Vulnerability Reports

Current Report Totals for 2024

98

Open Reported Zero-DaysReported to the vendor but not yet publicly disclosed.

209

Publicly Disclosed Vulnerabilities

Report ID Title Report Date CVE Number CVSS Score
TALOS-2024-2094 Foxit Reader 3D Page Object Use-After-Free Vulnerability 2024-12-18 CVE-2024-47810 8.8
TALOS-2024-2093 Foxit Reader Checkbox Calculate CBF_Widget Use-After-Free Vulnerability 2024-12-18 CVE-2024-49576 8.8
TALOS-2024-2064 Adobe Acrobat Reader Font gvar per-tuple-variation-table Out-Of-Bounds Read Vulnerability 2024-12-11 CVE-2024-49532 6.5
TALOS-2024-2070 Adobe Acrobat Reader Font Private Point Numbers Out-Of-Bounds Read Vulnerability 2024-12-11 CVE-2024-49533 6.5
TALOS-2024-2076 Adobe Acrobat Reader Font Program Function Definition Out-Of-Bounds Read Vulnerability 2024-12-11 CVE-2024-49534 6.5
TALOS-2024-1954 MC Technologies MC LR Router web interface configuration upload OS command injection vulnerability 2024-11-21 CVE-2024-21786 7.2
TALOS-2024-1953 MC Technologies MC LR Router web interface I/O configuration OS command injection vulnerabilities 2024-11-21 CVE-2024-28027,CVE-2024-28025,CVE-2024-28026 7.2
TALOS-2024-1962 GoCast HTTP API lack of authentication vulnerability 2024-11-21 CVE-2024-21855 9.8
TALOS-2024-1961 GoCast NAT parameter OS command injection vulnerability 2024-11-21 CVE-2024-29224 9.8
TALOS-2024-1960 GoCast name parameter OS command injection vulnerability 2024-11-21 CVE-2024-28892 9.8
TALOS-2024-1982 LevelOne WBR-6012 Web Application improper resource allocation vulnerability 2024-10-30 CVE-2024-31152 5.3
TALOS-2024-2001 LevelOne WBR-6012 Web Application denial of service vulnerability 2024-10-30 CVE-2024-33623 3.7
TALOS-2024-1997 LevelOne WBR-6012 Web Application buffer overflow vulnerability 2024-10-30 CVE-2024-28052 5.3
TALOS-2024-1979 LevelOne WBR-6012 hard-coded password vulnerability 2024-10-30 CVE-2024-28875,CVE-2024-31151 8.1
TALOS-2024-1981 LevelOne WBR-6012 Web Application cross-site request forgery (CSRF) vulnerability 2024-10-30 CVE-2024-24777 8.8
TALOS-2024-1983 LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability 2024-10-30 CVE-2024-32946 5.9
TALOS-2024-1984 LevelOne WBR-6012 Web Application weak authentication vulnerability 2024-10-30 CVE-2024-33699 9.9
TALOS-2024-1986 LevelOne WBR-6012 Web Application information disclosure vulnerability 2024-10-30 CVE-2024-33626 5.3
TALOS-2024-1996 LevelOne WBR-6012 Web Application authentication bypass vulnerability 2024-10-30 CVE-2024-23309 9.0
TALOS-2024-1998 LevelOne WBR-6012 FTP improper input validation vulnerability 2024-10-30 CVE-2024-33700 7.5
TALOS-2024-1985 LevelOne WBR-6012 Web Application information disclosure vulnerability 2024-10-30 CVE-2024-33603 5.3
TALOS-2024-2014 NVIDIA D3D10 Driver Shader Functionality STORE_STRUCTURED instruction out-of-bounds read vulnerability 2024-10-23 CVE-2024-0120 7.8
TALOS-2024-1955 NVIDIA D3D10 Driver Shader Functionality SAMPLE out-of-bounds read vulnerability 2024-10-23 CVE-2024-0121 7.8
TALOS-2024-2013 NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration 2024-10-23 CVE-2024-0118 7.8
TALOS-2024-2012 NVIDIA D3D10 Driver Shader Functionality LD instruction out-of-bounds read vulnerability 2024-10-23 CVE-2024-0117 7.8
TALOS-2024-2015 NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability 2024-10-23 CVE-2024-0119 7.8
TALOS-2024-2060 Veertu Anka Build node agent update privilege escalation vulnerability 2024-10-03 CVE-2024-39755 7.8
TALOS-2024-2061 Veertu Anka Build registry log files directory traversal vulnerability 2024-10-03 CVE-2024-41922 7.5
TALOS-2024-2069 GNOME Project G Structured File Library (libgsf) Compound Document Binary File Sector Allocation Table integer overflow vulnerability 2024-10-03 CVE-2024-42415 8.4
TALOS-2024-2068 GNOME Project G Structured File Library (libgsf) Compound Document Binary File Directory integer overflow vulnerability 2024-10-03 CVE-2024-36474 8.4
TALOS-2024-2059 Veertu Anka Build registry archive files directory traversal vulnerability 2024-10-03 CVE-2024-41163 7.5
TALOS-2024-1967 Foxit Reader checkbox Calculate use-after-free vulnerability 2024-10-02 CVE-2024-28888 8.8
TALOS-2024-2062 Microsoft Pragmatic General Multicast Server PgmCloseConnection stale memory dereference 2024-09-25 CVE-2024-38140 9.8
TALOS-2024-2005 OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability 2024-09-18 CVE-2024-34026 9.0
TALOS-2024-2016 OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser invalid pointer dereference vulnerabilities 2024-09-18 CVE-2024-39590,CVE-2024-39589 7.5
TALOS-2024-2004 OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP PCCC out-of-bounds read vulnerability 2024-09-18 CVE-2024-36981,CVE-2024-36980 7.5
TALOS-2024-2008 Microsoft High Definition Audio Bus Driver HDAudBus_DMA multiple irp complete requests vulnerability 2024-09-12 CVE-2024-45383 5.0
TALOS-2024-1980 Microsoft Windows 10 AllJoyn Router Service information disclosure vulnerability 2024-09-11 CVE-2024-38257 5.3
TALOS-2024-2011 Adobe Acrobat Reader Annotation Object Page Race Condition Vulnerability 2024-09-10 CVE-2024-39420 8.8
TALOS-2024-1990 Microsoft Teams (work or school) for macOS WebView.app helper app library injection vulnerability 2024-08-19 CVE-2024-41145 7.1
TALOS-2024-1991 Microsoft Teams (work or school) for macOS com.microsoft.teams2.modulehost.app helper app library injection vulnerability 2024-08-19 CVE-2024-41138 7.1
TALOS-2024-1975 Microsoft OneNote for macOS library injection vulnerability 2024-08-19 CVE-2024-41159 7.1
TALOS-2024-1976 Microsoft Excel for macOS library injection vulnerability 2024-08-19 CVE-2024-43106 7.1
TALOS-2024-1974 Microsoft PowerPoint for macOS library injection vulnerability 2024-08-19 CVE-2024-39804 7.1
TALOS-2024-1973 Microsoft Teams (work or school) for macOS library injection vulnerability 2024-08-19 CVE-2024-42004 7.1
TALOS-2024-1972 Microsoft Outlook for macOS library injection vulnerability 2024-08-19 CVE-2024-42220 7.1
TALOS-2024-1977 Microsoft Word for macOS library injection vulnerability 2024-08-19 CVE-2024-41165 7.1
TALOS-2024-1964 Microsoft CLIPSP.SYS License update signature check bypass vulnerability 2024-08-13 CVE-2024-38184 6.2
TALOS-2024-1988 Microsoft CLIPSP.SYS License Update out-of-bounds read vulnerability 2024-08-13 None 7.4
TALOS-2024-1971 Microsoft Windows CLIPSP.SYS License Update Field Type 0xCC out-of-bounds read vulnerability 2024-08-13 None 6.8
TALOS-2024-1966 Microsoft CLIPSP.SYS License update privilege escalation vulnerability 2024-08-13 CVE-2024-38186 7.4
TALOS-2024-1965 Microsoft CLIPSP.SYS License update out-of-bounds read vulnerability 2024-08-13 CVE-2024-38185 8.4
TALOS-2024-1969 Microsoft Windows CLIPSP.SYS License Update Field Type 0x20 out-of-bounds read vulnerability 2024-08-13 CVE-2024-38187 6.8
TALOS-2024-2003 Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability 2024-08-13 CVE-2024-41835 6.5
TALOS-2024-2002 Adobe Acrobat Reader Font gvar TupleVariation Data Out-Of-Bounds Read Vulnerability 2024-08-13 CVE-2024-41832 6.5
TALOS-2024-1968 Microsoft Windows CLIPSP.SYS License Update Field Type 0xC9 out-of-bounds read vulnerability 2024-08-13 None,CVE-2024-38062 6.8
TALOS-2024-1970 Microsoft Windows CLIPSP.SYS License Update Field Type 0xD3 out-of-bounds read vulnerability 2024-08-13 None 6.8
TALOS-2024-2009 Adobe Acrobat Reader AV3DVirtAnnot Object Format Event Use-After-Free Vulnerability 2024-08-13 CVE-2024-41830 8.8
TALOS-2024-1956 NVIDIA GPU Compiler Driver Shader Functionality out-of-bounds read vulnerability 2024-07-23 CVE-2024-0107 7.8
TALOS-2024-1995 Ankitects Anki Flask Invalid Path Reflected Cross-Site Scripting (XSS) vulnerability 2024-07-22 CVE-2024-32484 7.4
TALOS-2024-1993 Ankitects Anki MPV script injection vulnerability 2024-07-22 CVE-2024-26020 9.6
TALOS-2024-1994 Ankitects Anki LaTeX Blocklist Bypass vulnerability 2024-07-22 CVE-2024-32152 3.1
TALOS-2024-1992 Ankitects Anki Latex Incomplete Blocklist Vulnerability 2024-07-22 CVE-2024-29073 5.3
TALOS-2023-1877 Realtek rtl819x Jungle SDK boa updateConfigIntoFlash integer overflow vulnerability 2024-07-08 CVE-2023-45742 7.2
TALOS-2023-1875 Realtek rtl819x Jungle SDK boa formFilter stack-based buffer overflow vulnerability 2024-07-08 CVE-2023-49073 7.2
TALOS-2023-1873 LevelOne WBR-6013 boa formSysCmd leftover debug code vulnerability 2024-07-08 CVE-2023-49593 7.2
TALOS-2023-1871 LevelOne WBR-6013 telnetd hard-coded password vulnerability 2024-07-08 CVE-2023-46685 9.8
TALOS-2023-1899 Realtek rtl819x Jungle SDK boa formWsc OS command injection vulnerabilities 2024-07-08 CVE-2023-50381,CVE-2023-50383,CVE-2023-50382 7.2
TALOS-2023-1878 Realtek rtl819x Jungle SDK boa rollback_control_code stack-based buffer overflow vulnerability 2024-07-08 CVE-2023-49595 7.2
TALOS-2023-1876 Realtek rtl819x Jungle SDK boa formDnsv6 stack-based buffer overflow vulnerability 2024-07-08 CVE-2023-48270 7.2
TALOS-2023-1904 Realtek rtl819x Jungle SDK boa formWsc stack-based buffer overflow vulnerability 2024-07-08 CVE-2023-49867 7.2
TALOS-2024-1911 Realtek rtl819x Jungle SDK configuration file mib_init_value_array heap-based buffer overflow vulnerability 2024-07-08 CVE-2024-21778 7.2
TALOS-2023-1893 Realtek rtl819x Jungle SDK boa set_RadvdInterfaceParam stack-based buffer overflow vulnerabilities 2024-07-08 CVE-2023-50239,CVE-2023-50240 7.2
