit PDF Reader JavaScript createTemplate Remote Code Execution Vulnerability
|
2018-04-19
|
CVE-2018-3853
|
8.8
|
TALOS-2018-0526
|
Foxit PDF Reader AssociatedFile Annotation Type Confusion
|
2018-04-19
|
CVE-2018-3843
|
6.5
|
TALOS-2018-0532
|
Foxit PDF Reader JavaScript XFA Clone Remote Code Execution Vulnerability
|
2018-04-19
|
CVE-2018-3850
|
8.8
|
TALOS-2018-0525
|
Foxit PDF Reader JavaScript setPersistent Remote Code Execution Vulnerability
|
2018-04-19
|
CVE-2018-3842
|
8.8
|
TALOS-2017-0378
|
Foscam IP Video Camera Firmware Recovery Unsigned Image Vulnerability
|
2018-04-17
|
CVE-2017-2871
|
9.6
|
TALOS-2017-0487
|
Moxa EDR-810 Service Agent Multiple Denial of Service Vulnerabilities
|
2018-04-13
|
CVE-2017-14438, CVE-2017-14439
|
7.5
|
TALOS-2017-0476
|
Moxa EDR-810 Web Server URI Denial of Service Vulnerability
|
2018-04-13
|
CVE-2017-12124
|
7.5
|
TALOS-2017-0477
|
Moxa EDR-810 Web Server Certificate Signing Request Command Injection Vulnerability
|
2018-04-13
|
CVE-2017-12125
|
8.8
|
TALOS-2017-0480
|
Moxa EDR-810 Server Agent Information Disclosure Vulnerability
|
2018-04-13
|
CVE-2017-12128
|
5.3
|
TALOS-2017-0478
|
Moxa EDR-810 Web Server Cross-Site Request Forgery Vulnerability
|
2018-04-13
|
CVE-2017-12126
|
8.8
|
TALOS-2017-0479
|
Moxa EDR-810 Plaintext Password Storage Vulnerability
|
2018-04-13
|
CVE-2017-12127
|
4.4
|
TALOS-2017-0475
|
Moxa EDR-810 Cleartext Transmission of Password Vulnerability
|
2018-04-13
|
CVE-2017-12123
|
5.7
|
TALOS-2017-0481
|
Moxa EDR-810 Web Server Weak Cryptography for Passwords Vulnerability
|
2018-04-13
|
CVE-2017-12129
|
3.5
|
TALOS-2017-0474
|
Moxa EDR-810 Web Server strcmp Multiple Denial of Service Vulnerabilities
|
2018-04-13
|
CVE-2017-14435, CVE-2017-14436, CVE-2017-14437
|
7.5
|
TALOS-2017-0473
|
Moxa EDR-810 Web RSA Key Generation Command Injection Vulnerability
|
2018-04-13
|
CVE-2017-12121
|
8.8
|
TALOS-2017-0472
|
Moxa EDR-810 Web Server ping Command Injection Vulnerability
|
2018-04-13
|
CVE-2017-12120
|
8.8
|
TALOS-2017-0482
|
Moxa EDR-810 Web Server OpenVPN Config Multiple Command Injection Vulnerabilities
|
2018-04-13
|
CVE-2017-14432 - CVE-2017-14434
|
8.8
|
TALOS-2018-0531
|
NASA CFITSIO `ffghbn` and `ffghtb` Stack Overflow Code Execution Vulnerabilities
|
2018-04-12
|
CVE-2018-3848 - CVE-2018-3849
|
8.8
|
TALOS-2018-0529
|
NASA CFITSIO Multiple Stack Overflow Code Execution Vulnerabilities
|
2018-04-12
|
CVE-2018-3846
|
8.8
|
TALOS-2018-0530
|
NASA CFITSIO `ffgkyn` Stack Overflow Code Execution Vulnerability
|
2018-04-12
|
CVE-2018-3847
|
8.8
|
TALOS-2018-0562
|
Computerinsel Photoline PCX Run Length Code Execution Vulnerability
|
2018-04-11
|
CVE-2018-3887
|
8.8
|
TALOS-2018-0561
|
Computerinsel Photoline PCX Decompress Code Execution Vulnerability
|
2018-04-11
|
CVE-2018-3886
|
8.8
|
TALOS-2018-0550
|
Computerinsel Photoline PSD Blending Channels Code Execution Vulnerability
|
2018-04-11
|
CVE-2018-3868
|
8.8
|
TALOS-2018-0546
|
Computerinsel Photoline TIFF Samples Per Pixel Parsing Code Execution Vulnerability
|
2018-04-11
|
CVE-2018-3861
|
8.8
|
TALOS-2018-0547
|
Computerinsel Photoline TIFF Bits Per Pixel Parsing Code Execution Vulnerability
|
2018-04-11
|
CVE-2018-3862
|
8.8
|
TALOS-2018-0564
|
Computerinsel Photoline PCX Bits Per Pixel Code Execution Vulnerability
|
2018-04-11
|
CVE-2018-3889
|
8.8
|
TALOS-2018-0563
|
Computerinsel Photoline PCX Color Map Code Execution Vulnerability
|
2018-04-11
|
CVE-2018-3888
|
8.8
|
TALOS-2018-0519
|
Simple DirectMedia Layer SDL2_Image IMG_LoadPCX_RW Information Disclosure Vulnerability
|
2018-04-10
|
CVE-2018-3837
|
5.3
|
TALOS-2018-0521
|
Simple DirectMedia Layer SDL2_Image load_xcf_tile_rle bpp Code Execution Vulnerability
|
2018-04-10
|
CVE-2018-3839
|
6.5
|
TALOS-2018-0520
|
Simple DirectMedia Layer SDL2_Image load_xcf_tile_rle Information Disclosure Vulnerability
|
2018-04-10
|
CVE-2018-3838
|
5.3
|
TALOS-2017-0327
|
Zabbix Server Config Proxy Request Information Disclosure Vulnerability
|
2018-04-09
|
CVE-2017-2826
|
3.7
|
TALOS-2018-0558
|
IBM DB2 Shared Memory Insecure Permissions Vulnerability
|
2018-04-06
|
CVE-2017-1105
|
5.1
|
TALOS-2017-0355
|
Natus Xltek EEG NeuroWorks RequestForPatientInfoEEGfile Code Execution Vulnerability
|
2018-04-04
|
CVE-2017-2853
|
10.0
|
TALOS-2017-0373
|
Natus Xltek EEG NeuroWorks SavePatientMontage Code Execution Vulnerability
|
2018-04-04
|
CVE-2017-2867
|
9.0
|
TALOS-2017-0365
|
Natus Xltek EEG NeuroWorks NewProducerStream Use of Return Value Denial of Service Vulnerability
|
2018-04-04
|
CVE-2017-2861
|
7.5
|
TALOS-2017-0375
|
Natus Xltek EEG NeuroWorks OpenProducer Code Execution Vulnerability
|
2018-04-04
|
CVE-2017-2869
|
10.0
|
TALOS-2017-0374
|
Natus Xltek EEG NeuroWorks NewProducerStream Code Execution Vulnerability
|
2018-04-04
|
CVE-2017-2868
|
10.0
|
TALOS-2017-0447
|
Circle with Disney WiFi Insecure Access Point Vulnerability
|
2018-04-04
|
CVE-2017-12095
|
6.5
|
TALOS-2017-0507
|
Moxa AWK-3131A Multiple Features Login Username Parameter OS Command Injection Vulnerability
|
2018-04-03
|
CVE-2017-14459
|
10.0
|
TALOS-2017-0443
|
Allen Bradley Micrologix 1400 Series B Unauthenticated Data/Program/Function File Improper Access Control Vulnerability
|
2018-03-28
|
CVE-2017-14462, CVE-2017-14463, CVE-2017-14464, CVE-2017-14465, CVE-2017-14466, CVE-2017-14467, CVE-2017-14468, CVE-2017-14469, CVE-2017-14470, CVE-2017-14471, CVE-2017-14472, CVE-2017-14473
|
10.0
|
TALOS-2017-0442
|
Allen Bradley Micrologix 1400 Series B SNMP-Set Processing Incorrect Behavior Order Denial of Service Vulnerability
|
2018-03-28
|
CVE-2017-12090
|
7.7
|
TALOS-2018-0514
|
Nvidia D3D10 Driver Pixel Shader Heap Memory Corruption Vulnerability
|
2018-03-28
|
CVE-2018-6251
|
9.0
|
TALOS-2017-0441
|
Allen Bradley Micrologix 1400 Series B Ladder Logic Program Download Device Fault Denial of Service Vulnerability
|
2018-03-28
|
CVE-2017-12089
|
8.6
|
TALOS-2017-0444
|
Allen Bradley Micrologix 1400 Series B Memory Module Store Program File Write Vulnerability
|
2018-03-28
|
CVE-2017-12092
|
3.7
|
TALOS-2017-0440
|
Allen Bradley Micrologix 1400 Series B Ethernet Card Malformed Packet Denial of Service Vulnerability
|
2018-03-28
|
CVE-2017-12088
|
8.6
|
TALOS-2018-0522
|
Nvidia D3D10 Driver Pixel Shader Functionality Denial Of Service
|
2018-03-28
|
CVE-2018-6253
|
7.7
|
TALOS-2017-0445
|
Allen Bradley Micrologix 1400 Series B PLC Session Communication Insufficient Resource Pool Denial of Service Vulnerability
|
2018-03-28
|
CVE-2017-12093
|
5.3
|
TALOS-2017-0376
|
VMware VNC Lock Count Denial of Service Vulnerability
|
2018-03-15
|
CVE-2018-6957
|
7.5
|
TALOS-2017-0491
|
Simple DirectMedia Layer SDL2_image Image Palette Population Code Execution Vulnerability
|
2018-03-01
|
CVE-2017-14442
|
8.8
|
TALOS-2017-0499
|
Simple DirectMedia Layer SDL2_Image LWZ Decompression Buffer Overflow Vulnerability
|
2018-03-01
|
CVE-2017-14450
|
7.1
|
TALOS-2017-0489
|
Simple DirectMedia Layer SDL2_image ILBM CMAP Parsing Code Execution Vulnerability
|
2018-03-01
|
CVE-2017-14440
|
8.8
|
TALOS-2017-0490
|
Simple DirectMedia Layer SDL2_image ICO Pitch Handling Code Execution Vulnerability
|
2018-03-01
|
CVE-2017-14441
|
8.8
|
TALOS-2017-0510
|
Dovecot IMAP Server rfc822_parse_domain Information Leak Vulnerability
|
2018-03-01
|
CVE-2017-14461
|
5.9
|
TALOS-2017-0497
|
Simple DirectMedia Layer SDL2_image load_xcf_tile_rle Decompression Code Execution Vulnerability
|
2018-03-01
|
CVE-2017-14448
|
8.8
|
TALOS-2017-0488
|
Simple DirectMedia Layer SDL2_Image IMG_LoadLBM_RW Code Execution Vulnerability
|
2018-03-01
|
CVE-2017-12122