TALOS-2023-1872 Realtek rtl819x Jungle SDK boa CSRF protection cross-site request forgery (CSRF) vulnerability 2024-07-08 CVE-2023-47677 8.8
TALOS-2023-1903 Realtek rtl819x Jungle SDK boa getInfo stack-based buffer overflow vulnerability 2024-07-08 CVE-2023-50330 7.2
TALOS-2023-1895 Realtek rtl819x Jungle SDK boa formIpQoS stack-based buffer overflow vulnerabilities 2024-07-08 CVE-2023-50243,CVE-2023-50244 7.2
TALOS-2023-1894 Realtek rtl819x Jungle SDK boa formRoute stack-based buffer overflow vulnerability 2024-07-08 CVE-2023-41251 7.2
TALOS-2023-1892 Realtek rtl819x Jungle SDK boa set_RadvdPrefixParam stack-based buffer overflow vulnerability 2024-07-08 CVE-2023-47856 7.2
TALOS-2023-1891 Realtek rtl819x Jungle SDK boa setRepeaterSsid stack-based buffer overflow vulnerability 2024-07-08 CVE-2023-45215 7.2
TALOS-2023-1874 Realtek rtl819x Jungle SDK boa formUpload firmware update vulnerability 2024-07-08 CVE-2023-34435 7.2
TALOS-2024-1978 Grandstream GXP2135 CWMP SelfDefinedTimeZone OS command injection vulnerability 2024-07-03 CVE-2024-32937 8.1
TALOS-2024-1934 Progress Software Corporation WhatsUp Gold TestController Chart denial of service vulnerability 2024-06-26 CVE-2024-5011 7.5
TALOS-2024-1933 Progress Software Corporation WhatsUp Gold TestController multiple information disclosure vulnerabilities 2024-06-26 CVE-2024-5010 7.5
TALOS-2024-1932 Progress Software Corporation WhatsUp Gold AppProfileImport path traversal vulnerability 2024-06-26 CVE-2024-5017 6.5
TALOS-2024-1947 Tp-Link ER7206 Omada Gigabit VPN Router cli_server debug leftover debug code vulnerability 2024-06-25 CVE-2024-21827 7.2
TALOS-2024-1942 AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability 2024-05-28 CVE-2024-21785 9.8
TALOS-2024-1938 AutomationDirect P3-550E Programming Software Connection FileSystem API out-of-bounds write vulnerabilities 2024-05-28 CVE-2024-24956,CVE-2024-24957,CVE-2024-24959,CVE-2024-24958,CVE-2024-24955,CVE-2024-24954 8.2
TALOS-2024-1929 libigl readOFF stack-based buffer overflow vulnerability 2024-05-28 CVE-2024-24686,CVE-2024-24685,CVE-2024-24684 7.8
TALOS-2023-1784 libigl readOFF stack-based buffer overflow vulnerabilities 2024-05-28 CVE-2023-35950,CVE-2023-35953,CVE-2023-35952,CVE-2023-35951,CVE-2023-35949 7.8
TALOS-2024-1928 libigl readMSH out-of-bounds read vulnerability 2024-05-28 CVE-2024-24583,CVE-2024-24584 4.3
TALOS-2024-1926 libigl readMSH improper array index validation vulnerability 2024-05-28 CVE-2024-23948,CVE-2024-23951,CVE-2024-23947,CVE-2024-23950,CVE-2024-23949 8.8
TALOS-2024-1936 AutomationDirect P3-550E Programming Software Connection FiBurn heap-based buffer overflow vulnerability 2024-05-28 CVE-2024-24851 7.5
TALOS-2024-1937 AutomationDirect P3-550E Programming Software Connection CurrDir heap-based buffer overflow vulnerability 2024-05-28 CVE-2024-24947,CVE-2024-24946 8.2
TALOS-2024-1939 AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability 2024-05-28 CVE-2024-24963,CVE-2024-24962 9.8
TALOS-2024-1940 AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability 2024-05-28 CVE-2024-22187 9.1
TALOS-2024-1943 AutomationDirect P3-550E Programming Software Connection scan_lib.bin library code injection vulnerability 2024-05-28 CVE-2024-23601 9.8
TALOS-2024-1930 libigl readNODE out-of-bounds write vulnerability 2024-05-28 CVE-2024-22181 7.8
TALOS-2024-1989 Foxit Reader Updater improper certificate validation privilege escalation vulnerability 2024-05-28 CVE-2024-29072 8.2
TALOS-2023-1879 libigl PlyFile ply_cast_ascii out-of-bounds write vulnerability 2024-05-28 CVE-2023-49600 8.1
TALOS-2024-1941 AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Read-What-Where vulnerability 2024-05-28 CVE-2024-23315 7.5
TALOS-2024-1946 Adobe Acrobat Reader Font gvar GlyphVariationData out-of-bounds read vulnerability 2024-05-15 CVE-2024-30311 6.5
TALOS-2024-1952 Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability 2024-05-15 CVE-2024-30312 6.5
TALOS-2023-1889 Tinyproxy HTTP Connection Headers use-after-free vulnerability 2024-05-01 CVE-2023-49606 9.8
TALOS-2023-1852 Milesight UR32L luci2-io file-import firmware update vulnerability 2024-05-01 CVE-2023-47166 8.8
TALOS-2023-1846 stb stb_vorbis.c comment heap-based buffer overflow vulnerability 2024-05-01 CVE-2023-47212 9.8
TALOS-2024-1959 Foxit Reader ComboBox widget Format event use-after-free vulnerability 2024-04-30 CVE-2024-25648 8.8
TALOS-2024-1958 Foxit Reader Barcode widget Calculate event use-after-free vulnerability 2024-04-30 CVE-2024-25938 8.8
TALOS-2024-1963 Foxit Reader Lock object fields property type confusion vulnerability 2024-04-30 CVE-2024-25575 8.8
TALOS-2024-1924 Grassroot DICOM LookupTable::SetLUT out-of-bounds write vulnerability 2024-04-25 CVE-2024-22391 7.7
TALOS-2024-1944 Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability 2024-04-25 CVE-2024-25569 6.5
TALOS-2024-1935 Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability 2024-04-25 CVE-2024-22373 8.1
TALOS-2024-1957 OFFIS DCMTK DVPSSoftcopyVOI_PList::createFromImage incorrect type conversion vulnerability 2024-04-23 CVE-2024-28130 7.5
TALOS-2024-1945 Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability 2024-04-18 CVE-2023-51391 7.5
TALOS-2023-1863 Peplink Smart Reader web interface /cgi-bin/debug_dump.cgi information disclosure vulnerability 2024-04-17 CVE-2023-43491 5.3
TALOS-2023-1867 Peplink Smart Reader web interface mac2name OS command injection vulnerability 2024-04-17 CVE-2023-39367 9.1
TALOS-2023-1866 Peplink Smart Reader web interface /cgi-bin/upload_config.cgi data integrity vulnerability 2024-04-17 CVE-2023-45744 8.3
TALOS-2023-1868 Peplink Smart Reader /bin/login privilege escalation vulnerability 2024-04-17 CVE-2023-40146 6.8
TALOS-2023-1865 Peplink Smart Reader web interface /cgi-bin/download_config.cgi information disclosure vulnerability 2024-04-17 CVE-2023-45209 5.3
TALOS-2023-1847 AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality arbitrary write vulnerability 2024-04-10 CVE-2024-21979 5.3
TALOS-2023-1848 AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality arbitrary write vulnerability 2024-04-10 CVE-2024-21972 5.3
TALOS-2023-1864 Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) web interface memory corruption vulnerability 2024-04-09 CVE-2023-48724 7.5
TALOS-2023-1862 tddpd enable_test_mode command execution vulnerability 2024-04-09 CVE-2023-49133,CVE-2023-49134 8.1
TALOS-2023-1861 Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) TDDP denial of service vulnerability 2024-04-09 CVE-2023-49074 7.4
TALOS-2023-1888 Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) web interface Radio Scheduling stack-based buffer overflow vulnerability 2024-04-09 CVE-2023-49907,CVE-2023-49910,CVE-2023-49911,CVE-2023-49908,CVE-2023-49912,CVE-2023-49909,CVE-2023-49906,CVE-2023-49913 7.2
TALOS-2024-1949 Open Automation Software OAS Platform OAS Engine User Configuration improper input validation vulnerability 2024-04-03 CVE-2024-27201 4.9
TALOS-2024-1948 Open Automation Software OAS Platform OAS Engine File Data Source Configuration denial of service vulnerability 2024-04-03 CVE-2024-24976 4.9
TALOS-2024-1950 Open Automation Software OAS Platform OAS Engine Tags Configuration file write vulnerability 2024-04-03 CVE-2024-21870 4.9
TALOS-2024-1951 Open Automation Software OAS Platform OAS Engine Save Security Configuration file write vulnerability 2024-04-03 CVE-2024-22178 4.9
TALOS-2023-1887 Netgear RAX30 JSON Parsing getblockschedule() stack-based buffer overflow vulnerability 2024-03-07 CVE-2023-48725 7.2
TALOS-2023-1849 NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability 2024-02-29 CVE-2024-0071 7.8
TALOS-2023-1870 Google Chrome Video Encoder Metrics denial of service vulnerability 2024-02-28 None 4.6
TALOS-2024-1915 llama.cpp GGUF library header.n_tensors heap-based buffer overflow vulnerability 2024-02-26 CVE-2024-21836 8.8
TALOS-2024-1913 llama.cpp GGUF library gguf_fread_str heap-based buffer overflow vulnerability 2024-02-26 CVE-2024-23496 8.8
TALOS-2024-1916 llama.cpp GGUF library header.n_kv heap-based buffer overflow vulnerability 2024-02-26 CVE-2024-23605 8.8
TALOS-2024-1914 llama.cpp GGUF library info->ne heap-based buffer overflow vulnerability 2024-02-26 CVE-2024-21802 8.8
TALOS-2024-1912 llama.cpp GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing heap-based buffer overflow vulnerability 2024-02-26 CVE-2024-21825 8.8
TALOS-2024-1923 The Biosig Project libbiosig sopen_FAMOS_read use-after-free vulnerability 2024-02-20 CVE-2024-23310 9.8
TALOS-2024-1925 The Biosig Project libbiosig sopen_FAMOS_read NULL calloc out-of-bounds write vulnerability 2024-02-20 CVE-2024-23606 9.8
TALOS-2023-1828 Weston Embedded uC-TCP-IP ICMP/ICMPv6 parsing denial of service vulnerabilities 2024-02-20 CVE-2023-39540,CVE-2023-39541 5.9
TALOS-2024-1917 The Biosig Project libbiosig BrainVision Header Parsing double-free vulnerability 2024-02-20 CVE-2024-22097 9.8
TALOS-2024-1931 Imaging Data Commons libdicom DICOM File Meta Information Parsing Use-After-Free vulnerabilities 2024-02-20 CVE-2024-24793,CVE-2024-24794 8.1
TALOS-2024-1918 The Biosig Project libbiosig BrainVisionMarker Parsing Out-of-bounds Write vulnerability 2024-02-20 CVE-2024-23305 9.8
TALOS-2024-1919 The Biosig Project libbiosig BrainVision ASCII Header Parsing double-free vulnerability 2024-02-20 CVE-2024-23809 9.8
TALOS-2024-1920 The Biosig Project libbiosig .egi parsing heap-based buffer overflow vulnerability 2024-02-20 CVE-2024-21795 9.8
TALOS-2024-1921 The Biosig Project libbiosig sopen_FAMOS_read integer overflow to out-of-bounds write vulnerability 2024-02-20 CVE-2024-21812 9.8
TALOS-2024-1922 The Biosig Project libbiosig sopen_FAMOS_read integer underflow to out-of-bounds write vulnerability 2024-02-20 CVE-2024-23313 9.8
TALOS-2023-1829 Weston Embedded uC-TCP-IP IP header loopback parsing double-free vulnerability 2024-02-20 CVE-2023-38562 8.7
TALOS-2023-1843 Weston Embedded uC-HTTP HTTP Server heap-based buffer overflow vulnerability 2024-02-20 CVE-2023-45318 10.0
TALOS-2023-1890 Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability 2024-02-15 CVE-2024-20729 8.8
TALOS-2023-1901 Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability 2024-02-15 CVE-2024-20731 8.8
TALOS-2023-1905 Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability 2024-02-15 CVE-2024-20735 6.5
TALOS-2023-1906 Adobe Acrobat Reader Font CPAL integer overflow vulnerability 2024-02-15 CVE-2024-20730 8.8
TALOS-2023-1909 Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability 2024-02-15 CVE-2024-20748 6.5
TALOS-2023-1910 Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability 2024-02-15 CVE-2024-20749 6.5
TALOS-2023-1908 Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability 2024-02-15 CVE-2024-20747 6.5
TALOS-2023-1855 TP-Link ER7206 Omada Gigabit VPN Router uhttpd GRE command injection vulnerability 2024-02-06 CVE-2023-47167 7.2
TALOS-2023-1859 TP-Link ER7206 Omada Gigabit VPN Router uhttpd web filtering Command injection Vulnerability 2024-02-06 CVE-2023-47618 7.2
TALOS-2023-1854 TP-Link ER7206 Omada Gigabit VPN Router uhttpd ipsec command injection vulnerability 2024-02-06 CVE-2023-47209 7.2
TALOS-2023-1856 TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP global config Command injection Vulnerability 2024-02-06 CVE-2023-42664 7.2
TALOS-2023-1858 TP-Link ER7206 Omada Gigabit VPN Router uhttpd web group command injection vulnerability 2024-02-06 CVE-2023-47617 7.2
TALOS-2023-1857 TP-Link ER7206 Omada Gigabit VPN Router uhttpd Wireguard VPN command injection vulnerability 2024-02-06 CVE-2023-46683 7.2
TALOS-2023-1850 TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability 2024-02-06 CVE-2023-43482 7.2
TALOS-2023-1853 TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP client Command injection Vulnerability 2024-02-06 CVE-2023-36498 7.2
TALOS-2023-1898 WWBN AVideo checkLoginAttempts login attempt restriction bypass vulnerability 2024-01-10 CVE-2023-49810 7.3
TALOS-2023-1897 WWBN AVideo userRecoverPass.php captcha validation recovery notification bypass vulnerability 2024-01-10 CVE-2023-50172 5.3
TALOS-2023-1900 WWBN AVideo salt generation insufficient entropy vulnerability 2024-01-10 CVE-2023-49599 9.8
TALOS-2023-1885 WWBN AVideo import.json.php temporary copy unrestricted php file upload vulnerability 2024-01-10 CVE-2023-49715 4.3
TALOS-2023-1884 WWBN AVideo channelBody.php user name cross-site scripting (XSS) vulnerability 2024-01-10 CVE-2023-47861 9.0
TALOS-2023-1886 WWBN AVideo getLanguageFromBrowser local file inclusion vulnerability 2024-01-10 CVE-2023-47862 9.8
TALOS-2023-1880 WWBN AVideo aVideoEncoderReceiveImage.json.php image upload information disclosure vulnerability 2024-01-10 CVE-2023-49864,CVE-2023-49863,CVE-2023-49862 6.5
TALOS-2023-1881 WWBN AVideo image404Raw.php information disclosure vulnerability 2024-01-10 CVE-2023-49738 7.5
TALOS-2023-1896 WWBN AVideo userRecoverPass.php recoverPass generation insufficient entropy vulnerability 2024-01-10 CVE-2023-49589 8.8
TALOS-2023-1883 WWBN AVideo functiongetOpenGraph videoName cross-site scripting (XSS) vulnerability 2024-01-10 CVE-2023-48728 9.6
TALOS-2023-1869 WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability 2024-01-10 CVE-2023-47171 6.5
TALOS-2023-1882 WWBN AVideo navbarMenuAndLogo.php user name cross-site scripting (XSS) vulnerability 2024-01-10 CVE-2023-48730 8.5
TALOS-2023-1797 GTKWave FST fstReaderIterBlocks2 temp_signal_value_buf allocation integer overflow vulnerability 2024-01-08 CVE-2023-36864 7.8
TALOS-2023-1818 GTKWave LXT2 facgeometry parsing integer overflow vulnerabilities 2024-01-08 CVE-2023-39273,CVE-2023-39271,CVE-2023-39274,CVE-2023-39275,CVE-2023-39272,CVE-2023-39270 7.8
TALOS-2023-1812 GTKWave VZT facgeometry parsing integer overflow vulnerabilities 2024-01-08 CVE-2023-38618,CVE-2023-38621,CVE-2023-38620,CVE-2023-38619,CVE-2023-38623,CVE-2023-38622 7.8
TALOS-2023-1810 GTKWave VZT LZMA_Read dmem extraction out-of-bounds write vulnerability 2024-01-08 CVE-2023-37282 7.8
TALOS-2023-1813 GTKWave VZT vzt_rd_get_facname decompression out-of-bounds write vulnerabilities 2024-01-08 CVE-2023-38649,CVE-2023-38648 7.8
TALOS-2023-1820 GTKWave LXT2 num_dict_entries integer overflow vulnerabilities 2024-01-08 CVE-2023-39316,CVE-2023-39317 7.8
TALOS-2023-1821 GTKWave LXT2 lxt2_rd_trace value elements allocation integer overflow vulnerability 2024-01-08 CVE-2023-35057 7.8
TALOS-2023-1823 GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability 2024-01-08 CVE-2023-38657 7.8
TALOS-2023-1851 ManageEngine OpManager uploadMib directory traversal vulnerability 2024-01-08 CVE-2023-47211 9.1
TALOS-2023-1827 GTKWave LXT2 lxt2_rd_expand_integer_to_bits stack-based buffer overflow vulnerability 2024-01-08 CVE-2023-38583 7.8
TALOS-2023-1815 GTKWave VZT vzt_rd_block_vch_decode dict parsing integer overflow vulnerabilities 2024-01-08 CVE-2023-38653,CVE-2023-38652 7.0
TALOS-2023-1785 GTKWave FST fstReaderIterBlocks2 VCDATA parsing heap-based buffer overflow vulnerabilities 2024-01-08 CVE-2023-35956,CVE-2023-35957,CVE-2023-35958,CVE-2023-35955 7.8
TALOS-2023-1816 GTKWave VZT longest_len value allocation integer overflow vulnerability 2024-01-08 CVE-2023-35004 7.8
TALOS-2023-1826 GTKWave LXT2 lxt2_rd_get_facname decompression out-of-bounds write vulnerabilities 2024-01-08 CVE-2023-39443,CVE-2023-39444 7.8
TALOS-2023-1783 GTKWave FST LEB128 varint stack-based buffer overflow vulnerabilities 2024-01-08 CVE-2023-35704,CVE-2023-35703,CVE-2023-35702 7.8
TALOS-2023-1777 GTKWave FST FST_BL_GEOM parsing maxhandle integer overflow vulnerability 2024-01-08 CVE-2023-32650 7.0
TALOS-2023-1793 GTKWave FST fstReaderIterBlocks2 fstWritex len heap-based buffer overflow vulnerabilities 2024-01-08 CVE-2023-36747,CVE-2023-36746 7.0
TALOS-2023-1798 GTKWave FST fstReaderIterBlocks2 chain_table allocation integer overflow vulnerabilities 2024-01-08 CVE-2023-36915,CVE-2023-36916 7.8
TALOS-2023-1805 GTKWave VCD var definition section out-of-bounds read vulnerabilities 2024-01-08 CVE-2023-37447,CVE-2023-37446,CVE-2023-37445,CVE-2023-37444,CVE-2023-37442,CVE-2023-37443 7.8
TALOS-2023-1786 GTKWave decompression OS command injection vulnerabilities 2024-01-08 CVE-2023-35963,CVE-2023-35960,CVE-2023-35964,CVE-2023-35959,CVE-2023-35961,CVE-2023-35962 7.8
TALOS-2023-1807 GTKWave VCD sorted bsearch arbitrary write vulnerabilities 2024-01-08 CVE-2023-37921,CVE-2023-37923,CVE-2023-37922 7.8
TALOS-2023-1803 GTKWave EVCD var len parsing improper array index validation vulnerability 2024-01-08 CVE-2023-34087 7.8
TALOS-2023-1806 GTKWave VCD get_vartoken realloc use-after-free vulnerabilities 2024-01-08 CVE-2023-37576,CVE-2023-37577,CVE-2023-37573,CVE-2023-37578,CVE-2023-37575,CVE-2023-37574 7.8
TALOS-2023-1804 GTKWave VCD parse_valuechange portdump out-of-bounds write vulnerabilities 2024-01-08 CVE-2023-37416,CVE-2023-37419,CVE-2023-37420,CVE-2023-37418,CVE-2023-37417 7.8
TALOS-2023-1791 GTKWave FST fstReaderIterBlocks2 tdelta improper array index validation vulnerabilities 2024-01-08 CVE-2023-35994,CVE-2023-35996,CVE-2023-35997,CVE-2023-35995 7.8
TALOS-2023-1790 GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability 2024-01-08 CVE-2023-35992 7.0
TALOS-2023-1822 GTKWave LXT2 zlib block allocation integer overflow vulnerability 2024-01-08 CVE-2023-35989 7.8
TALOS-2023-1819 GTKWave LXT2 num_time_table_entries out-of-bounds write vulnerability 2024-01-08 CVE-2023-34436 7.8
TALOS-2023-1814 GTKWave VZT vzt_rd_block_vch_decode times parsing integer overflow vulnerabilities 2024-01-08 CVE-2023-38651,CVE-2023-38650 7.0
TALOS-2023-1811 GTKWave VZT LZMA_read_varint out-of-bounds write vulnerability 2024-01-08 CVE-2023-36861 7.8
TALOS-2023-1817 GTKWave VZT vzt_rd_process_block autosort out-of-bounds write vulnerabilities 2024-01-08 CVE-2023-39235,CVE-2023-39234 7.8
TALOS-2023-1824 GTKWave LXT2 lxt2_rd_iter_radix shift operation integer underflow vulnerabilities 2024-01-08 CVE-2023-39413,CVE-2023-39414 7.0
TALOS-2023-1789 GTKWave FST fstReaderIterBlocks2 chain_table parsing heap-based buffer overflow vulnerabilities 2024-01-08 CVE-2023-35969,CVE-2023-35970 7.8
TALOS-2023-1792 GTKWave FST fstReaderIterBlocks2 time_table tsec_nitems integer overflow vulnerability 2024-01-08 CVE-2023-35128 7.0
TALOS-2023-1907 instipod DuoUniversalKeycloakAuthenticator challenge information disclosure vulnerability 2023-12-23 CVE-2023-49594 4.5