|
8.8
|
TALOS-2017-0498
|
Simple DirectMedia Layer SDL2_image do_layer_surface Double-Free Vulnerability
|
2018-03-01
|
CVE-2017-14449
|
7.5
|
TALOS-2017-0505
|
Adobe Acrobat Reader DC Document ID Remote Code Execution Vulnerability
|
2018-02-23
|
CVE-2018-4901
|
8.8
|
TALOS-2018-0733
|
coTURN server unsafe telnet admin portal default configuration vulnerability
|
2018-01-29
|
CVE-2018-4059
|
6.5
|
TALOS-2018-0732
|
coTURN TURN server unsafe loopback forwarding default configuration vulnerability
|
2018-01-29
|
CVE-2018-4058
|
7.7
|
TALOS-2018-0730
|
coTURN Administrator Web Portal SQL injection vulnerability
|
2018-01-29
|
CVE-2018-4056
|
9.1
|
TALOS-2018-0515
|
Walt Disney Per-Face Texture Mapping faceInfoSize Code Execution Vulnerability
|
2018-01-26
|
CVE-2018-3835
|
8.8
|
TALOS-2018-0516
|
Leptonica gplotMakeOutput Command Injection Vulnerability
|
2018-01-22
|
CVE-2018-3836
|
7.0
|
TALOS-2017-0486
|
Tinysvcmdns Multi-label DNS mdns_parse_qn Denial Of Service Vulnerability
|
2018-01-17
|
CVE-2017-12130
|
7.5
|
TALOS-2017-0409
|
Blender Sequencer dpxOpen Buffer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-2902
|
8.8
|
TALOS-2017-0411
|
Blender Sequencer imb_loadhdr Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-2904
|
8.8
|
TALOS-2017-0410
|
Blender Sequencer imb_load_dpx_cineon Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-2903
|
8.8
|
TALOS-2017-0412
|
Blender Sequencer imb_bmp_decode Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-2905
|
8.8
|
TALOS-2017-0413
|
Blender Sequencer imb_get_anim_type Streams Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-2906
|
8.8
|
TALOS-2017-0408
|
Blender Sequencer imb_loadiris Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-2901
|
8.8
|
TALOS-2017-0414
|
Blender Sequencer avi_format_convert Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-2907
|
8.8
|
TALOS-2017-0415
|
Blender Directory Browsing Thumbnail Viewer Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-2908
|
7.5
|
TALOS-2017-0407
|
Blender Sequencer imb_loadpng Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-2900
|
8.8
|
TALOS-2017-0457
|
Blender mesh_calc_modifiers eModifierTypeType_OnlyDeform Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-12105
|
8.8
|
TALOS-2017-0456
|
Blender draw_new_particle_system PART_DRAW_AXIS Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-12104
|
8.8
|
TALOS-2017-0406
|
Blender Sequencer imb_loadtiff Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-2899
|
8.8
|
TALOS-2017-0455
|
Blender BKE_vfont_to_curve_ex Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-12103
|
8.8
|
TALOS-2017-0453
|
Blender modifier_mdef_compact_influences Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-12101
|
8.8
|
TALOS-2017-0425
|
Blender BKE_image_acquire_ibuf Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-2918
|
8.8
|
TALOS-2017-0452
|
Blender multires_load_old_dm base vertex map Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-12100
|
8.8
|
TALOS-2017-0451
|
Blender customData_add_layer__internal Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-12099
|
8.8
|
TALOS-2017-0433
|
Blender vcol_to_fcol Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-12081
|
8.8
|
TALOS-2017-0438
|
Blender BKE_mesh_calc_normals_tessface Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-12086
|
8.8
|
TALOS-2017-0434
|
Blender Object CustomData_external_read Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-12082
|
8.8
|
TALOS-2017-0454
|
Blender BKE_curve_bevelList_make Integer Overflow Code Execution Vulnerability
|
2018-01-11
|
CVE-2017-12102
|
8.8
|
TALOS-2017-0450
|
rails_admin rails gem XSS vulnerability
|
2018-01-10
|
CVE-2017-12098
|
6.1
|
TALOS-2017-0449
|
delayed_job_web rails gem XSS vulnerability
|
2018-01-10
|
CVE-2017-12097
|
6.1
|
TALOS-2017-0464
|
CPP-Ethereum JSON-RPC admin_addPeer Authorization Bypass Vulnerability
|
2018-01-09
|
CVE-2017-12112
|
4.0
|
TALOS-2017-0465
|
CPP-Ethereum JSON-RPC admin_nodeInfo improper authorization Vulnerability
|
2018-01-09
|
CVE-2017-12113
|
4.0
|
TALOS-2017-0503
|
CPP-Ethereum libevm create2 Information Leak Vulnerability
|
2018-01-09
|
CVE-2017-14457
|
8.2
|
TALOS-2017-0500
|
CPP-Ethereum libevm pow2N Code Execution Vulnerability
|
2018-01-09
|
CVE-2017-14451
|
9.0
|
TALOS-2017-0467
|
CPP-Ethereum JSON-RPC miner_setEtherbase improper authorization Vulnerability
|
2018-01-09
|
CVE-2017-12115
|
6.8
|
TALOS-2017-0471
|
CPP-Ethereum JSON-RPC Denial Of Service Vulnerabilities
|
2018-01-09
|
CVE-2017-12119
|
7.5
|
TALOS-2017-0468
|
CPP-Ethereum JSON-RPC miner_setGasPrice improper authorization Vulnerability
|
2018-01-09
|
CVE-2017-12116
|
6.8
|
TALOS-2017-0469
|
CPP-Ethereum JSON-RPC miner_start improper authorization Vulnerability
|
2018-01-09
|
CVE-2017-12117
|
4.0
|
TALOS-2017-0470
|
CPP-Ethereum JSON-RPC miner_stop improper authorization Vulnerability
|
2018-01-09
|
CVE-2017-12118
|
4.0
|
TALOS-2017-0508
|
Parity Ethereum Client Overly Permissive Cross-domain Whitelist JSON-RPC vulnerability
|
2018-01-09
|
CVE-2017-14460
|
7.5
|
TALOS-2017-0466
|
CPP-Ethereum JSON-RPC admin_peers improper authorization Vulnerability
|
2018-01-09
|
CVE-2017-12114
|
4.0
|
TALOS-2017-0368
|
VMware VNC Dynamic Resolution Request Code Execution Vulnerability
|
2017-12-19
|
CVE-2017-4933
|
9.0
|
TALOS-2017-0369
|
VMware VNC Pointer Decode Code Execution Vulnerability
|
2017-12-19
|
CVE-2017-4941
|
9.0
|
TALOS-2017-0393
|
ACDSee Ultimate 10 IDE_PSD PSD Parsing Code Execution Vulnerability
|
2017-12-08
|
CVE-2017-2886
|
8.8
|
TALOS-2017-0439
|
Tinysvcmdns Multi-label DNS Heap Overflow Vulnerability
|
2017-11-20
|
CVE-2017-12087
|
10.0
|
TALOS-2017-0463
|
libxls xls_addCell Formula Code Execution Vulnerability
|
2017-11-15
|
CVE-2017-12111
|
8.8
|
TALOS-2017-0426
|
libxls xls_getfcell Code Execution Vulnerability
|
2017-11-15
|
CVE-2017-2919
|
8.8
|
TALOS-2017-0460
|
libxls xls_preparseWorkSheet MULBLANK Code Execution Vulnerability
|
2017-11-15
|
CVE-2017-12108
|
8.8
|
TALOS-2017-0461
|
libxls xls_preparseWorkSheet MULRK Code Execution Vulnerability
|
2017-11-15
|
CVE-2017-12109
|
8.8
|
TALOS-2017-0462
|
libxls xls_appendSST Code Execution Vulnerability
|
2017-11-15
|
CVE-2017-12110
|
8.8
|
TALOS-2017-0403
|
libxls xls_mergedCells Code Execution Vulnerability
|
2017-11-15
|
CVE-2017-2896
|
8.8
|
TALOS-2017-0404
|
libxls read_MSAT Code Execution Vulnerability
|
2017-11-15
|
CVE-2017-2897
|
8.8
|
TALOS-2017-0356
|
Adobe Acrobat Reader DC PDF Structured Hierarchy ActualText Structure Element Remote Code Execution Vulnerability
|
2017-11-14
|
CVE-2017-16367
|
8.8
|
TALOS-2017-0360
|
Foscam IP Video Camera webService 9299.org DDNS Client Code Execution Vulnerability
|
2017-11-13
|
CVE-2017-2857
|
8.1
|
TALOS-2017-0380
|
Foscam IP Video Camera CGIProxy.fcgi SoftAP Configuration Command Injection Vulnerability
|
2017-11-13
|
CVE-2017-2873
|
8.8
|
TALOS-2017-0358
|
Foscam IP Video Camera webService 3322.net DDNS Client Code Execution Vulnerability
|
2017-11-13
|
CVE-2017-2855
|
8.1
|
TALOS-2017-0384
|
Foscam IP Video Camera devMng Multi-Camera Port 10001 Command 0x0064 Empty AuthResetKey Vulnerability
|
2017-11-13
|
CVE-2017-2877
|
9.8
|
TALOS-2017-0357
|
Foscam IP Video Camera webService oray.com DDNS Client Code Execution Vulnerability
|
2017-11-13
|
CVE-2017-2854
|
8.1
|
TALOS-2017-0382
|
Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0002 Username Field Code Execution Vulnerability
|
2017-11-13
|
CVE-2017-2875
|
8.8
|
TALOS-2017-0385
|
Foscam IP Video Camera CGIProxy.fcgi logOut Code Execution Vulnerability
|
2017-11-13