TALOS-2023-1845 Buildroot BR_NO_CHECK_HASH_FOR data integrity vulnerability 2023-12-05 CVE-2023-43608 8.1
TALOS-2023-1860 GPSd NTRIP Stream Parsing access violation vulnerability 2023-12-05 CVE-2023-43628 5.9
TALOS-2023-1844 Buildroot package hash checking data integrity vulnerabilities 2023-12-05 CVE-2023-45841,CVE-2023-45842,CVE-2023-45838,CVE-2023-45839,CVE-2023-45840 8.1
TALOS-2023-1837 Foxit Reader 3D Annot use-after-free vulnerability 2023-11-27 CVE-2023-32616 8.8
TALOS-2023-1748 WPS Office ET Data use of uninitialized pointer vulnerability 2023-11-27 CVE-2023-31275 8.8
TALOS-2023-1838 Foxit Reader field value property type confusion vulnerability 2023-11-27 CVE-2023-41257 8.8
TALOS-2023-1839 Foxit Reader signature field OnBlur event use-after-free vulnerability 2023-11-27 CVE-2023-38573 8.8
TALOS-2023-1833 Foxit Reader Javascript exportDataObject arbitrary file creation vulnerability 2023-11-27 CVE-2023-40194 8.8
TALOS-2023-1832 Foxit Reader Javascript saveAs arbitrary file creation vulnerability 2023-11-27 CVE-2023-39542 8.8
TALOS-2023-1834 Foxit Reader Javascript exportDataObject HTA file creation vulnerability 2023-11-27 CVE-2023-35985 8.8
TALOS-2023-1794 Adobe Acrobat Reader Thermometer use-after-free vulnerability 2023-11-15 CVE-2023-44336 8.8
TALOS-2023-1842 Adobe Acrobat Reader U3D page event use-after-free vulnerability 2023-11-15 CVE-2023-44372 8.8
TALOS-2023-1835 Microsoft Office Professional Plus 2019 FCommitHtmlPivotCacheElement use-after-free vulnerability 2023-11-15 CVE-2023-36041 7.8
TALOS-2023-1725 Weston Embedded uC-HTTP HTTP Server out-of-bounds write vulnerability 2023-11-14 CVE-2023-24585 7.7
TALOS-2023-1733 Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability 2023-11-14 CVE-2023-27882 9.0
TALOS-2023-1746 Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability 2023-11-14 CVE-2023-31247 9.0
TALOS-2023-1732 Weston Embedded uC-HTTP HTTP Server memory corruption vulnerability 2023-11-14 CVE-2023-28391 9.0
TALOS-2023-1738 Weston Embedded uC-HTTP HTTP Server form boundary memory corruption vulnerability 2023-11-14 CVE-2023-28379 9.0
TALOS-2023-1726 Weston Embedded uC-HTTP HTTP Server buffer overflow vulnerability 2023-11-14 CVE-2023-25181 9.0
TALOS-2023-1809 JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser out-of-bounds write vulnerability 2023-10-19 CVE-2023-38128 7.8
TALOS-2023-1825 JustSystems Corporation Ichitaro 2023 DocumentViewStyles and DocumentEditStyles stream relative write vulnerabilities 2023-10-19 CVE-2023-35126 7.8
TALOS-2023-1758 JustSystems Corporation Ichitaro "Figure" stream use-after-free vulnerability 2023-10-19 CVE-2023-34366 7.8
TALOS-2023-1808 JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser integer overflow vulnerability 2023-10-19 CVE-2023-38127 7.8
TALOS-2023-1768 SoftEther VPN ClientConnect() information disclosure vulnerability 2023-10-12 CVE-2023-31192 5.3
TALOS-2023-1735 SoftEther VPN vpnserver WpcParsePacket() heap-based buffer overflow vulnerability 2023-10-12 CVE-2023-27395 9.0
TALOS-2023-1737 SoftEther VPN vpnserver OvsProcessData denial of service vulnerability 2023-10-12 CVE-2023-22308 7.5
TALOS-2023-1743 SoftEther VPN vpnserver ConnectionAccept() denial-of-service vulnerability 2023-10-12 CVE-2023-25774 7.5
TALOS-2023-1736 SoftEther VPN DCRegister DDNS_RPC_MAX_RECV_SIZE denial of service vulnerability 2023-10-12 CVE-2023-22325 5.9
TALOS-2023-1741 SoftEther VPN vpnserver EnSafeHttpHeaderValueStr denial of service vulnerability 2023-10-12 CVE-2023-23581 7.5
TALOS-2023-1753 SoftEther VPN CtEnumCa() information disclosure vulnerability 2023-10-12 CVE-2023-32275 5.5
TALOS-2023-1754 SoftEther VPN CiRpcAccepted() authentication bypass vulnerability 2023-10-12 CVE-2023-27516 7.3
TALOS-2023-1755 SoftEther VPN CiRpcServerThread() MitM authentication bypass vulnerability 2023-10-12 CVE-2023-32634 7.8
TALOS-2023-1787 Yifan YF325 httpd manage_post stack-based buffer overflow vulnerabilities 2023-10-11 CVE-2023-35965,CVE-2023-35966 9.8
TALOS-2023-1778 peplink Surf SOHO HW1 data.cgi xfer_dns OS command injection vulnerability 2023-10-11 CVE-2023-34356 7.2
TALOS-2023-1762 Yifan YF325 httpd nvram.cgi authentication bypass vulnerability 2023-10-11 CVE-2023-24479 9.8
TALOS-2023-1782 peplink Surf SOHO HW1 api.cgi cmd.mvpn.x509.write OS command injection vulnerability 2023-10-11 CVE-2023-35194,CVE-2023-35193 7.2
TALOS-2023-1766 Yifan YF325 httpd manage_request stack-based buffer overflow vulnerability 2023-10-11 CVE-2023-34426 9.8
TALOS-2023-1767 Yifan YF325 validate.so diag_ping_start command execution vulnerability 2023-10-11 CVE-2023-32632 8.8
TALOS-2023-1752 Yifan YF325 httpd debug credentials leftover debug code vulnerability 2023-10-11 CVE-2023-32645 9.8
TALOS-2023-1763 Yifan YF325 libutils.so nvram_restore stack-based buffer overflow vulnerability 2023-10-11 CVE-2023-34365 9.8
TALOS-2023-1764 Yifan YF325 httpd gwcfg.cgi get stack-based buffer overflow vulnerability 2023-10-11 CVE-2023-34346 9.8
TALOS-2023-1781 peplink Surf SOHO HW1 upload_brand.cgi cross-site scripting (XSS) vulnerability 2023-10-11 CVE-2023-34354 3.4
TALOS-2023-1779 peplink Surf SOHO HW1 admin.cgi MVPN_trial_init OS command injection vulnerability 2023-10-11 CVE-2023-28381 7.2
TALOS-2023-1780 peplink Surf SOHO HW1 admin.cgi USSD_send OS command injection vulnerability 2023-10-11 CVE-2023-27380 7.2
TALOS-2023-1761 Yifan YF325 httpd next_page buffer overflow vulnerability 2023-10-11 CVE-2023-35055,CVE-2023-35056 8.8
TALOS-2023-1788 Yifan YF325 gwcfg_cgi_set_manage_post_data stack-based buffer overflow vulnerabilities 2023-10-11 CVE-2023-35967,CVE-2023-35968 9.8
TALOS-2023-1765 Yifan YF325 httpd do_wds stack-based buffer overflow vulnerability 2023-10-11 CVE-2023-31272 8.8
TALOS-2023-1831 Webkit MediaRecorder API stopRecording use-after-free vulnerability 2023-10-06 CVE-2023-39928 8.8
TALOS-2023-1759 Hancom Office 2020 HWord footerr use-after-free vulnerability 2023-09-26 CVE-2023-32541 8.8
TALOS-2023-1836 Accusoft ImageGear allocate_buffer_for_jpeg_decoding out-of-bounds write vulnerability 2023-09-25 CVE-2023-40163 9.8
TALOS-2023-1760 Accusoft ImageGear pictwread heap-based buffer overflow vulnerability 2023-09-25 CVE-2023-35002 9.8
TALOS-2023-1729 Accusoft ImageGear CreateDIBfromPict out-of-bounds write vulnerability 2023-09-25 CVE-2023-23567 8.1
TALOS-2023-1751 Google Chrome VideoEncoder av1_svc_check_reset_layer_rc_flag use-after-free vulnerability 2023-09-25 CVE-2023-3421 8.3
TALOS-2023-1830 Accusoft ImageGear tif_parse_sub_IFD use-after-free vulnerability 2023-09-25 CVE-2023-39453 9.8
TALOS-2023-1742 Accusoft ImageGear tif_processing_dng_channel_count stack-based buffer overflow vulnerability 2023-09-25 CVE-2023-28393 5.6
TALOS-2023-1750 Accusoft ImageGear tiff_planar_adobe out-of-bounds write vulnerability 2023-09-25 CVE-2023-32284 8.1
TALOS-2023-1802 Accusoft ImageGear dcm_pixel_data_decode out-of-bounds write vulnerability 2023-09-25 CVE-2023-32653 9.8
TALOS-2023-1749 Accusoft ImageGear create_png_object heap-based buffer overflow vulnerability 2023-09-25 CVE-2023-32614 7.0
TALOS-2023-1769 Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability 2023-09-05 CVE-2023-31242 8.1
TALOS-2023-1772 Open Automation Software OAS Platform OAS Engine User Creation improper input validation vulnerability 2023-09-05 CVE-2023-34317 6.5
TALOS-2023-1773 Open Automation Software OAS Platform OAS Engine configuration management improper resource allocation vulnerability 2023-09-05 CVE-2023-34994 3.1
TALOS-2023-1776 Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability 2023-09-05 CVE-2023-34353 7.5
TALOS-2023-1775 Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability 2023-09-05 CVE-2023-35124 3.1
TALOS-2023-1770 Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability 2023-09-05 CVE-2023-34998 8.1
TALOS-2023-1774 Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability 2023-09-05 CVE-2023-32271 6.5
TALOS-2023-1771 Open Automation Software OAS Platform OAS Engine configuration file write vulnerability 2023-09-05 CVE-2023-32615 6.5
TALOS-2023-1720 NVIDIA D3D10 Driver Shader Functionality dcl_input index memory corruption vulnerability 2023-08-10 CVE-2022-34671 8.5
TALOS-2023-1719 NVIDIA D3D10 Driver Shader Functionality undeclared dcl_output memory corruption vulnerability 2023-08-10 CVE-2022-34671 8.5
TALOS-2023-1721 NVIDIA D3D10 Driver Shader Functionality dcl_resource_structured index memory corruption vulnerability 2023-08-10 CVE-2022-34671 8.5
TALOS-2022-1670 Open Babel PQS format pFormat uninitialized pointer dereference vulnerability 2023-07-21 CVE-2022-46280 9.8
TALOS-2022-1671 Open Babel PQS format coord_file out-of-bounds write vulnerability 2023-07-21 CVE-2022-43467 9.8
TALOS-2022-1667 Open Babel CSR format title out-of-bounds write vulnerability 2023-07-21 CVE-2022-41793 9.8
TALOS-2022-1669 Open Babel MSI format atom uninitialized pointer dereference vulnerability 2023-07-21 CVE-2022-44451 9.8
TALOS-2022-1664 Open Babel MOL2 format attribute and value out-of-bounds write vulnerability 2023-07-21 CVE-2022-43607 8.1
TALOS-2022-1672 Open Babel Gaussian format orientation out-of-bounds write vulnerability 2023-07-21 CVE-2022-37331 7.3
TALOS-2022-1668 Open Babel GRO format res uninitialized pointer dereference vulnerability 2023-07-21 CVE-2022-42885 9.8