|
CVE-2017-2878
|
8.8
|
TALOS-2017-0379
|
Foscam IP Video Camera CGIProxy.fcgi Firmware Upgrade Code Execution Vulnerability
|
2017-11-13
|
CVE-2017-2872
|
9.9
|
TALOS-2017-0381
|
Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0000 Information Disclosure Vulnerability
|
2017-11-13
|
CVE-2017-2874
|
7.5
|
TALOS-2017-0359
|
Foscam IP Video Camera webService dyndns.com DDNS Client Code Execution Vulnerability
|
2017-11-13
|
CVE-2017-2856
|
8.1
|
TALOS-2017-0383
|
Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0002 Password Field Code Execution Vulnerability
|
2017-11-13
|
CVE-2017-2876
|
8.8
|
TALOS-2017-0386
|
Foscam IP Video Camera UPnP Discovery Code Execution Vulnerability
|
2017-11-13
|
CVE-2017-2879
|
7.5
|
TALOS-2017-0417
|
libxls xls_addCell MulBlank Code Execution Vulnerability
|
2017-11-09
|
CVE-2017-2910
|
8.8
|
TALOS-2017-0436
|
Circle with Disney Rclient SSH Persistent Remote Access Vulnerability
|
2017-10-31
|
CVE-2017-12084
|
8.0
|
TALOS-2017-0391
|
Circle with Disney Apid Photo Upload Denial of Service Vulnerability
|
2017-10-31
|
CVE-2017-2884
|
7.5
|
TALOS-2017-0405
|
Circle with Disney Firmware Update Signature Check Bypass Vulnerability
|
2017-10-31
|
CVE-2017-2898
|
9.9
|
TALOS-2017-0419
|
Circle with Disney Goclient SSL TLD MITM Vulnerability
|
2017-10-31
|
CVE-2017-2912
|
7.4
|
TALOS-2017-0422
|
Circle with Disney WiFi Restart SSID Parsing Command Injection Vulnerability
|
2017-10-31
|
CVE-2017-2915
|
9.0
|
TALOS-2017-0424
|
Circle with Disney configure.xml Notifications Command Injection Vulnerability
|
2017-10-31
|
CVE-2017-2917
|
9.9
|
TALOS-2017-0437
|
Circle with Disney Token Routing Vulnerability
|
2017-10-31
|
CVE-2017-12085
|
9.0
|
TALOS-2017-0448
|
Circle with Disney WiFi Security Downgrade Vulnerability
|
2017-10-31
|
CVE-2017-12096
|
6.5
|
TALOS-2017-0390
|
Circle with Disney Database Updater Code Execution Vulnerability
|
2017-10-31
|
CVE-2017-2883
|
9.0
|
TALOS-2017-0396
|
Circle with Disney Apid Server Fork Denial of Service Vulnerability
|
2017-10-31
|
CVE-2017-2889
|
7.5
|
TALOS-2017-0397
|
Circle with Disney Restore API Command Injection Vulnerability
|
2017-10-31
|
CVE-2017-2890
|
9.9
|
TALOS-2017-0398
|
Cesanta Mongoose HTTP Server CGI Remote Code Execcution Vulnerability
|
2017-10-31
|
CVE-2017-2891
|
9.8
|
TALOS-2017-0399
|
Cesanta Mongoose MQTT Payload Length Remote Code Execution
|
2017-10-31
|
CVE-2017-2892
|
6.8
|
TALOS-2017-0400
|
Cesanta Mongoose MQTT SUBSCRIBE Command Denial Of Service
|
2017-10-31
|
CVE-2017-2893
|
6.8
|
TALOS-2017-0401
|
Cesanta Mongoose MQTT SUBSCRIBE Multiple Topics Remote Code Execution
|
2017-10-31
|
CVE-2017-2894
|
9.8
|
TALOS-2017-0402
|
Cesanta Mongoose MQTT SUBSCRIBE Topic Length Information Leak
|
2017-10-31
|
CVE-2017-2895
|
8.2
|
TALOS-2017-0428
|
Cesanta Mongoose Websocket Protocol Packet Length Code Execution Vulnerability
|
2017-10-31
|
CVE-2017-2921
|
8.1
|
TALOS-2017-0429
|
Cesanta Mongoose Websocket Protocol Fragmented Packet Code Execution Vulnerability
|
2017-10-31
|
CVE-2017-2922
|
9.8
|
TALOS-2017-0420
|
Circle with Disney libbluecoat.so SSL TLD MITM Vulnerability
|
2017-10-31
|
CVE-2017-2913
|
8.1
|
TALOS-2017-0423
|
Circle with Disney Configuration Restore Photos File Overwrite Vulnerability
|
2017-10-31
|
CVE-2017-2916
|
9.9
|
TALOS-2017-0446
|
Circle with Disney Startup WiFi Channel Parsing Command Injection Vulnerability
|
2017-10-31
|
CVE-2017-12094
|
7.4
|
TALOS-2017-0371
|
Circle with Disney Firmware Update Command Injection Vulnerability
|
2017-10-31
|
CVE-2017-2865
|
9.6
|
TALOS-2017-0372
|
Circle with Disney Backup API Command Injection Vulnerability
|
2017-10-31
|
CVE-2017-2866
|
9.9
|
TALOS-2017-0388
|
Circle with Disney check_torlist.sh Update Code Execution Vulnerability
|
2017-10-31
|
CVE-2017-2881
|
9.6
|
TALOS-2017-0370
|
Circle with Disney Weak Authentication Vulnerability
|
2017-10-31
|
CVE-2017-2864
|
8.1
|
TALOS-2017-0389
|
Circle with Disney check_circleservers Code Execution Vulnerability
|
2017-10-31
|
CVE-2017-2882
|
9.0
|
TALOS-2017-0435
|
Circle with Disney Apid Use-Between-Reallocs Information Disclosure Vulnerability
|
2017-10-31
|
CVE-2017-12083
|
5.8
|
TALOS-2017-0421
|
Circle with Disney Apid Strstr Authentication Bypass Vulnerability
|
2017-10-31
|
CVE-2017-2914
|
9.0
|
TALOS-2017-0416
|
Cesanta Mongoose DNS Query Compressed Name Pointer Denial Of Service
|
2017-10-31
|
CVE-2017-2909
|
7.5
|
TALOS-2017-0418
|
Circle with Disney Rclient SSL TLD MITM Vulnerability
|
2017-10-31
|
CVE-2017-2911
|
9.0
|
TALOS-2017-0459
|
Computerinsel Photoline PCX Parsing Code Execution Vulnerability
|
2017-10-30
|
CVE-2017-12107
|
8.8
|
TALOS-2017-0295
|
Apache OpenOffice DOC WW8Fonts Constructor Code Execution Vulnerability
|
2017-10-26
|
CVE-2017-9806
|
8.3
|
TALOS-2017-0301
|
Apache OpenOffice DOC ImportOldFormatStyles Code Execution Vulnerability
|
2017-10-26
|
CVE-2017-12608
|
8.3
|
TALOS-2017-0300
|
Apache OpenOffice PPT PPTStyleSheet nLevel Code Execution Vulnerability
|
2017-10-26
|
CVE-2017-12607
|
8.3
|
TALOS-2017-0432
|
Google PDFium TIFF Image Flate Decoder Code Execution Vulnerability
|
2017-10-19
|
CVE-2017-5133
|
7.5
|
TALOS-2017-0394
|
Simple DirectMedia Layer SDL_image XCF Property Handling Code Execution Vulnerability
|
2017-10-10
|
CVE-2017-2887
|
8.8
|
TALOS-2017-0395
|
Simple DirectMedia Layer Create RGB Surface Code Execution Vulnerability
|
2017-10-10
|
CVE-2017-2888
|
8.8
|
TALOS-2017-0458
|
Computerinsel Photoline TGA Parsing Code Execution Vulnerability
|
2017-10-04
|
CVE-2017-12106
|
8.8
|
TALOS-2017-0427
|
Computerinsel Photoline SVG Parsing Code Execution Vulnerability
|
2017-10-04
|
CVE-2017-2920
|
8.8
|
TALOS-2017-0387
|
Computerinsel Photoline GIF Parsing Code Execution Vulnerability
|
2017-10-04
|
CVE-2017-2880
|
8.8
|
TALOS-2017-0305
|
ansible-vault Yaml Load Code Execution Vulnerability
|
2017-09-14
|
CVE-2017-2809
|
7.5
|
TALOS-2017-0317
|
LibOFX Tag Parsing Code Execution Vulnerability
|
2017-09-13
|
CVE-2017-2816
|
8.8
|
TALOS-2017-0430
|
FreeXL read_biff_next_record Code Execution Vulnerability
|
2017-09-11
|
CVE-2017-2923
|
8.8
|
TALOS-2017-0431
|
FreeXL BIFF Dimension Marker Code Execution Vulnerability
|
2017-09-11
|
CVE-2017-2924
|
8.8
|
TALOS-2017-0306
|
Microsoft Edge Content Security Bypass Vulnerability
|
2017-09-06
|
--
|
4.3
|
TALOS-2017-0303
|
Ledger CLI Tags Parsing Code Execution Vulnerability
|
2017-08-30
|
CVE-2017-2807
|
7.5
|
TALOS-2017-0366
|
Gdk-Pixbuf JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability
|
2017-08-30
|
CVE-2017-2862
|
8.8
|
TALOS-2017-0377
|
Gdk-Pixbuf TIFF tiff_image_parse Code Execution Vulnerability
|
2017-08-30
|
CVE-2017-2870
|
8.8
|
TALOS-2017-0304
|
Ledger CLI Account Directive Use-After-Free Vulnerability
|
2017-08-30
|
CVE-2017-2808
|
7.5
|
TALOS-2017-0273
|
National Instruments LabVIEW RSRC Arbitrary Null Write Code Execution Vulnerability
|
2017-08-29
|
CVE-2017-2779
|
7.5
|
TALOS-2017-0323
|
Lexmark LibISYSpdf Image Rendering DCTStream::getBlock() Code Execution Vulnerability
|
2017-08-28
|
CVE-2017-2822
|
7.5
|
TALOS-2017-0322
|
Lexmark Perceptive Document Filters PDF GfxFont Code Execution Vulnerability
|
2017-08-28
|
CVE-2017-2821
|
8.8
|
TALOS-2017-0392
|
GNOME libsoup HTTP Chunked Encoding Remote Code Execution Vulnerability
|
2017-08-10
|
CVE-2017-2885
|
9.8
|
TALOS-2017-0361
|
Adobe Acrobat Reader DC AcroForm PDFDocEncoding Remote Code Execution Vulnerability
|
2017-08-08
|
CVE-2017-11263
|
8.8
|
TALOS-2017-0308
|
Kakadu SDK JPEG 2000 Unknown Marker Code Execution Vulnerability
|
2017-08-04
|
CVE-2017-2811
|
8.8
|