TALOS-2022-1666 Open Babel translationVectors parsing out-of-bounds write vulnerabilities 2023-07-21 CVE-2022-46292,CVE-2022-46295,CVE-2022-46294,CVE-2022-46293,CVE-2022-46291 9.8
TALOS-2022-1665 Open Babel ORCA format nAtoms out-of-bounds write vulnerabilities 2023-07-21 CVE-2022-46289,CVE-2022-46290 9.8
TALOS-2023-1756 Foxit Reader Field Calculate event use-after-free vulnerability 2023-07-19 CVE-2023-27379 8.8
TALOS-2023-1739 Foxit Reader Choice Field use-after-free vulnerability 2023-07-19 CVE-2023-28744 8.8
TALOS-2023-1795 Foxit Reader checkThisBox type confusion vulnerability 2023-07-19 CVE-2023-32664 8.8
TALOS-2023-1796 Foxit Reader Javascript annotation destruction use-after-free vulnerability 2023-07-19 CVE-2023-33876 8.8
TALOS-2023-1757 Foxit Reader Field OnBlur event use-after-free vulnerability 2023-07-19 CVE-2023-33866 8.8
TALOS-2023-1747 Microsoft Edge MSDCPDF Javascript addIcon type confusion vulnerability 2023-07-17 CVE-2023-36887 8.1
TALOS-2022-1679 Apple DCERPC zero length BIND packet infinite loop 2023-07-13 None 5.3
TALOS-2022-1658 VMware vCenter DCERPC Improper calculation of authentication trailer pointer 2023-07-13 CVE-2023-20894 8.1
TALOS-2023-1740 VMware vCenter Server DCERPC save_sec_fragment out-of-bounds pointer vulnerability 2023-07-13 CVE-2023-20895 8.1
TALOS-2022-1660 Apple DCERPC packet stats buffer overflow vulnerability 2023-07-13 CVE-2023-23513 8.1
TALOS-2022-1676 Apple DCERPC association groups heap overflow 2023-07-13 CVE-2023-27935 7.5
TALOS-2022-1677 Apple DCERPC call request uninitialized memory heap overflow vulnerability 2023-07-13 CVE-2023-27934 7.5
TALOS-2022-1678 Apple DCERPC alter context response use-after-free vulnerability 2023-07-13 CVE-2023-28180 7.5
TALOS-2022-1689 Apple DCERPC fixed array use after free vulnerability 2023-07-13 CVE-2023-27958 7.5
TALOS-2023-1800 VMWare vCenter Server DCERPC presentation result list out of bounds memory access 2023-07-13 CVE-2023-20896 5.9
TALOS-2022-1659 Apple DCERPC presentation result list out of bounds memory access 2023-07-13 CVE-2023-23539 5.9
TALOS-2023-1801 VMware DCERPC call request uninitialized memory heap overflow vulnerability 2023-07-13 CVE-2023-20892 7.5
TALOS-2022-1675 Apple DCERPC allocation hint uninitialized memory disclosure vulnerability 2023-07-13 None 5.3
TALOS-2023-1717 Apple DCERPC association groups use-after-free vulnerability 2023-07-13 CVE-2023-32387 7.5
TALOS-2022-1688 Apple DCERPC array marshaling uninitialized memory disclosure vulnerability 2023-07-13 CVE-2023-27953 5.3
TALOS-2023-1799 VMWare vCenter Server DCERPC association groups use-after-free vulnerability 2023-07-13 CVE-2023-20893 7.5
TALOS-2023-1714 Milesight UR32L vtysh_ubus tcpdump_start_cb OS command injection vulnerability 2023-07-06 CVE-2023-22653 8.8
TALOS-2023-1711 Milesight UR32L ys_thirdparty check_system_user OS command injection vulnerability 2023-07-06 CVE-2023-22365 7.2
TALOS-2023-1718 Milesight UR32L urvpn_client http_connection_readcb stack-based buffer overflow vulnerability 2023-07-06 CVE-2023-24019 8.1
TALOS-2023-1712 Milesight UR32L vtysh_ubus _get_fw_logs OS command injection vulnerability 2023-07-06 CVE-2023-22299 8.8
TALOS-2023-1713 Milesight UR32L ys_thirdparty system_user_script OS command injection vulnerability 2023-07-06 CVE-2023-24595 7.2
TALOS-2023-1723 Milesight UR32L zebra vlan_name OS command injection vulnerabilities 2023-07-06 CVE-2023-25582,CVE-2023-25583 7.2
TALOS-2023-1716 Milesight UR32L vtysh_ubus sprintf pattern buffer overflow vulnerabilities 2023-07-06 CVE-2023-25091,CVE-2023-25107,CVE-2023-25113,CVE-2023-25120,CVE-2023-25122,CVE-2023-25082,CVE-2023-25095,CVE-2023-25117,CVE-2023-25121,CVE-2023-25115,CVE-2023-25118,CVE-2023-25124,CVE-2023-25101,CVE-2023-25123,CVE-2023-25102,CVE-2023-25084,CVE-2023-25093,CVE-2023-25097,CVE-2023-25103,CVE-2023-25096,CVE-2023-25090,CVE-2023-25085,CVE-2023-25106,CVE-2023-25104,CVE-2023-25086,CVE-2023-25088,CVE-2023-25105,CVE-2023-25112,CVE-2023-25089,CVE-2023-25098,CVE-2023-25081,CVE-2023-25094,CVE-2023-25100,CVE-2023-25110,CVE-2023-25109,CVE-2023-25099,CVE-2023-25119,CVE-2023-25083,CVE-2023-25087,CVE-2023-25116,CVE-2023-25092,CVE-2023-25108,CVE-2023-25111,CVE-2023-25114 7.2
TALOS-2023-1704 Milesight MilesightVPN requestHandlers.js detail_device cross-site scripting (XSS) vulnerabilities 2023-07-06 CVE-2023-24497,CVE-2023-24496 4.7
TALOS-2023-1706 Milesight UR32L vtysh_ubus toolsh_excute.constprop.1 OS command injection vulnerabilities 2023-07-06 CVE-2023-24519,CVE-2023-24520 8.8
TALOS-2023-1697 Milesight UR32L uhttpd login buffer overflow vulnerability 2023-07-06 CVE-2023-23902 9.8
TALOS-2023-1698 Milesight UR32L libzebra.so bridge_group OS command injection vulnerability 2023-07-06 CVE-2023-22306 7.2
TALOS-2023-1699 Milesight UR32L libzebra.so change_hostname OS command injection vulnerability 2023-07-06 CVE-2023-22659 7.2
TALOS-2023-1700 Milesight MilesightVPN requestHandlers.js verifyToken authentication bypass vulnerability 2023-07-06 CVE-2023-22844 7.3
TALOS-2023-1702 Milesight MilesightVPN server.js start directory traversal vulnerability 2023-07-06 CVE-2023-23907 7.5
TALOS-2023-1703 Milesight MilesightVPN liburvpn.so create_private_key OS command injection vulnerability 2023-07-06 CVE-2023-22371 8.1
TALOS-2023-1705 Milesight UR32L urvpn_client Certificate Validation vulnerability 2023-07-06 CVE-2023-23546 4.2
TALOS-2023-1715 Milesight UR32L libzebra.so security_decrypt_password buffer overflow vulnerability 2023-07-06 CVE-2023-24018 8.8
TALOS-2023-1696 Milesight UR32L eventcore access violation vulnerability 2023-07-06 CVE-2023-23571 7.5
TALOS-2023-1694 Milesight UR32L ys_thirdparty user_delete OS command injection vulnerability 2023-07-06 CVE-2023-23550 7.2
TALOS-2023-1695 Milesight UR32L luci2-io file-export mib directory traversal vulnerability 2023-07-06 CVE-2023-23547 6.5
TALOS-2023-1701 Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability 2023-07-06 CVE-2023-22319 7.3
TALOS-2023-1710 Milesight UR32L urvpn_client cmd_name_action OS command injection vulnerabilities 2023-07-06 CVE-2023-24583,CVE-2023-24582 8.8
TALOS-2023-1745 Diagon GraphPlanar::Write improper array index validation vulnerability 2023-07-05 CVE-2023-31194 5.3
TALOS-2023-1744 Diagon Sequence::DrawText heap-based buffer overflow vulnerability 2023-07-05 CVE-2023-27390 7.8
TALOS-2023-1724 Google Chrome WebGL rx::Image11::disassociateStorage use-after-free vulnerability 2023-06-26 CVE-2023-1531 8.3
TALOS-2023-1730 Microsoft Office Excel FreePhisxdb arbitrary free vulnerability 2023-06-13 CVE-2023-32029 7.8
TALOS-2023-1734 Microsoft Office Excel WebCharts out-of-bounds write vulnerability 2023-06-13 CVE-2023-33133 7.8
TALOS-2023-1727 Mitsubishi Electric Corporation MELSEC iQ-F FX5U MELSOFT Direct memory corruption vulnerability 2023-05-26 CVE-2023-1424 10.0
TALOS-2022-1681 Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability 2023-05-10 CVE-2022-46377,CVE-2022-46378 6.5
TALOS-2022-1680 Weston Embedded uC-FTPs Authentication authentication bypass vulnerability 2023-05-10 CVE-2022-41985 8.6
TALOS-2023-1693 Google Chrome WebRTC RTCStatsCollector out of bounds memory access vulnerability 2023-05-04 CVE-2023-0698 8.3
TALOS-2023-1691 IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability 2023-04-24 CVE-2023-28528 5.5
TALOS-2023-1690 IBM Corporation AIX errlog() Log Injection Vulnerability 2023-04-24 None,CVE-2023-26286 5.5
TALOS-2022-1593 Slic3r libslic3r TriangleMesh clone heap-based buffer overflow vulnerability 2023-04-20 CVE-2022-36788 8.1
TALOS-2023-1692 Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability 2023-04-13 CVE-2023-0896 9.8
TALOS-2022-1684 JustSystems Corporation Ichitaro Attribute Arena buffer overflow vulnerability 2023-04-05 CVE-2022-45115 7.8
TALOS-2023-1722 JustSystems Corporation Ichitaro "LayoutBox" stream heap-based buffer overflow vulnerability 2023-04-05 CVE-2023-22660 7.0
TALOS-2022-1687 JustSystems Corporation Ichitaro Frame stream parser invalid free vulnerability 2023-04-05 CVE-2023-22291 7.0
TALOS-2022-1673 Justsystem Ichitaro Protected Attribute Identifier Use-After-Free Vulnerablity 2023-04-05 CVE-2022-43664 7.8
TALOS-2022-1594 ADMesh stl_fix_normal_directions improper array index validation vulnerability 2023-04-03 CVE-2022-38072 6.5
TALOS-2023-1707 OpenImageIO Project OpenImageIO TGAInput::read_tga2_header information disclosure vulnerability 2023-03-30 CVE-2023-24473 5.3
TALOS-2022-1685 ManageEngine OpManager Add UCS Device blind XXE vulnerability 2023-03-30 CVE-2022-43473 5.8
TALOS-2023-1709 OpenImageIO Project OpenImageIO FitsOutput::close() denial of service vulnerability 2023-03-30 CVE-2023-24472 7.5
TALOS-2023-1708 OpenImageIO Project OpenImageIO TGAInput::decode_pixel() out-of-bounds read vulnerability 2023-03-30 CVE-2023-22845 7.5
TALOS-2023-1731 SNIProxy wildcard backend hosts buffer overflow vulnerability 2023-03-30 CVE-2023-25076 9.8
TALOS-2022-1598 Netgear Orbi Router RBR750 Remote Management cleartext transmission vulnerability 2023-03-21 CVE-2022-38458 6.5
TALOS-2022-1595 Netgear Orbi Router RBR750 hidden telnet service command execution vulnerability 2023-03-21 CVE-2022-38452 7.2
TALOS-2022-1596 Netgear Orbi Router RBR750 access control command execution vulnerability 2023-03-21 CVE-2022-37337 9.1