TALOS-2017-0309
|
Kakadu SDK JPEG 2000 Contiguous Codestream Code Execution Vulnerability
|
2017-08-04
|
CVE-2017-2812
|
8.8
|
TALOS-2017-0342
|
EZB Systems UltraISO ISO Parsing Code Execution Vulnerability
|
2017-08-01
|
CVE-2017-2840
|
8.8
|
TALOS-2017-0337
|
FreeRDP Rdp Client Recv RDP Code Execution Vulnerability
|
2017-07-24
|
CVE-2017-2835
|
8.8
|
TALOS-2017-0336
|
FreeRDP Rdp Client License Recv Code Execution Vulnerability
|
2017-07-24
|
CVE-2017-2834
|
8.8
|
TALOS-2017-0338
|
FreeRDP Rdp Client Read Server Proprietary Certificate Denial of Service Vulnerability
|
2017-07-24
|
CVE-2017-2836
|
6.5
|
TALOS-2017-0339
|
FreeRDP Rdp Client GCC Read Server Security Data Denial of Service Vulnerability
|
2017-07-24
|
CVE-2017-2837
|
6.5
|
TALOS-2017-0340
|
FreeRDP Rdp Client License Read Product Info Denial of Service Vulnerability
|
2017-07-24
|
CVE-2017-2838
|
6.5
|
TALOS-2017-0341
|
FreeRDP Rdp Client License Read Challenge Packet Denial of Service Vulnerability
|
2017-07-24
|
CVE-2017-2839
|
6.5
|
TALOS-2016-0261
|
Corel CorelDRAW X8 EMF Parser Code Execution Vulnerability
|
2017-07-20
|
CVE-2016-9043
|
8.8
|
TALOS-2016-0244
|
Corel PHOTO-PAINT X8 GIF Filter Code Execution Vulnerability
|
2017-07-20
|
CVE-2016-8730
|
8.8
|
TALOS-2017-0298
|
Corel PHOTO-PAINT X8 TIFF Filter Code Execution Vulnerability
|
2017-07-20
|
CVE-2017-2804
|
8.8
|
TALOS-2017-0297
|
Corel PHOTO-PAINT X8 64-bit TIFF Filter Code Execution Vulnerability
|
2017-07-20
|
CVE-2017-2803
|
8.8
|
TALOS-2017-0313
|
ProcessMaker Enterprise Core Multiple SQL Injection Vulnerabilities
|
2017-07-19
|
CVE-2016-9048
|
7.4
|
TALOS-2017-0316
|
Open Fire User Import Export Plugin XML External Entity Injection
|
2017-07-19
|
CVE-2017-2815
|
8.1
|
TALOS-2017-0315
|
Information Builders WebFOCUS Business Intelligence Portal Command Execution Vulnerability
|
2017-07-19
|
CVE-2016-9044
|
8.8
|
TALOS-2017-0314
|
ProcessMaker Enterprise Core Code Execution Vulnerability
|
2017-07-19
|
CVE-2016-9045
|
8.8
|
TALOS-2017-0367
|
Iceni Infix PDF parsing SetSize Code Execution Vulnerability
|
2017-07-11
|
CVE-2017-2863
|
8.8
|
TALOS-2017-0311
|
Poppler PDF Image Display DCTStream::readScan() Code Execution Vulnerability
|
2017-07-07
|
CVE-2017-2814
|
7.5
|
TALOS-2017-0321
|
Poppler PDF library JPEG 2000 levels Code Execution Vulnerability
|
2017-07-07
|
CVE-2017-2820
|
8.8
|
TALOS-2017-0319
|
Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability
|
2017-07-07
|
CVE-2017-2818
|
7.5
|
TALOS-2017-0289
|
Nitro Pro 11 PDF Handling Code Execution Vulnerability
|
2017-07-06
|
CVE-2016-2796
|
8.8
|
TALOS-2016-0246
|
Invincea Dell Protected Workspace Protection Bypass
|
2017-06-30
|
CVE-2016-8732
|
7.8
|
TALOS-2016-0247
|
Dell Precision Optimizer Local Privilege Escalation Vulnerability
|
2017-06-30
|
CVE-2017-2802
|
7.1
|
TALOS-2016-0256
|
Invincea-X SboxDrv.sys Version Number Query Local Privilege Escalation Vulnerability
|
2017-06-30
|
CVE-2016-9038
|
8.1
|
TALOS-2017-0278
|
InsideSecure MatrixSSL x509 certificate General Names Information Disclosure Vulnerability
|
2017-06-22
|
CVE-2017-2782
|
6.5
|
TALOS-2017-0277
|
InsideSecure MatrixSSL x509 certificate IssuerDomainPolicy Remote Code Execution Vulnerability
|
2017-06-22
|
CVE-2017-2781
|
8.1
|
TALOS-2017-0276
|
InsideSecure MatrixSSL x509 certificate SubjectDomainPolicy Remote Code Execution Vulnerability
|
2017-06-22
|
CVE-2017-2780
|
8.1
|
TALOS-2017-0299
|
Foscam IP Video Camera WebService CGI Parameter Code Execution Vulnerability
|
2017-06-19
|
CVE-2017-2805
|
9.8
|
TALOS-2017-0352
|
Foscam IP Video Camera CGIProxy.fcgi Change Username pureftpd.passwd Injection Vulnerability
|
2017-06-19
|
CVE-2017-2850
|
8.8
|
TALOS-2017-0351
|
Foscam IP Video Camera CGIProxy.fcgi NTP Server Configuration Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2849
|
8.8
|
TALOS-2017-0353
|
Foscam IP Video Camera CGIProxy.fcgi Wifi Settings Code Execution Vulnerability
|
2017-06-19
|
CVE-2017-2851
|
7.5
|
TALOS-2017-0331
|
Foscam IP Video Camera CGIProxy.fcgi Message 0x3001 Multi-part Form Boundary Code Execution Vulnerability
|
2017-06-19
|
CVE-2017-2830
|
8.8
|
TALOS-2017-0332
|
Foscam IP Video Camera CGIProxy.fcgi Query Append Buffer Overflow Vulnerability
|
2017-06-19
|
CVE-2017-2831
|
9.8
|
TALOS-2017-0347
|
Foscam IP Video Camera CGIProxy.fcgi SMTP Test Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2845
|
8.8
|
TALOS-2017-0334
|
Foscam IP Video Camera CGIProxy.fcgi FTP Startup Configuration Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2833
|
8.8
|
TALOS-2017-0346
|
Foscam IP Video Camera CGIProxy.fcgi SMTP Test Sender Parameter Configuration Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2844
|
8.8
|
TALOS-2017-0335
|
Foscam IP Video Camera CGIProxy.fcgi Account Deletion Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2832
|
8.8
|
TALOS-2017-0349
|
Foscam IP Video Camera CGIProxy.fcgi DNS1 Address Configuration Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2847
|
8.8
|
TALOS-2017-0329
|
Foscam IP Video Camera CGIProxy.fcgi Account Password Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2828
|
8.8
|
TALOS-2017-0343
|
Foscam IP Video Camera CGIProxy.fcgi SMTP Test Host Parameter Configuration Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2841
|
8.8
|
TALOS-2017-0344
|
Foscam IP Video Camera CGIProxy.fcgi SMTP Test User Parameter Configuration Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2842
|
8.8
|
TALOS-2017-0345
|
Foscam IP Video Camera CGIProxy.fcgi SMTP Test Password Parameter Configuration Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2843
|
8.8
|
TALOS-2017-0330
|
Foscam IP Video Camera CGIProxy.fcgi Message 0x3001 Directory Traversal Vulnerability
|
2017-06-19
|
CVE-2017-2829
|
7.7
|
TALOS-2017-0348
|
Foscam IP Video Camera CGIProxy.fcgi Gateway Address Configuration Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2846
|
8.8
|
TALOS-2017-0350
|
Foscam IP Video Camera CGIProxy.fcgi DNS2 Address Configuration Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2848
|
8.8
|
TALOS-2016-0245
|
Foscam C1 Webcam FTP Hard Coded Password Vulnerability
|
2017-06-19
|
CVE-2016-8731
|
9.8
|
TALOS-2017-0328
|
Foscam IP Video Camera CGIProxy.fcgi Account Creation Command Injection Vulnerability
|
2017-06-19
|
CVE-2017-2827
|
8.8
|
TALOS-2017-0307
|
Tablib Yaml Load Code Execution Vulnerability
|
2017-06-13
|
CVE-2017-2810
|
7.5
|
TALOS-2016-0242
|
MuPDF Fitz library font glyph scaling Code Execution Vulnerability
|
2017-05-15
|
CVE-2016-8728
|
8.6
|
TALOS-2016-0243
|
Artifex MuPDf JBIG2 Parser Code Execution Vulnerability
|
2017-05-15
|
CVE-2016-8729
|
7.5
|
TALOS-2017-0320
|
Hancom Thinkfree NEO Hangul Word Processor HWPTAG_TAB_DEF Tab Count Code Execution Vulnerability
|
2017-05-12
|
CVE-2017-2819
|
8.8
|
TALOS-2017-0318
|
PowerIso Parsing Code Execution Vulnerability
|
2017-05-05
|
CVE-2017-2817
|
8.8
|
TALOS-2017-0324
|
PowerISO ISO Parsing Use After Free
|
2017-05-05
|
CVE-2017-2823
|
8.8
|
TALOS-2016-0208
|
AntennaHouse DMC HTMLFilter Doc_GetFontTable Code Execution Vulnerability
|
2017-05-04
|
CVE-2016-8383
|
8.3
|
TALOS-2016-0207
|
AntennaHouse DMC HTMLFilter Doc_SetSummary Code Execution Vulnerability
|
2017-05-04
|
CVE-2016-8382
|
8.3
|
TALOS-2017-0285
|
AntennaHouse DMC HTMLFilter UnCompressUnicode Code Execution Vulnerability
|
2017-05-04
|
CVE-2017-2793
|
8.3
|
TALOS-2017-0288
|
AntennaHouse DMC HTMLFilter Txo Code Execution Vulnerability
|
2017-05-04
|
CVE-2017-2795
|
8.3
|
TALOS-2017-0292
|
AntennaHouse DMC HTMLFilter AddSst Code Execution Vulnerability
|
2017-05-04
|
CVE-2017-2799
|
8.3
|
TALOS-2017-0291
|
AntennaHouse DMC HTMLFilter GetIndexArray Code Execution Vulnerability
|
2017-05-04
|
CVE-2017-2798
|
8.3
|
TALOS-2017-0286
|
AntennaHouse DMC HTMLFilter PPT DHFSummary Code Execution Vulnerability
|
2017-05-04
|
CVE-2017-2794
|
8.3
|
TALOS-2017-0284
|
AntennaHouse DMC HTMLFilter iBldDirInfo Code Execution Vulnerability
|
2017-05-04
|
CVE-2017-2792
|
8.3
|
TALOS-2017-0279
|
AntennaHouse DMC HTMLFilter FillRowFormat Code Execution Vulnerability
|
2017-05-04
|
CVE-2017-2783
|
8.3
|
TALOS-2016-0209
|
AntennaHouse DMC HTMLFilter DHFSummary Code Execution Vulnerability
|
2017-05-04
|
CVE-2016-8384
|
8.3
|
TALOS-2017-0293
|
WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability
|
2017-05-04
|
CVE-2017-2800
|
8.1
|
TALOS-2017-0290
|
AntennaHouse DMC HTMLFilter PPT ParseEnvironment Code Execution Vulnerability
|
2017-05-04
|
CVE-2017-2797
|
8.3
|
TALOS-2017-0294
|
Randombit Botan Library X509 Certificate Validation Bypass Vulnerability
|
2017-04-28
|
CVE-2017-2801
|
6.5
|
TALOS-2017-0325
|
Zabbix Server Active Proxy Trapper Remote Code Execution Vulnerability
|
2017-04-27
|
CVE-2017-2824
|
9.0
|
TALOS-2017-0326
|
Zabbix Proxy Server SQL Database Write Vulnerability
|
2017-04-27
|
CVE-2017-2825
|
7.0
|
TALOS-2017-0310
|
IrfanView JPEG 2000 Reference Tile Width Arbitrary Code Execution Vulnerability
|
2017-04-26
|
CVE-2017-2813
|
8.8
|
TALOS-2016-0231
|
Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability
|
2017-04-21
|
CVE-2016-8717
|
10.0
|
TALOS-2017-0274
|
ARM Mbedtls x509 ECDSA invalid public key Remote Code Execution Vulnerability
|
2017-04-19
|
CVE-2017-2784
|
8.1
|
TALOS-2016-0235
|
Moxa AWK-3131A Web Application Ping Command Injection Vulnerability
|
2017-04-18
|
CVE-2016-8721
|
9.1
|
TALOS-2017-0302
|
Lexmark Perceptive Document Filters XLS ShapeHLink Information Disclosure Vulnerability
|
2017-04-18
|
CVE-2017-2806
|
4.3
|
TALOS-2016-0237
|
Moxa AWK-3131A HTTP GET Denial of Service Vulnerability
|
2017-04-10
|
CVE-2016-8723
|
7.5
|
TALOS-2016-0230
|
Moxa AWK-3131A Web Application Cleartext Transmission of Password Vulnerability
|
2017-04-10
|
CVE-2016-8716
|
7.5
|
TALOS-2016-0233
|
Moxa AWK-3131A Web Application Multiple Reflected Cross-Site Scripting Vulnerabilities
|
2017-04-10
|
CVE-2016-8719
|
7.5
|
TALOS-2016-0238
|
Moxa AWK-3131A serviceAgent Information Disclosure Vulnerability
|
2017-04-10
|
CVE-2016-8724
|
5.3
|
TALOS-2016-0240
|
Moxa AWK-3131A web_runScript Header Manipulation Denial of Service Vulnerability
|
2017-04-10
|
CVE-2016-8726
|
7.5
|
TALOS-2016-0232
|
Moxa AWK-3131A Web Application Cross-Site Request Forgery Vulnerability
|
2017-04-10
|
CVE-2016-8718
|
7.5
|
TALOS-2016-0234
|
Moxa AWK-3131A Web Application bkpath HTTP Header Injection Vulnerability
|
2017-04-10
|
CVE-2016-8720
|
3.1
|
TALOS-2016-0239
|
Moxa AWK-3131A Web Application systemlog.log Information Disclosure Vulnerability
|
2017-04-10
|
CVE-2016-8725
|
5.3
|
TALOS-2016-0225
|
Moxa AWK-3131A Web Application Nonce Reuse Vulnerability
|
2017-04-10
|
CVE-2016-8712
|
5.9
|
TALOS-2016-0241
|
Moxa AWK-3131A Web Application onekey Information Disclosure Vulnerability
|
2017-04-10
|
CVE-2016-0241
|
7.5
|
TALOS-2016-0236
|
Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability
|
2017-04-10
|
CVE-2016-8722
|
5.3
|
TALOS-2016-0260
|
Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability
|
2017-03-29
|
CVE-2016-9042
|
3.7
|
TALOS-2017-0269
|
National Instruments LabVIEW LvVarientUnflatten Code Execution Vulnerability
|
2017-03-22
|
CVE-2017-2775
|
7.5
|
TALOS-2016-0227
|
R PDF LoadEncoding Code Execution Vulnerability
|
2017-03-09
|
CVE-2016-8714
|
7.5
|
TALOS-2017-0296
|
Apple OS X and iOS x509 certificate parsing Name Constraints Remote Code Execution Vulnerability
|
2017-03-09
|
CVE-2017-2485
|
8.8
|
TALOS-2017-0281
|
Pharos PopUp Printer Client DecodeString Code Execution Vulnerability
|
2017-03-07
|
CVE-2017-2786
|
5.3
|
TALOS-2017-0283
|
Pharos PopUp Printer Client DecodeBinary Code Execution Vulnerability
|
2017-03-07
|
CVE-2017-2788
|
10.0
|
TALOS-2017-0280
|
Pharos PopUp Printer Client DecodeString Code Execution Vulnerability
|
2017-03-07
|
CVE-2017-2785
|
10.0
|
TALOS-2017-0282
|
Pharos PopUp Printer Client memcpy Code Execution Vulnerability
|
2017-03-07
|
CVE-2017-2787
|
9.0
|
TALOS-2017-0271
|
Iceni Argus ipStringCreate Code Execution Vulnerability
|
2017-02-27
|
CVE-2017-2777
|
8.8
|
TALOS-2016-0228
|
Iceni Argus icnChainAlloc Signed Comparison Code Execution Vulnerability
|
2017-02-27
|
CVE-2016-8715
|
8.8
|
TALOS-2016-0211
|
Iceni Argus TrueType Font File Cmap Table Code Execution Vulnerability
|
2017-02-27
|
CVE-2016-8386
|
8.8
|
TALOS-2016-0214
|
Iceni Argus PDF TextToPolys Rasterization Code Execution Vulnerability
|
2017-02-27
|
CVE-2016-8389
|
8.8
|
TALOS-2016-0213
|
Iceni Argus PDF Font-Encoding GlyphMap Adjustment Code Execution Vulnerability
|
2017-02-27
|
CVE-2016-8388
|
8.8
|
TALOS-2016-0212
|
Iceni Argus PDF Inflate+LZW Decompression Heap-Based Buffer Overflow Vulnerability
|
2017-02-27
|
CVE-2016-8387
|
8.8
|
TALOS-2016-0197
|
Ichitaro Office Excel File Code Execution Vulnerability
|
2017-02-27
|
CVE-2017-2790
|
8.8
|
TALOS-2016-0210
|
Iceni Argus PDF Uninitialized WordStyle Color Length Code Execution Vulnerability
|
2017-02-27
|
CVE-2016-8385
|
8.8
|
TALOS-2016-0199
|
Ichitaro Word Processor PersistDirectory Code Execution Vulnerability
|
2017-02-24
|
CVE-2017-2791
|
7.5
|
TALOS-2016-0196
|
Ichitaro Office JTD Figure handling Code Execution Vulnerability
|
2017-02-24
|
CVE-2017-2789
|
8.8
|
TALOS-2016-0263
|
Aerospike Database Server Fabric-Worker Socket-Loop Denial-of-Service Vulnerability
|
2017-02-21
|
CVE-2016-9049
|
7.5
|
TALOS-2016-0265
|
Aerospike Database Server Client Batch Request Code Execution Vulnerability
|
2017-02-21
|
CVE-2016-9051
|
9.8
|
TALOS-2016-0267
|
Aerospike Database Server RW Fabric Message Particle Type Code Execution Vulnerability
|
2017-02-21
|
CVE-2016-9053
|
9.8
|
TALOS-2017-0275
|
Apple GarageBand Out of Bounds Write Code Execution Vulnerability
|
2017-02-14
|
CVE-2017-2374
|
8.8
|
TALOS-2017-0262
|
Apple GarageBand Out of Bounds Write Code Execution Vulnerability
|
2017-02-14
|
CVE-2017-2372
|
8.8
|
TALOS-2016-0224
|
Nitro Pro 10 PDF Handling Code Execution Vulnerability
|
2017-02-03
|
CVE-2016-8711
|
9.3
|
TALOS-2016-0226
|
Nitro Pro 10 PDF Handling Code Execution Vulnerability
|
2017-02-03
|
CVE-2016-8713
|
8.8
|
TALOS-2016-0218
|
Nitro Pro PDF Handling Code Execution Vulnerability
|
2017-02-03
|
CVE-2016-8709
|
8.8
|
TALOS-2016-0229
|
McAfee ePolicy Orchestrator DataChannel Blind SQL Injection Vulnerability
|
2017-02-01
|
CVE-2016-8027
|
8.2
|
TALOS-2016-0223
|
Libbpg BGP image decoding Code Execution Vulnerability
|
2017-01-23
|
CVE-2016-8710
|
7.5
|
TALOS-2016-0259
|
Adobe Acrobat Reader DC jpeg decoder Remote Code Execution Vulnerability
|
2017-01-20
|
CVE-2017-2971
|
8.8
|
TALOS-2016-0198
|
Oracle Outside In Technology PDF parser confusion Code Execution Vulnerability
|
2017-01-17
|
CVE-2017-3271
|
7.5
|
TALOS-2016-0215
|
Oracle Outside In Technology RTF Parsing Code Execution Vulnerability
|
2017-01-17
|
CVE-2017-3293
|
8.1
|
TALOS-2016-0264
|
Aerospike Database Server Client Message Memory Disclosure Vulnerability
|
2017-01-09
|
CVE-2016-9050
|
8.2
|
TALOS-2016-0266
|
Aerospike Database Server Index Name Code Execution Vulnerability
|
2017-01-09
|
CVE-2016-9052
|
9.8
|
TALOS-2016-0268
|
Aerospike Database Server Set Name Code Execution Vulnerability
|
2017-01-09
|
CVE-2016-9054
|
9.8
|
TALOS-2016-0255
|
Tarantool Key-type Denial Of Service Vulnerability