TALOS-2022-1597 Netgear Orbi Satellite RBS750 ubus backend communications command execution vulnerability 2023-03-21 CVE-2022-36429 7.2
TALOS-2022-1683 WellinTech KingHistorian User authentication information disclosure vulnerability 2023-03-20 CVE-2022-45124 7.5
TALOS-2022-1674 WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability 2023-03-20 CVE-2022-43663 8.1
TALOS-2022-1645 Ghost Foundation node-sqlite3 code execution vulnerability 2023-03-16 CVE-2022-43441 8.1
TALOS-2022-1662 EIP Stack Group OpENer SetAttributeList attribute_count_request out-of-bounds write vulnerability 2023-02-23 CVE-2022-43605 10.0
TALOS-2022-1663 EIP Stack Group OpENer Forward Open connection_management_entry use of uninitialized pointer vulnerability 2023-02-23 CVE-2022-43606 7.5
TALOS-2022-1661 EIP Stack Group OpENer GetAttributeList attribute_count_request out-of-bounds write vulnerability 2023-02-23 CVE-2022-43604 10.0
TALOS-2022-1682 ESTsoft Alyac NT header out of bounds read 2023-02-02 CVE-2022-43665 5.0
TALOS-2022-1619 Moxa SDS-3008 Series Industrial Ethernet Switch web application stored cross-site scripting vulnerability 2023-02-02 CVE-2022-41313,CVE-2022-41311,CVE-2022-41312 4.3
TALOS-2022-1618 Moxa SDS-3008 Series Industrial Ethernet Switch web server denial of service vulnerability 2023-02-02 CVE-2022-40224 5.3
TALOS-2022-1616 Moxa SDS-3008 Series Industrial Ethernet Switch web application cleartext transmission vulnerability 2023-02-02 CVE-2022-40693 5.9
TALOS-2022-1621 Moxa SDS-3008 Series Industrial Ethernet Switch web application information disclosure vulnerability 2023-02-02 CVE-2022-40691 5.3
TALOS-2022-1642 FreshTomato httpd update.cgi directory traversal vulnerability 2023-01-26 CVE-2022-38451 6.8
TALOS-2022-1612 Siretta QUARTZ-GOLD httpd txt/restore.cgi OS command injection vulnerability 2023-01-26 CVE-2022-40220 7.2
TALOS-2022-1609 Siretta QUARTZ-GOLD httpd downfile.cgi directory traversal vulnerability 2023-01-26 CVE-2022-38088 4.9
TALOS-2022-1611 Siretta QUARTZ-GOLD httpd upload.cgi file write vulnerability 2023-01-26 CVE-2022-39045 7.2
TALOS-2022-1615 Siretta QUARTZ-GOLD httpd SNMP OS command injection vulnerability 2023-01-26 CVE-2022-38066 7.2
TALOS-2022-1610 Siretta QUARTZ-GOLD httpd shell.cgi leftover debug code vulnerability 2023-01-26 CVE-2022-38715 7.2
TALOS-2022-1608 Siretta QUARTZ-GOLD httpd downfile.cgi stack-based buffer overflow vulnerability 2023-01-26 CVE-2022-38459 7.2
TALOS-2022-1639 Siretta QUARTZ-GOLD m2m DELETE_FILE cmd heap-based buffer overflow vulnerability 2023-01-26 CVE-2022-41991 9.8
TALOS-2022-1607 Siretta QUARTZ-GOLD httpd delfile.cgi OS command injection vulnerability 2023-01-26 CVE-2022-40969 7.2
TALOS-2022-1606 Siretta QUARTZ-GOLD httpd delfile.cgi directory traversal vulnerability 2023-01-26 CVE-2022-40701 6.5
TALOS-2022-1638 Siretta QUARTZ-GOLD m2m DELETE_FILE cmd OS command injection vulnerability 2023-01-26 CVE-2022-40222 9.8
TALOS-2022-1637 Siretta QUARTZ-GOLD m2m DELETE_FILE cmd directory traversal vulnerability 2023-01-26 CVE-2022-41154 8.2
TALOS-2022-1641 FreshTomato httpd logs/view.cgi OS command injection vulnerability 2023-01-26 CVE-2022-42484 9.1
TALOS-2022-1613 Siretta QUARTZ-GOLD DetranCLI command parsing stack-based buffer overflow vulnerabilities 2023-01-26 CVE-2022-40992,CVE-2022-41018,CVE-2022-41005,CVE-2022-41028,CVE-2022-40990,CVE-2022-40985,CVE-2022-40989,CVE-2022-40991,CVE-2022-40994,CVE-2022-41002,CVE-2022-41012,CVE-2022-41019,CVE-2022-41030,CVE-2022-41011,CVE-2022-41027,CVE-2022-40986,CVE-2022-41007,CVE-2022-41022,CVE-2022-41020,CVE-2022-40995,CVE-2022-40998,CVE-2022-41001,CVE-2022-41006,CVE-2022-41014,CVE-2022-41029,CVE-2022-41010,CVE-2022-40997,CVE-2022-40996,CVE-2022-41016,CVE-2022-40988,CVE-2022-41017,CVE-2022-41004,CVE-2022-41013,CVE-2022-41000,CVE-2022-40999,CVE-2022-41025,CVE-2022-41008,CVE-2022-41015,CVE-2022-41026,CVE-2022-41024,CVE-2022-41009,CVE-2022-41003,CVE-2022-40993,CVE-2022-41021,CVE-2022-40987,CVE-2022-41023 7.2
TALOS-2022-1605 Siretta QUARTZ-GOLD httpd delfile.cgi stack-based buffer overflow vulnerability 2023-01-26 CVE-2022-36279 7.2
TALOS-2022-1640 Siretta QUARTZ-GOLD m2m m2m_parse_router_config cmd OS command injection vulnerabilities 2023-01-26 CVE-2022-42492,CVE-2022-42491,CVE-2022-42493,CVE-2022-42490 9.8
TALOS-2022-1686 Ghost Foundation Ghost Post Creation insecure default installation vulnerability 2023-01-19 CVE-2022-47197,CVE-2022-47195,CVE-2022-47194,CVE-2022-47196 9.0
TALOS-2022-1646 Mitsubishi Electric Corporation MELSEC iQ-FX5U webserver session identifier generation authentication bypass vulnerability 2023-01-18 CVE-2022-40267 7.1
TALOS-2022-1617 Qt Project Qt QML QtScript Reflect API integer overflow vulnerability 2023-01-12 CVE-2022-40983 8.8
TALOS-2022-1650 Qt Project Qt QML QtScript Javascript spreading buffer overflow vulnerability 2023-01-12 CVE-2022-43591 8.8
TALOS-2022-1586 Asus RT-AX82U get_IFTTTTtoken.cgi authentication bypass vulnerability 2023-01-10 CVE-2022-35401 9.0
TALOS-2022-1592 Asus RT-AX82U cfg_server cm_processConnDiagPktList denial of service vulnerability 2023-01-10 CVE-2022-38393 7.5
TALOS-2022-1590 Asus RT-AX82U cfg_server cm_processREQ_NC information disclosure vulnerability 2023-01-10 CVE-2022-38105 7.5
TALOS-2022-1653 OpenImageIO Project OpenImageIO Image Output Close denial of service vulnerability 2022-12-22 CVE-2022-43594,CVE-2022-43595 5.9
TALOS-2022-1657 OpenImageIO Project OpenImageIO ZfileOutput::close() denial of service vulnerability 2022-12-22 CVE-2022-43603 5.9
TALOS-2022-1631 OpenImageIO TIFF file IPTC data information disclosure vulnerability 2022-12-22 CVE-2022-41649 7.5
TALOS-2022-1656 OpenImageIO Project OpenImageIO IFFOutput wild write vulnerability 2022-12-22 CVE-2022-43601,CVE-2022-43600,CVE-2022-43599,CVE-2022-43602 8.1
TALOS-2022-1654 OpenImageIO Project OpenImageIO IFFOutput channel interleaving information disclosure vulnerability 2022-12-22 CVE-2022-43596 5.9
TALOS-2022-1633 OpenImageIO TIFF tile pels decoding heap-based buffer overflow 2022-12-22 CVE-2022-41639 9.8
TALOS-2022-1652 OpenImageIO Project OpenImageIO DPXOutput::close() denial of service vulnerability 2022-12-22 CVE-2022-43593 5.9
TALOS-2022-1651 OpenImageIO Project OpenImageIO DPXOutput::close() information disclosure vulnerability 2022-12-22 CVE-2022-43592 5.9
TALOS-2022-1643 OpenImageIO TIFF IPTC decoding information disclosure vulnerability 2022-12-22 CVE-2022-41988 5.3
TALOS-2022-1636 OpenImageIO Exif out-of-bounds write vulnerability 2022-12-22 CVE-2022-41837 9.8
TALOS-2022-1635 OpenImageIO DDS native tile reading denial of service vulnerability 2022-12-22 CVE-2022-41999 7.5
TALOS-2022-1628 OpenImageIO TGA Format Stack Buffer Overflow Vulnerability 2022-12-22 CVE-2022-41981 8.1
TALOS-2022-1630 OpenImageIO RLE encoded BMP image out-of-bounds write vulnerability 2022-12-22 CVE-2022-38143 9.8
TALOS-2022-1627 OpenImageIO TIFF file string field information disclosure vulnerability 2022-12-22 CVE-2022-41977 5.3
TALOS-2022-1626 OpenImageIO PSD thumbnail resource code execution vulnerability 2022-12-22 CVE-2022-41794 9.8
TALOS-2022-1629 OpenImageIO RLA format rle span out-of-bounds read vulnerability 2022-12-22 CVE-2022-36354 5.3
TALOS-2022-1632 OpenImageIO PSD format image file directory denial of service vulnerability 2022-12-22 CVE-2022-41684 7.5
TALOS-2022-1634 OpenImageIO DDS scanline parsing code execution vulnerability 2022-12-22 CVE-2022-41838 9.8
TALOS-2022-1655 OpenImageIO Project OpenImageIO IFFOutput alignment padding memory corruption vulnerability 2022-12-22 CVE-2022-43598,CVE-2022-43597 8.1
TALOS-2022-1624 Ghost unauthorized newsletter modification vulnerability 2022-12-21 CVE-2022-41654 9.6
TALOS-2022-1625 Ghost user enumeration vulnerablity 2022-12-21 CVE-2022-41697 5.3
TALOS-2022-1589 OpenStack Kolla sudo privilege escalation vulnerability 2022-12-20 CVE-2022-38060 8.8
TALOS-2022-1599 OpenStack oslo.privsep privilege escalation vulnerability 2022-12-20 CVE-2022-38065 8.8
TALOS-2022-1588 VMware vCenter Server Content Library denial of service vulnerability 2022-12-13 CVE-2022-31698 8.6
TALOS-2022-1644 PowerISO VHD File Format parsing CXSPARSE record memory corruption vulnerability 2022-12-07 CVE-2022-41992 7.8
TALOS-2022-1604 NVIDIA D3D10 Driver Shader Functionality DCL_INDEXRANGE instruction memory corruption vulnerability 2022-12-06 CVE-2022-34671 8.5
TALOS-2022-1603 NVIDIA D3D10 Driver Shader Functionality MOV instruction memory corruption vulnerability 2022-12-06 CVE-2022-34671 8.5
TALOS-2022-1541 Lansweeper lansweeper SanitizeHtml cross-site scripting (XSS) vulnerability 2022-12-01 CVE-2022-32763 9.1
TALOS-2022-1528 Lansweeper lansweeper AssetActions.aspx directory traversal vulnerability 2022-12-01 CVE-2022-32573 9.9
TALOS-2022-1531 Lansweeper lansweeper TicketTemplateActions.aspx GetTemplateAttachment directory traversal vulnerability 2022-12-01 CVE-2022-27498 9.1
TALOS-2022-1529 Lansweeper lansweeper HelpdeskActions.aspx edittemplate directory traversal vulnerability 2022-12-01 CVE-2022-29517 9.9
TALOS-2022-1532 Lansweeper lansweeper HdConfigActions.aspx altertextlanguages stored cross-site scripting vulnerability 2022-12-01 CVE-2022-28703 9.1
TALOS-2022-1530 Lansweeper lansweeper KnowledgebasePageActions.aspx ImportArticles directory traversal vulnerability 2022-12-01 CVE-2022-29511 9.1