|
2016-12-16
|
CVE-2016-9037
|
7.5
|
TALOS-2016-0257
|
Joyent SmartOS Hyprlofs FS IOCTL Add Entries Native File System Denial of Service Vulnerability
|
2016-12-16
|
CVE-2016-9039
|
6.2
|
TALOS-2016-0254
|
Tarantool Msgpuck mp_check Denial Of Service Vulnerability
|
2016-12-16
|
CVE-2016-9036
|
7.5
|
TALOS-2016-0217
|
Nvidia Windows Kernel Mode Driver Denial Of Service
|
2016-12-14
|
CVE-2016-8823
|
5.5
|
TALOS-2016-0250
|
Joyent SmartOS Hyprlofs FS IOCTL Native File System name Buffer Overflow Privilege Escalation Vulnerability
|
2016-12-12
|
CVE-2016-9032
|
7.0
|
TALOS-2016-0258
|
Joyent SmartOS Hyprlofs FS IOCTL Add Entries 32-bit File System Denial of Service Vulnerability
|
2016-12-12
|
CVE-2016-9040
|
6.2
|
TALOS-2016-0248
|
Joyent SmartOS Hyprlofs FS IOCTL Native File System Integer Overflow Privilege Escalation Vulnerability
|
2016-12-12
|
CVE-2016-8733
|
7.8
|
TALOS-2016-0249
|
Joyent SmartOS Hyprlofs FS IOCTL 32-bit File System Integer Overflow Privilege Escalation Vulnerability
|
2016-12-12
|
CVE-2016-9031
|
7.8
|
TALOS-2016-0253
|
Joyent SmartOS Hyprlofs FS IOCTL 32-bit File System path Buffer Overflow Privilege Escalation Vulnerability
|
2016-12-12
|
CVE-2016-9035
|
7.0
|
TALOS-2016-0252
|
Joyent SmartOS Hyprlofs FS IOCTL 32-bit File System name Buffer Overflow Privilege Escalation Vulnerability
|
2016-12-12
|
CVE-2016-9034
|
7.0
|
TALOS-2016-0251
|
Joyent SmartOS Hyprlofs FS IOCTL Native File System path Buffer Overflow Privilege Escalation Vulnerability
|
2016-12-12
|
CVE-2016-9033
|
7.0
|
TALOS-2016-0216
|
ImageMagick Convert Tiff Adobe Deflate Code Execution Vulnerability
|
2016-12-03
|
CVE-2016-8707
|
7.5
|
TALOS-2016-0131
|
Network Time Protocol Broadcast Mode Replay Prevention Denial of Service Vulnerability
|
2016-11-21
|
CVE-2016-7427
|
5.0, 5.3
|
TALOS-2016-0203
|
Network Time Protocol Control Mode Unauthenticated Trap Information Disclosure and DDoS Amplification Vulnerability
|
2016-11-21
|
CVE-2016-9310
|
6.5
|
TALOS-2016-0204
|
Network Time Protocol Trap Crash Denial of Service Vulnerability
|
2016-11-21
|
CVE-2016-9311
|
5.9
|
TALOS-2016-0130
|
Network Time Protocol Broadcast Mode Poll Interval Enforcement Denial of Service Vulnerability
|
2016-11-21
|
CVE-2016-7428
|
5.3
|
TALOS-2016-0176
|
HDF5 Group libhdf5 H5T_ARRAY Code Execution Vulnerability
|
2016-11-17
|
CVE-2016-4330
|
8.6
|
TALOS-2016-0179
|
HDF5 Group libhdf5 H5T_COMPOUND Code Execution Vulnerability
|
2016-11-17
|
CVE-2016-4333
|
8.6
|
TALOS-2016-0177
|
HDF5 Group libhdf5 H5Z_NBIT Code Execution Vulnerability
|
2016-11-17
|
CVE-2016-4331
|
8.6
|
TALOS-2016-0178
|
HDF5 Group libhdf5 Shareable Message Type Code Execution Vulnerability
|
2016-11-17
|
CVE-2016-4332
|
8.6
|
TALOS-2016-0127
|
GMER Path Length Code Execution Vulnerability
|
2016-11-03
|
CVE-2016-4289
|
3.0
|
TALOS-2016-0220
|
Memcached Server Update Remote Code Execution Vulnerability
|
2016-10-31
|
CVE-2016-8705
|
9.8
|
TALOS-2016-0219
|
Memcached Server Append/Prepend Remote Code Execution Vulnerability
|
2016-10-31
|
CVE-2016-8704
|
9.8
|
TALOS-2016-0221
|
Memcached Server SASL Autentication Remote Code Execution Vulnerability
|
2016-10-31
|
CVE-2016-8706
|
8.1
|
TALOS-2016-0200
|
Iceni Argus ipfSetColourStroke Code Execution Vulnerability
|
2016-10-26
|
CVE-2016-8333
|
8.8
|
TALOS-2016-0202
|
Iceni Argus ipNameAdd Code Execution Vulnerability
|
2016-10-26
|
CVE-2016-8335
|
8.8
|
TALOS-2016-0187
|
LibTIFF TIFF2PDF TIFFTAG_JPEGTABLES Remote Code Execution Vulnerability
|
2016-10-25
|
CVE-2016-5652
|
6.4
|
TALOS-2016-0190
|
LibTIFF Tag Extension Remote Code Execution Vulnerability
|
2016-10-25
|
CVE-2016-8331
|
8.1
|
TALOS-2016-0205
|
LibTIFF PixarLogDecode Remote Code Execution Vulnerability
|
2016-10-25
|
CVE-2016-5875
|
8.8
|
TALOS-2016-0201
|
Foxit PDF Reader JBIG2 Parser Information Disclosure Vulnerability
|
2016-10-18
|
CVE-2016-8334
|
6.8
|
TALOS-2016-0222
|
Hopper Disassembler ELF Section Header Size Code Execution Vulnerability
|
2016-10-18
|
CVE-2016-8390
|
7.5
|
TALOS-2016-0189
|
FreeImage Library XMP Image Handling Code Execution Vulnerability
|
2016-10-03
|
CVE-2016-5684
|
8.8
|
TALOS-2016-0206
|
Redis CONFIG SET client-output-buffer-limit command Code Execution Vulnerability
|
2016-09-30
|
CVE-2016-8339
|
6.6
|
TALOS-2016-0193
|
OpenJPEG JPEG2000 mcc record Code Execution Vulnerability
|
2016-09-29
|
CVE-2016-8332
|
7.5
|
TALOS-2016-0191
|
Microsoft Windows10 AHCACHE.SYS Remote Denial Of Service
|
2016-09-13
|
CVE-2016-3369
|
6.8
|
TALOS-2016-0175
|
Kaspersky Anti-Virus Unhandled Windows Messages Denial of Service Vulnerability
|
2016-09-05
|
CVE-2016-4329
|
5.5
|
TALOS-2016-0167
|
Kaspersky Internet Security KLIF Driver NtAdjustTokenPrivileges_HANDLER Denial of Service
|
2016-08-26
|
CVE-2016-4305
|
5.5
|
TALOS-2016-0169
|
Kaspersky Internet Security KL1 Driver Signal Handler Denial of Service
|
2016-08-26
|
CVE-2016-4307
|
5.5
|
TALOS-2016-0166
|
Kaspersky Internet Security KLIF Driver NtUserCreateWindowEx_HANDLER Denial of Service
|
2016-08-26
|
CVE-2016-4304
|
5.5
|
TALOS-2016-0168
|
Kaspersky Internet Security KLDISK Driver Multiple Kernel Memory Disclosure Vulnerabilities
|
2016-08-26
|
CVE-2016-4306
|
5.5
|
TALOS-2016-0184
|
AB Rockwell Automation MicroLogix 1400 Code Execution Vulnerability
|
2016-08-11
|
CVE-2016-5645
|
7.3
|
TALOS-2016-0170
|
Microsoft Windows PDF API Jpeg2000 csiz Remote Code Execution Vulnerability
|
2016-08-09
|
CVE-2016-3319
|
7.5
|
TALOS-2016-0185
|
Lexmark Perceptive Document Filters CBFF Code Execution Vulnerability
|
2016-08-06
|
CVE-2016-5646
|
7.8
|
TALOS-2016-0172
|
LexMark Perceptive Document Filters XLS Convert Code Execution Vulnerability
|
2016-08-06
|
CVE-2016-4335
|
10.0
|
TALOS-2016-0173
|
LexMark Perceptive Document Filters Bzip2 Convert Out of Bounds Write Vulnerability
|
2016-08-06
|
CVE-2016-4336
|
7.3
|
TALOS-2016-0148
|
Hancom Hangul HCell Workbook Table and Pivot Style Code Execution Vulnerability
|
2016-08-04
|
CVE-2016-4293
|
8.6
|
TALOS-2016-0145
|
Hancom Hangul Office HShow!NXDeleteLineObj+0x6960c Code Execution Vulnerability
|
2016-08-04
|
CVE-2016-4290
|
8.6
|
TALOS-2016-0146
|
Hancom Hangul Office HShow!NXDeleteLineObj+0x53692 Code Execution Vulnerability
|
2016-08-04
|
CVE-2016-4291
|
8.6
|
TALOS-2016-0151
|
Hancom Hangul HCell CSSValFormat::CheckUnderbar Code Execution Vulnerability
|
2016-08-04
|
CVE-2016-4296
|
8.6
|
TALOS-2016-0147
|
Hancom Hangul Office HShow!NXDeleteLineObj+0x47269 Code Execution Vulnerability
|
2016-08-04
|
CVE-2016-4292
|
8.6
|
TALOS-2016-0144
|
Hancom Hangul Office HShow!NXDeleteLineObj+0x560cb Code Execution Vulnerability
|
2016-08-04
|
CVE-2016-4298
|
8.6
|
TALOS-2016-0124
|
BlueStacks App Player Privilege Escalation Vulnerability
|
2016-08-04
|
CVE-2016-4288
|
--
|
TALOS-2016-0150
|
Hancom Hangul HCell HncChart CFormulaTokenSizeModifier Code Execution Vulnerability
|
2016-08-04
|
CVE-2016-4295
|
8.6
|
TALOS-2016-0149
|
Hancom Hangul HCell OfficeArt Record pConnectionSites and pVertices Code Execution Vulnerability
|
2016-08-04
|
CVE-2016-4294
|
8.6
|
TALOS-2016-0051
|
OpenOffice Impress MetaActions Arbitrary Read Write Vulnerability
|
2016-07-21
|
CVE-2016-1513
|
9.3
|
TALOS-2016-0160
|
Oracle OIT ImageExport libvs_bmp BMP BI_RLE8 Width Code Execution Vulnerability
|
2016-07-19
|
--
|
--
|
TALOS-2016-0098
|
Oracle OIT IX SDK libvs_pdf Tj Operator Denial of Service Vulnerability
|
2016-07-19
|
CVE-2016-3576
|
6.5
|
TALOS-2016-0097
|
Oracle OIT IX SDK libvs_pdf Size Integer Overflow Vulnerability
|
2016-07-19
|
CVE-2016-3575
|
7.5
|
TALOS-2016-0102
|
Oracle OIT IX SDK libvs_pdf Xref Offset Denial of Service Vulnerability
|
2016-07-19
|
CVE-2016-3580
|
6.5
|
TALOS-2016-0161
|
Oracle OIT libim_psi2 psiparse Code Execution Vulnerability
|
2016-07-19
|
CVE-2016-3594
|
7.5
|
TALOS-2016-0163
|
Oracle OIT ImageExport libvs_bmp BMP BI_RLE8 Width Code Execution Vulnerability
|
2016-07-19
|
CVE-2016-3596
|
7.5
|
TALOS-2016-0105
|
Oracle OIT IX SDK GIF ImageWidth Code Execution Vulnerabiity
|
2016-07-19
|
CVE-2016-3583
|
--
|
TALOS-2016-0096
|
Oracle OIT IX SDK libvs_pdf Kids List Information Leak
|
2016-07-19
|
CVE-2016-3574
|
7.1
|
TALOS-2016-0158
|
Oracle OIT ContentAccess libvs_word+63AC Code Execution Vulnerability
|
2016-07-19
|
CVE-2016-3592
|
7.5
|
TALOS-2016-0162
|
Oracle OIT libim_gem2 Gem_Text Code Execution Vulnerability
|
2016-07-19
|
CVE-2016-3595
|
7.5
|
TALOS-2016-0157
|
Oracle OIT ContentAccess libvs_mwkd VwStreamReadRecord Memory Corruption Vulnerability
|
2016-07-19
|
CVE-2016-3591
|
7.5
|
TALOS-2016-0104
|
Oracle OIT IX SDK TIFF file parsing heap buffer overflow
|
2016-07-19
|
CVE-2016-3582
|
7.5
|
TALOS-2016-0099
|
Oracle OIT IX SDK libvs_pdf Root xref Denial of Service Vulnerabiity
|
2016-07-19
|
CVE-2016-3577
|
6.5
|
TALOS-2016-0101
|
Oracle OIT IX SDK libvs_pdf arbitrary pointer access
|
2016-07-19
|
CVE-2016-3579
|
--
|
TALOS-2016-0100
|
Oracle OIT IX SDK libvs_pdf FlateDecode Colors Denial of Service Vulnerabiity
|
2016-07-19
|
CVE-2016-3578
|
6.5
|
TALOS-2016-0159
|
Oracle OIT ContentAccess libvs_mwkd VwStreamSection Code Execution Vulnerability
|
2016-07-19
|
CVE-2016-3593
|
7.5
|
TALOS-2016-0103
|
Oracle OIT IX SDK TIFF ExtraSamples Code Execution Vulnerabiity
|
2016-07-19
|
CVE-2016-3581
|
7.5
|
TALOS-2016-0156
|
Oracle OIT ContentAccess libvs_word Denial of Service Vulnerability
|
2016-07-19
|
CVE-2016-3590
|
6.5
|
TALOS-2016-0186
|
Apple Core Graphics BMP Framework img_decode_read Remote Code Execution Vulnerability
|
2016-07-18
|
CVE-2016-4637
|
6.3
|
TALOS-2016-0183
|
Apple OS X Scene Kit DAE XML Code Execution Vulnerability
|
2016-07-18
|
CVE-2016-1850
|
7.4
|
TALOS-2016-0171
|
Apple Image I/O API Tiled TIFF Remote Code Execution Vulnerability
|
2016-07-18
|
CVE-2016-4631
|
8.1
|
TALOS-2016-0180
|
Apple Image I/O EXR Color Component Remote Code Execution Vulnerability
|
2016-07-18
|
CVE-2016-4629
|
6.4
|
TALOS-2016-0181
|
Apple Image I/O EXR Compression Remote Code Execution Vulnerability
|
2016-07-18
|
CVE-2016-4630
|
7.1
|
TALOS-2016-0087
|
Intel HD Graphics Windows Kernel Driver (igdkmd64) Code Execution Vulnerability
|
2016-07-11
|
CVE-2016-5647
|
8.4
|
TALOS-2016-0182
|
Symantec Norton Security IDSvix86 PE Remote System Denial of Service Vulnerability
|
2016-07-07
|
CVE-2016-5308
|
7.5
|
TALOS-2016-0126
|
The Document Foundation LibreOffice RTF Stylesheet Code Execution Vulnerability
|
2016-06-27
|
CVE-2016-4324
|
6.3
|
TALOS-2016-0140
|
Pidgin MXIT File Transfer Length Memory Disclosure Vulnerability
|
2016-06-21
|
CVE-2016-2372
|
5.9
|
TALOS-2016-0143
|
Pidgin MXIT Suggested Contacts Memory Disclosure Vulnerability
|
2016-06-21
|
CVE-2016-2375
|
5.3
|
TALOS-2016-0141
|
Pidgin MXIT Contact Mood Denial of Service Vulnerability
|
2016-06-21
|
CVE-2016-2373
|
5.9
|
TALOS-2016-0123
|
Pidgin MXIT mxit_convert_markup_tx Information Leak Vulnerability
|
2016-06-21
|
CVE-2016-2380
|
3.1
|
TALOS-2016-0119
|
Pidgin MXIT HTTP Content-Length Buffer Overflow Vulnerability
|
2016-06-21
|
CVE-2016-2377
|
8.1
|
TALOS-2016-0120
|
Pidgin MXIT get_utf8_string Code Execution Vulnerability
|
2016-06-21
|
CVE-2016-2378
|
8.1
|
TALOS-2016-0142
|
Pidgin MXIT MultiMX Message Code Execution Vulnerability
|
2016-06-21
|
CVE-2016-2374
|
8.1
|
TALOS-2016-0118
|
Pidgin MXIT read stage 0x3 Code Execution Vulnerability
|
2016-06-21
|
CVE-2016-2376
|
8.1
|
TALOS-2016-0139
|
Pidgin MXIT Extended Profiles Code Execution Vulnerability
|
2016-06-21
|
CVE-2016-2371
|
8.1
|
TALOS-2016-0138
|
Pidgin MXIT Custom Resource Denial of Service Vulnerability
|
2016-06-21
|
CVE-2016-2370
|
5.9
|
TALOS-2016-0137
|
Pidgin MXIT CP_SOCK_REC_TERM Denial of Service Vulnerability
|
2016-06-21
|
CVE-2016-2369
|
5.9
|
TALOS-2016-0135
|
Pidgin MXIT Avatar Length Memory Disclosure Vulnerability
|
2016-06-21
|
CVE-2016-2367
|
5.9
|
TALOS-2016-0134
|
Pidgin MXIT Table Command Denial of Service Vulnerability
|
2016-06-21
|
CVE-2016-2366
|
5.9
|
TALOS-2016-0133
|
Pidgin MXIT Markup Command Denial of Service Vulnerability
|
2016-06-21
|
CVE-2016-2365
|
5.9
|
TALOS-2016-0136
|
Pidgin MXIT g_snprintf Multiple Buffer Overflow Vulnerabilities
|
2016-06-21
|
CVE-2016-2368
|
7.5
|
TALOS-2016-0128
|
Pidgin MXIT Splash Image Arbitrary File Overwrite Vulnerability
|
2016-06-21
|
CVE-2016-4323
|
4.8
|
TALOS-2016-0154
|
Libarchive Rar RestartModel Code Execution Vulnerability
|
2016-06-19
|
CVE-2016-4302
|
7.8
|
TALOS-2016-0153
|
Libarchive mtree parse_device Code Execution Vulnerability
|
2016-06-19
|
CVE-2016-4301
|
7.8
|
TALOS-2016-0152
|
Libarchive 7zip read_SubStreamsInfo Code Execution Vulnerability
|
2016-06-19
|
CVE-2016-4300
|
7.8
|
TALOS-2016-0031
|
Ruby TclTkIp ip_cancel_eval Type Confusion Vulnerabilities
|
2016-06-14
|
CVE-2016-2337
|
--
|
TALOS-2016-0032
|
Ruby Psych::Emitter start_document Heap Overflow Vulnerability
|
2016-06-14
|
CVE-2016-2338
|
--
|
TALOS-2016-0165
|
Adobe Flash Player Infinite Recursion Arbitrary Read Access Violation
|
2016-06-14
|
CVE-2016-4132
|
5.3
|
TALOS-2016-0033
|
Ruby pack_pack Use After Free Vulnerability
|
2016-06-14
|
CVE-2016-2338
|
--
|
TALOS-2016-0034
|
Ruby Fiddle::Function.new Heap Overflow Vulnerability
|
2016-06-14
|
CVE-2016-2339
|
--
|
TALOS-2016-0029
|
Ruby WIN32OLE ole_invoke and ole_query_interface Type Confusion Vulnerabilities
|
2016-06-14
|
CVE-2016-2336
|
--
|
TALOS-2016-0089
|
IBM Domino KeyView PDF Filter Encrypted Stream Code Execution Vulnerability
|
2016-06-08
|
CVE-2016-0277
|
8.8
|
TALOS-2016-0164
|
ESnet iPerf3 JSON parse_string UTF Code Execution Vulnerability
|
2016-06-08
|
CVE-2016-4303
|
9.8
|
TALOS-2016-0174
|
Google Chrome PDFium jpeg2000 SIZ Code Execution Vulnerability
|
2016-06-08
|
CVE-2016-1681
|
6.3
|
TALOS-2016-0091
|
IBM Domino KeyView PDF Filter BaseFont Code Execution Vulnerability
|
2016-06-08
|
CVE-2016-0279
|
8.8
|
TALOS-2016-0090
|
IBM Domino KeyView PDF Filter Stream Length Code Execution Vulnerability
|
2016-06-08
|
CVE-2016-0278
|
8.8
|
TALOS-2016-0092
|
IBM Domino KeyView PDF Filter Trailer ID Code Execution Vulnerability
|
2016-06-08
|
CVE-2016-0301
|
8.8
|
TALOS-2016-0093
|
7zip HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability
|
2016-05-10
|
CVE-2016-2334
|
8.8
|
TALOS-2016-0094
|
7zip UDF CInArchive::ReadFileItem Code Execution Vulnerability
|
2016-05-10
|
CVE-2016-2335
|
8.8
|
TALOS-2016-0155
|
Libarchive zip zip_read_mac_metadata Code Execution Vulnerability
|
2016-05-01
|
CVE-2016-1541
|
7.8
|
TALOS-2016-0132
|
Network Time Protocol ntpd Reference Clock Impersonation Vulnerability
|
2016-04-26
|
CVE-2016-1551
|
3.7
|
TALOS-2016-0083
|
Network Time Protocol Ephemeral Association Time Spoofing Vulnerability
|
2016-04-26
|
CVE-2016-1549
|
5.3
|
TALOS-2016-0081
|
Network Time Protocol Crypto-NAK Preemptible Association Denial of Service Vulnerability
|
2016-04-26
|
CVE-2016-1547
|
3.7
|
TALOS-2016-0082
|
Network Time Protocol Forced Interleaved Time Spoofing Vulnerability
|
2016-04-26
|
CVE-2016-1548
|
7.2
|
TALOS-2016-0084
|
Network Time Protocol libntp Message Digest Disclosure Vulnerability
|
2016-04-26
|
CVE-2016-1550
|
4.8
|
TALOS-2016-0086
|
Oracle IOT IX SDK libvs_pdf XRef Index Code Execution Vulnerability
|