TALOS-2022-1647 Callback technologies CBFS Filter handle_ioctl_83150 null pointer dereference vulnerability 2022-11-22 CVE-2022-43588 6.2
TALOS-2022-1649 Callback technologies CBFS Filter handle_ioctl_0x830a0_systembuffer null pointer dereference vulnerability 2022-11-22 CVE-2022-43590 6.2
TALOS-2022-1648 Callback technologies CBFS Filter handle_ioctl_8314C null pointer dereference vulnerability 2022-11-22 CVE-2022-43589 6.2
TALOS-2022-1591 Microsoft Office class attribute double-free vulnerability 2022-11-15 CVE-2022-41106 7.8
TALOS-2022-1602 Foxit Reader openPlayer use-after-free vulnerability 2022-11-10 CVE-2022-37332 8.8
TALOS-2022-1614 Foxit Reader Optional Content Group use-after-free vulnerability 2022-11-10 CVE-2022-40129 8.8
TALOS-2022-1601 Foxit Reader annotation destroy use-after-free vulnerability 2022-11-10 CVE-2022-38097 8.8
TALOS-2022-1600 Foxit Reader deletePages Field Calculate use-after-free vulnerability 2022-11-10 CVE-2022-32774 8.8
TALOS-2022-1544 Accusoft ImageGear PICT parsing pctwread_14841 out-of-bounds write vulnerability 2022-10-27 CVE-2022-32588 9.8
TALOS-2022-1519 InHand Networks InRouter302 console infct leftover debug code vulnerability 2022-10-27 CVE-2022-30543 4.3
TALOS-2022-1520 InHand Networks InRouter302 console verify leftover debug code vulnerability 2022-10-27 CVE-2022-26023 6.5
TALOS-2022-1521 InHand Networks InRouter302 console support leftover debug code vulnerability 2022-10-27 CVE-2022-28689 6.5
TALOS-2022-1523 InHand Networks InRouter302 Incorrect fixes privilege escalation vulnerability 2022-10-27 CVE-2022-25932 7.4
TALOS-2022-1518 InHand Networks InRouter302 console nvram leftover debug code vulnerability 2022-10-27 CVE-2022-29481 4.9
TALOS-2022-1522 InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability 2022-10-27 CVE-2022-29888 6.5
TALOS-2022-1585 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect format string injection vulnerabilities 2022-10-20 CVE-2022-35885,CVE-2022-35886,CVE-2022-35884,CVE-2022-35887 8.2
TALOS-2022-1560 Abode Systems, Inc. iota All-In-One Security Kit XCMD setIPCam stack-based buffer overflow vulnerability 2022-10-20 CVE-2022-32454 10.0
TALOS-2022-1559 Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP OS command injection vulnerabilities 2022-10-20 CVE-2022-33194,CVE-2022-33195,CVE-2022-33193,CVE-2022-33192 10.0
TALOS-2022-1558 Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability 2022-10-20 CVE-2022-33189 10.0
TALOS-2022-1553 Abode Systems, Inc. iota All-In-One Security Kit XFINDER information disclosure vulnerability 2022-10-20 CVE-2022-29475 4.7
TALOS-2022-1567 Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_abode_code OS command injection vulnerability 2022-10-20 CVE-2022-27804 8.0
TALOS-2022-1564 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost integer overflow vulnerability 2022-10-20 CVE-2022-32775 9.0
TALOS-2022-1562 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/iperf OS command injection vulnerability 2022-10-20 CVE-2022-30603 10.0
TALOS-2022-1568 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect OS command injection vulnerabilities 2022-10-20 CVE-2022-33205,CVE-2022-33204,CVE-2022-33206,CVE-2022-33207 10.0
TALOS-2022-1566 Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_serial_mac OS command injection vulnerability 2022-10-20 CVE-2022-29472 10.0
TALOS-2022-1584 Abode Systems, Inc. iota All-In-One Security Kit ghome_process_control_packet format string injection vulnerability 2022-10-20 CVE-2022-33938 8.2
TALOS-2022-1557 Abode Systems, Inc. iota All-In-One Security Kit XCMD setUPnP OS command injection vulnerability 2022-10-20 CVE-2022-30541 10.0
TALOS-2022-1561 Abode Systems, Inc. iota All-In-One Security Kit console_main_loop :sys OS command injection vulnerability 2022-10-20 CVE-2022-29520 8.1
TALOS-2022-1583 Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities 2022-10-20 CVE-2022-35879,CVE-2022-35878,CVE-2022-35881,CVE-2022-35880 7.1
TALOS-2022-1556 Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug OS Command Injection vulnerability 2022-10-20 CVE-2022-32773 10.0
TALOS-2022-1581 Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP format string injection vulnerabilities 2022-10-20 CVE-2022-35877,CVE-2022-35874,CVE-2022-35875,CVE-2022-35876 8.2
TALOS-2022-1582 Abode Systems, Inc. iota All-In-One Security Kit XCMD getVarHA memory corruption vulnerability 2022-10-20 CVE-2022-35244 9.8
TALOS-2022-1552 Abode Systems, Inc. iota All-In-One Security Kit GHOME control authentication bypass vulnerability 2022-10-20 CVE-2022-27805 9.8
TALOS-2022-1563 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost OS command injection vulnerability 2022-10-20 CVE-2022-32586 8.0
TALOS-2022-1569 Abode Systems, Inc. iota All-In-One Security Kit telnet hard-coded password vulnerability 2022-10-20 CVE-2022-29889 9.8
TALOS-2022-1554 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory* authentication bypass vulnerability 2022-10-20 CVE-2022-29477 8.6
TALOS-2022-1565 Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamSetParamPost double-free vulnerability 2022-10-20 CVE-2022-32574 7.5
TALOS-2022-1555 Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug denial of service vulnerability 2022-10-20 CVE-2022-32760 8.6
TALOS-2022-1577 Robustel R1510 js_package install OS command injection vulnerability 2022-10-14 CVE-2022-33150 9.1
TALOS-2022-1579 Robustel R1510 web_server /ajax/remove/ directory traversal vulnerability 2022-10-14 CVE-2022-33897 4.9
TALOS-2022-1580 Robustel R1510 sysupgrade firmware update vulnerability 2022-10-14 CVE-2022-34845 6.7
TALOS-2022-1575 Robustel R1510 web_server hashFirst denial of service vulnerability 2022-10-14 CVE-2022-35266,CVE-2022-35265,CVE-2022-35267,CVE-2022-35262,CVE-2022-35261,CVE-2022-35264,CVE-2022-35263,CVE-2022-35271,CVE-2022-35270,CVE-2022-35269,CVE-2022-35268 4.9
TALOS-2022-1578 Robustel R1510 web_server /action/import_authorized_keys/ OS command injection vulnerability 2022-10-14 CVE-2022-34850 9.1
TALOS-2022-1576 Robustel R1510 sysupgrade command injection OS command injection vulnerability 2022-10-14 CVE-2022-32765 9.1
TALOS-2022-1587 VMware vCenter Server Platform Services Controller Unsafe Deserialization vulnerability 2022-10-10 CVE-2022-31680 8.7
TALOS-2022-1574 Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability 2022-10-04 CVE-2022-33896 7.8
TALOS-2022-1517 uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities 2022-09-22 CVE-2022-29503 8.1
TALOS-2022-1497 Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability 2022-08-17 CVE-2022-35821 4.4
TALOS-2022-1545 WWBN AVideo password hash improper authentication vulnerability 2022-08-16 CVE-2022-32282 7.2
TALOS-2022-1546 WWBN AVideo aVideoEncoder chunkfile OS command injection vulnerability 2022-08-16 CVE-2022-30534 9.9
TALOS-2022-1539 WWBN AVideo image403 cross-site scripting (XSS) vulnerability 2022-08-16 CVE-2022-30690 9.6
TALOS-2022-1536 WWBN AVideo objects id handling authentication bypass vulnerability 2022-08-16 CVE-2022-32768,CVE-2022-32769 4.8
TALOS-2022-1549 WWBN AVideo aVideoEncoderReceiveImage information disclosure vulnerability 2022-08-16 CVE-2022-32761 6.5
TALOS-2022-1487 HDF5 Group libhdf5 gif2h5 heap-based buffer overflow vulnerability 2022-08-16 CVE-2022-26061 7.8
TALOS-2022-1550 WWBN AVideo chunkFile information disclosure vulnerability 2022-08-16 CVE-2022-28710 6.5
TALOS-2022-1486 HDF5 Group libhdf5 gif2h5 out-of-bounds read vulnerability 2022-08-16 CVE-2022-25942 7.8
TALOS-2022-1535 WWBN AVideo session id privilege escalation vulnerability 2022-08-16 CVE-2022-30605 8.8
TALOS-2022-1540 WWBN AVideo videoAddNew cross-site scripting (XSS) vulnerability 2022-08-16 CVE-2022-28712 9.0
TALOS-2022-1538 WWBN AVideo footer alerts cross-site scripting (XSS) vulnerability 2022-08-16 CVE-2022-32770,CVE-2022-32772,CVE-2022-32771 9.6
TALOS-2022-1542 WWBN AVideo cookie information disclosure vulnerability 2022-08-16 CVE-2022-32777,CVE-2022-32778 7.5
TALOS-2022-1547 WWBN AVideo aVideoEncoder unzipDirectory directory traversal vulnerability 2022-08-16 CVE-2022-30547 9.9
TALOS-2022-1515 Microsoft DirectComposition GetWeakReferenceBase null pointer dereference vulnerability 2022-08-16 CVE-2022-40733 5.0
TALOS-2022-1551 WWBN AVideo ObjectYPT SQL injection vulnerability 2022-08-16 CVE-2022-33147,CVE-2022-34652,CVE-2022-33149,CVE-2022-33148 8.3
TALOS-2022-1514 Microsoft DirectComposition CCompositionSurfaceBitmapMarshaler null pointer dereference vulnerability 2022-08-16 CVE-2022-40732 5.0
TALOS-2022-1548 WWBN AVideo aVideoEncoder wget OS command injection vulnerability 2022-08-16 CVE-2022-32572 9.9
TALOS-2022-1534 WWBN AVideo all cross-site request forgery (csrf) vulnerability 2022-08-16 CVE-2022-29468 8.8
TALOS-2022-1485 HDF5 Group libhdf5 gif2h5 out-of-bounds write vulnerability 2022-08-16 CVE-2022-25972 7.8
TALOS-2022-1537 WWBN AVideo charts tab selection cross-site scripting (XSS) vulnerability 2022-08-16 CVE-2022-26842 9.6
TALOS-2022-1533 ESTsoft Alyac OLE header Mini FAT sectors integer overflow 2022-08-03 CVE-2022-29886 7.3
TALOS-2022-1527 ESTsoft Alyac OLE header parsing integer overflow 2022-08-03 CVE-2022-32543 7.3
TALOS-2022-1482 TCL LinkHub Mesh Wi-Fi confsrv addTimeGroup stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-25996 8.8