2016-04-19
|
CVE-2016-3455
|
7.5
|
TALOS-2016-0095
|
Lhasa lha decode_level3_header Heap Corruption Vulnerability
|
2016-03-31
|
CVE-2016-2347
|
--
|
TALOS-2016-0088
|
Apple OS X Gen6Accelerator IOGen575Shared::new_texture Local Privilege Escalation Vulnerability
|
2016-03-22
|
CVE-2016-1743
|
8.8
|
TALOS-2016-0026
|
Trane Comfortlink II DSS Service Request Handling Remote Code Execution Vulnerability
|
2016-02-08
|
CVE-2015-2868
|
--
|
TALOS-2016-0027
|
Trane Comfortlink II DSS Service REG Handling Remote Code Execution Vulnerability
|
2016-02-08
|
CVE-2015-2868
|
--
|
TALOS-2016-0028
|
Trane ComfortLink II SCC Service Hardcoded Credentials Vulnerability
|
2016-02-08
|
CVE-2015-2867
|
--
|
TALOS-2016-0061
|
Libgraphite LocaLookup Denial of Service Vulnerability
|
2016-02-05
|
CVE-2016-1521
|
--
|
TALOS-2016-0058
|
Libgraphite directrun Opcode Handling Code Execution Vulnerability
|
2016-02-05
|
CVE-2016-1521
|
--
|
TALOS-2016-0060
|
Libgraphite Bidirectional Font mFeatureMap Denial of Service Vulnerability
|
2016-02-05
|
CVE-2016-1522
|
--
|
TALOS-2016-0057
|
Libgraphite Bidirectional Font BracketPairStack Code Execution Vulnerability
|
2016-02-05
|
CVE-2016-1522
|
--
|
TALOS-2016-0059
|
Libgraphite Context Item Code Execution Vulnerability
|
2016-02-05
|
CVE-2016-1523
|
--
|
TALOS-2016-0037
|
Matroska Media Container libmatroska Multiple ElementList Double Free Vulnerabilities
|
2016-01-28
|
CVE-2016-1515
|
--
|
TALOS-2016-0036
|
Matroska libebml EbmlUnicodeString Heap Information Leak
|
2016-01-28
|
CVE-2015-8790
|
--
|
TALOS-2016-0071
|
Network Time Protocol Skeleton Key: Symmetric Authentication Impersonation Vulnerability
|
2016-01-19
|
CVE-2015-7974, CVE-2016-1567
|
--
|
TALOS-2016-0080
|
Network Time Protocol ntpq and ntpdc Infinite Loop Vulnerability
|
2016-01-19
|
CVE-2015-8158
|
--
|
TALOS-2016-0079
|
Network Time Protocol ntpq Control Protocol Replay Vulnerability
|
2016-01-19
|
CVE-2015-8140
|
--
|
TALOS-2016-0072
|
Network Time Protocol ntpq Buffer Overflow Vulnerability
|
2016-01-19
|
CVE-2015-7975
|
--
|
TALOS-2016-0078
|
Network Time Protocol ntpq and ntpdc Origin Timestamp Disclosure Vulnerability
|
2016-01-19
|
CVE-2015-8139
|
--
|
TALOS-2016-0074
|
Network Time Protocol Private Mode 'reslist' NULL Pointer Dereference Vulnerability
|
2016-01-19
|
CVE-2015-7977
|
--
|
TALOS-2016-0077
|
Network Time Protocol Origin Timestamp Check Impersonation Vulnerability
|
2016-01-19
|
CVE-2015-8138
|
--
|
TALOS-2016-0076
|
Network Time Protocol Authenticated Preemptable Modes Denial-of-Service Vulnerability
|
2016-01-19
|
CVE-2015-7979
|
--
|
TALOS-2016-0075
|
Network Time Protocol Private Mode 'reslist' Stack Memory Exhaustion Vulnerability
|
2016-01-19
|
CVE-2015-7978
|
--
|
TALOS-2016-0073
|
Network Time Protocol ntpq Special Character Filtering Vulnerability
|
2016-01-19
|
CVE-2015-7976
|
--
|
TALOS-2016-0070
|
Network Time Protocol Deja Vu: Broadcast Mode Replay Vulnerability
|
2016-01-19
|
CVE-2015-7973
|
--
|
TALOS-2016-0022
|
Apple Quicktime Invalid alis Atom Size Denial of Service Vulnerability
|
2016-01-08
|
CVE-2015-7117
|
--
|
TALOS-2016-0019
|
Apple Quicktime Invalid samr Atom Size Denial of Service Vulnerability
|
2016-01-08
|
CVE-2015-7087
|
--
|
TALOS-2016-0021
|
Apple Quicktime mdat Corruption Denial of Service Vulnerability
|
2016-01-08
|
CVE-2015-7089
|
--
|
TALOS-2016-0020
|
Apple Quicktime mdat Corruption Denial of Service Vulnerability
|
2016-01-08
|
CVE-2015-7088
|
--
|
TALOS-2016-0023
|
Apple Quicktime dref Atom Null Data Reference Entry Denial of Service Vulnerability
|
2016-01-08
|
CVE-2015-7090
|
--
|
TALOS-2016-0066
|
RTMPDump librtmp AMF3 MemberName Denial of Service Vulnerability
|
2016-01-07
|
CVE-2015-8270
|
--
|
TALOS-2016-0067
|
RTMPDump librtmp AMF3 Class Member Count Remote Code Execution Vulnerability
|
2016-01-07
|
CVE-2015-8271
|
--
|
TALOS-2016-0068
|
RTMPDump rtmpsrv PlayPath Null Pointer Dereference
|
2016-01-07
|
CVE-2015-8272
|
--
|
TALOS-2015-0129
|
Microsoft .NET Manifest Resource Information Disclosure Vulnerability
|
2015-12-08
|
CVE-2015-6114
|
--
|
TALOS-2015-0069
|
NAK to the Future: NTP Symmetric Association Authentication Bypass Vulnerability
|
2015-10-21
|
CVE-2015-7871
|
--
|
TALOS-2015-0055
|
Network Time Protocol Remote Configuration Denial of Service Vulnerability
|
2015-10-21
|
CVE-2015-7850
|
--
|
TALOS-2015-0065
|
Network Time Protocol Password Length Memory Corruption Vulnerability
|
2015-10-21
|
CVE-2015-7854
|
--
|
TALOS-2015-0063
|
Network Time Protocol ntpq atoascii Memory Corruption Vulnerability
|
2015-10-21
|
CVE-2015-7852
|
--
|
TALOS-2015-0052
|
Network Time Protocol ntpd multiple integer overflow read access violations
|
2015-10-21
|
CVE-2015-7848
|
--
|
TALOS-2015-0064
|
Network Time Protocol Reference Clock Memory Corruption Vulnerability
|
2015-10-21
|
CVE-2015-7853
|
--
|
TALOS-2015-0054
|
Network Time Protocol Trusted Keys Memory Corruption Vulnerability
|
2015-10-21
|
CVE-2015-7849
|
--
|
TALOS-2015-0062
|
Network Time Protocol ntpd saveconfig Directory Traversal Vulnerability
|
2015-10-21
|
CVE-2015-7851
|
--
|
TALOS-2015-0035
|
MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow
|
2015-09-15
|
CVE-2015-6031
|
--
|
TALOS-2015-0007
|
Microsoft Windows CDD Font Parsing Kernel Memory Corruption
|
2015-09-15
|
CVE-2015-2506
|
--
|
TALOS-2015-0012
|
Apple Quicktime Invalid URL Atom Size Denial of Service Vulnerability
|
2015-08-13
|
CVE-2015-3788
|
--
|
TALOS-2015-0017
|
Apple Quicktime mdat Corruption Denial of Service Vulnerability
|
2015-08-13
|
CVE-2015-3792
|
--
|
TALOS-2015-0015
|
Apple Quicktime esds Atom Descriptor Type Length Mismatch Denial of Service Vulnerability
|
2015-08-13
|
CVE-2015-3791
|
--
|
TALOS-2015-0013
|
Apple Quicktime Invalid 3GPP stsd Sample Description Entry Size Denial of Service Vulnerability
|
2015-08-13
|
CVE-2015-3789
|
--
|
TALOS-2015-0014
|
Apple Quicktime Invalid mvhd Atom Size Denial of Service Vulnerability
|
2015-08-13
|
CVE-2015-3790
|
--
|
TALOS-2015-0016
|
Apple Quicktime tkhd Atom Matrix Corruption Denial of Service Vulnerability
|
2015-07-20
|
CVE-2015-5786
|
--
|
TALOS-2015-0024
|
Total Commander FileInfo Plugin Multiple Denial of Service Vulnerabilities
|
2015-07-16
|
CVE-2015-2869
|
--
|
TALOS-2015-0018
|
Apple Quicktime Corrupt stbl Atom Remote Code Execution Vulnerability
|
2015-06-30
|
CVE-2015-3667
|
--
|
VRT-2014-0202
|
Pidgin libpurple STUN Response Length NULL Write Vulnerability
|
2015-05-11
|
--
|
--
|
VRT-2014-0201
|
Pidgin libpurple MSN Message Parsing NULL Dereference Denial of Service Vulnerability
|
2015-05-11
|
--
|
--
|
VRT-2014-0205
|
Pidgin Theme/Smiley Untar Arbitrary File Write Vulnerability
|
2014-11-06
|
CVE-2014-3697
|
--
|
VRT-2014-0203
|
Pidgin libpurple Mxit Emoticon ASN Length Denial of Service Vulnerability
|
2014-11-06
|
CVE-2014-3695
|
--
|
VRT-2014-0204
|
Pidgin libpurple Novell Protocol Multiple Denial of Service Vulnerabilities
|
2014-11-06
|
CVE-2014-3696
|
--
|
VRT-2014-0301
|
Microsoft Windows FastFAT NumberOfFATs Buffer Overflow Vulnerability
|
2014-03-07
|
CVE-2014-4115
|
--
|
VRT-2013-1004
|
Pidgin libpurple SIP/SIMPLE Content-Length Integer Overflow Vulnerability
|
2014-01-26
|
CVE-2013-6490
|
--
|
VRT-2013-1001
|
Pidgin libpurple Gadu Gadu HTTP Content-Length Integer Overflow Vulnerability
|
2014-01-26
|
CVE-2013-6487
|
--
|
VRT-2013-1003
|
Pidgin for Windows URL Handling Remote Code Execution Vulnerability
|
2014-01-26
|
CVE-2013-6486
|
--
|
VRT-2013-1002
|
Pidgin libpurple Mxit Emoticon Name Length Integer Overflow Vulnerability
|
2014-01-26
|
CVE-2013-6489
|
--
|