TALOS-2022-1457 TCL LinkHub Mesh Wifi confsrv ucloud_add_node_new OS command injection vulnerability 2022-08-01 CVE-2022-21178 9.6
TALOS-2022-1456 TCL LinkHub Mesh Wifi confers ucloud_add_node_new stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-21201 8.8
TALOS-2022-1455 TCL LinkHub Mesh Wifi confsrv set_mf_rule stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-23919,CVE-2022-23918 8.8
TALOS-2022-1458 TCL LinkHub Mesh Wifi confsrv ucloud_add_node OS command injection vulnerability 2022-08-01 CVE-2022-22140 9.6
TALOS-2022-1505 TCL LinkHub Mesh Wifi confctl_set_master_wlan denial of service vulnerability 2022-08-01 CVE-2022-27185 9.3
TALOS-2022-1502 TCL LinkHub Mesh Wifi confctl_set_guest_wlan denial of service vulnerability 2022-08-01 CVE-2022-27660 9.3
TALOS-2022-1484 TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location buffer overflow vulnerability 2022-08-01 CVE-2022-26342 8.8
TALOS-2022-1483 TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-26009 8.8
TALOS-2022-1507 TCL LinkHub Mesh Wifi ucloud_del_node denial of service vulnerability 2022-08-01 CVE-2022-26346 9.6
TALOS-2022-1504 TCL LinkHub Mesh Wifi confctl_get_master_wlan information disclosure vulnerability 2022-08-01 CVE-2022-27630 6.5
TALOS-2022-1454 TCL LinkHub Mesh Wifi confsrv set_port_fwd_rule stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-23399 8.8
TALOS-2022-1503 TCL LinkHub Mesh Wifi confctl_get_guest_wlan information disclosure vulnerability 2022-08-01 CVE-2022-27633 6.5
TALOS-2022-1459 TCL LinkHub Mesh Wifi libcommonprod.so prod_change_root_passwd hard-coded password vulnerability 2022-08-01 CVE-2022-22144 7.5
TALOS-2022-1462 TCL LinkHub Mesh Wi-Fi confsrv confctl_set_app_language stack-based buffer overflow vulnerability 2022-08-01 CVE-2022-23103 8.8
TALOS-2022-1463 TCL LinkHub Mesh Wifi GetValue buffer overflow vulnerability 2022-08-01 CVE-2022-24021,CVE-2022-24011,CVE-2022-24028,CVE-2022-24023,CVE-2022-24026,CVE-2022-24016,CVE-2022-24005,CVE-2022-24019,CVE-2022-24029,CVE-2022-24007,CVE-2022-24017,CVE-2022-24008,CVE-2022-24006,CVE-2022-24013,CVE-2022-24009,CVE-2022-24010,CVE-2022-24020,CVE-2022-24015,CVE-2022-24012,CVE-2022-24022,CVE-2022-24014,CVE-2022-24027,CVE-2022-24025,CVE-2022-24018,CVE-2022-24024 9.6
TALOS-2022-1506 TCL LinkHub Mesh Wi-Fi confctl_set_wan_cfg denial of service vulnerability 2022-08-01 CVE-2022-27178 9.6
TALOS-2022-1510 DD-WRT httpd unescape memory corruption vulnerability 2022-07-27 CVE-2022-27631 5.3
TALOS-2022-1509 FreshTomato httpd unescape memory corruption vulnerability 2022-07-27 CVE-2022-28665,CVE-2022-28664 5.3
TALOS-2022-1511 Asuswrt and Asuswrt-Merlin New Gen httpd unescape memory corruption vulnerability 2022-07-27 CVE-2022-26376 5.3
TALOS-2022-1526 Accusoft ImageGear PSD Header processing memory allocation out-of-bounds write vulnerability 2022-07-18 CVE-2022-29465 8.1
TALOS-2022-1508 Google Chrome WebGPU DoBufferDestroy kDirect allocation use-after-free vulnerability 2022-07-14 CVE-2022-2399 8.3
TALOS-2022-1516 Adobe Acrobat Reader DC overlapping annotations type confusion vulnerability 2022-07-13 CVE-2022-34221 8.8
TALOS-2022-1525 Adobe Acrobat Reader DC event value use-after-free 2022-07-13 CVE-2022-34230 8.8
TALOS-2022-1571 Robustel R1510 web_server /action/remove/ API data removal vulnerability 2022-06-30 CVE-2022-28127 8.7
TALOS-2022-1570 Robustel R1510 clish art2 command execution vulnerability 2022-06-30 CVE-2022-32585 9.1
TALOS-2022-1572 Robustel R1510 web_server action endpoints OS command injection vulnerabilities 2022-06-30 CVE-2022-33312,CVE-2022-33313,CVE-2022-33314 9.1
TALOS-2022-1573 Robustel R1510 web_server ajax endpoints OS command injection vulnerabilities 2022-06-30 CVE-2022-33326,CVE-2022-33329,CVE-2022-33327,CVE-2022-33325,CVE-2022-33328 9.1
TALOS-2022-1461 Bachmann Visutec GmbH Atvise License registration information disclosure vulnerability 2022-06-15 CVE-2022-21184 5.9
TALOS-2022-1524 Blynk Blynk-Library BlynkConsole.h runCommand stack-based buffer overflow vulnerability 2022-06-15 CVE-2022-29496 9.0
TALOS-2022-1440 Anker Eufy Homebase 2 mips_collector appsrv_server use-after-free vulnerability 2022-06-15 CVE-2022-21806 10.0
TALOS-2022-1494 Open Automation Software Platform Engine SecureBrowseFile information disclosure vulnerability 2022-05-25 CVE-2022-27169 7.5
TALOS-2022-1493 Open Automation Software Platform Engine SecureTransferFiles file write vulnerability 2022-05-25 CVE-2022-26082 9.1
TALOS-2022-1492 Open Automation Software Platform Engine SecureTransferFiles information disclosure vulnerability 2022-05-25 CVE-2022-26067 4.9
TALOS-2022-1491 Open Automation Software Platform Engine SecureConfigValues denial of service vulnerability 2022-05-25 CVE-2022-26026 7.5
TALOS-2022-1489 Open Automation Software Platform Engine SecureAddSecurity external config control vulnerability 2022-05-25 CVE-2022-26043 7.5
TALOS-2022-1490 Open Automation Software Platform Engine cleartext transmission of sensitive information vulnerability 2022-05-25 CVE-2022-26077 7.5
TALOS-2022-1488 Open Automation Software Platform Engine SecureAddUser External config control vulnerability 2022-05-25 CVE-2022-26303 7.5
TALOS-2022-1513 Open Automation Software OAS Platform REST API unauthenticated vulnerability 2022-05-25 CVE-2022-26833 9.4
TALOS-2021-1436 NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXRANGE memory corruption vulnerability 2022-05-17 CVE-2022-28182 8.5
TALOS-2021-1438 NVIDIA nvwgf2umx_cfg.dll shader DCL_RESOURCE_STRUCTURED memory corruption vulnerability 2022-05-17 CVE-2022-28182 8.5
TALOS-2021-1435 NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXABLE memory corruption vulnerability 2022-05-17 CVE-2022-28181 8.5
TALOS-2021-1437 NVIDIA nvwgf2umx_cfg.dll shader DCL_UNORDERED_ACCESS_VIEW_STRUCTURED memory corruption vulnerability 2022-05-17 CVE-2022-28182 8.5
TALOS-2022-1478 InHand Networks InRouter302 daretools binary OS command injection vulnerability 2022-05-10 CVE-2022-26042 9.9
TALOS-2022-1473 InHand Networks InRouter302 httpd wlscan_ASP OS command injection vulnerability 2022-05-10 CVE-2022-26085 9.9
TALOS-2022-1477 InHand Networks InRouter302 console inhand command execution vulnerability 2022-05-10 CVE-2022-25995 9.9
TALOS-2022-1500 InHand Networks InRouter302 console infactory_wlan command injection vulnerability 2022-05-10 CVE-2022-26075 9.9
TALOS-2022-1452 ESTsoft Alyac PE section headers out of bounds read 2022-05-10 CVE-2022-21147 5.0
TALOS-2022-1481 InHand Networks InRouter302 libnvram.so nvram_import improper input validation vulnerabilities 2022-05-10 CVE-2022-26780,CVE-2022-26781,CVE-2022-26782 9.9
TALOS-2022-1501 InHand Networks InRouter302 console infactory_net command injection vulnerability 2022-05-10 CVE-2022-26518 9.9
TALOS-2022-1474 InHand Networks InRouter302 router configuration export information disclosure vulnerability 2022-05-10 CVE-2022-26020 6.3
TALOS-2022-1471 InHand Networks InRouter302 httpd parse_ping_result API buffer overflow vulnerability 2022-05-10 CVE-2022-24910 8.2
TALOS-2022-1495 InHand Networks InRouter302 iburn firmware checks firmware update vulnerability 2022-05-10 CVE-2022-26510 9.9
TALOS-2022-1470 InHand Networks InRouter302 web interface session cookie information disclosure vulnerability 2022-05-10 CVE-2022-25172 7.5
TALOS-2022-1499 InHand Networks InRouter302 console infactory_port OS command injection vulnerability 2022-05-10 CVE-2022-26420 9.9
TALOS-2022-1472 InHand Networks InRouter302 router configuration import privilege escalation vulnerability 2022-05-10 CVE-2022-21182 7.4
TALOS-2022-1476 InHand Networks InRouter302 console factory stack-based buffer overflow vulnerability 2022-05-10 CVE-2022-26002 9.1
TALOS-2022-1468 InHand Networks InRouter302 httpd upload.cgi file write vulnerability 2022-05-10 CVE-2022-21809 9.9
TALOS-2022-1469 InHand Networks InRouter302 info.jsp cross-site scripting (XSS) vulnerability 2022-05-10 CVE-2022-21238 5.4
TALOS-2022-1496 InHand Networks InRouter302 console infactory hard-coded password vulnerability 2022-05-10 CVE-2022-27172 4.3
TALOS-2022-1475 InHand Networks InRouter302 console factory OS command injection vulnerability 2022-05-10 CVE-2022-26007 9.1
TALOS-2021-1412 WPS Office HtmTableAlt use-after-free vulnerability 2022-05-09 CVE-2021-40399 8.8
TALOS-2022-1480 Anker Eufy Homebase 2 libxm_av.so DemuxCmdInBuffer buffer overflow vulnerability 2022-05-05 CVE-2022-26073 7.4
TALOS-2022-1479 Anker Eufy Homebase 2 libxm_av.so getpeermac() authentication bypass vulnerability 2022-05-05 CVE-2022-25989 7.1
TALOS-2022-1465 Accusoft ImageGear IGXMPXMLParser::parseDelimiter stack-based buffer overflow vulnerability 2022-05-02 CVE-2022-23400 7.1
TALOS-2022-1449 Accusoft ImageGear ioca_mys_rgb_allocate memory corruption vulnerability 2022-05-02 CVE-2022-22137 9.8
TALOS-2022-1512 ArduPilot APWeb cgi.c unescape memory corruption vulnerability 2022-04-14 CVE-2022-28711 5.3
TALOS-2021-1411 Accusoft ImageGear parse_raster_data out-of-bounds write vulnerability 2022-03-31 CVE-2021-40398 8.1
TALOS-2021-1434 Sound Exchange libsox sphere.c start_read() heap-based buffer overflow vulnerability 2022-03-23 CVE-2021-40426 10.0
TALOS-2022-1464 Leadtools fltSaveCMP integer overflow vulnerability 2022-03-15 CVE-2022-21154 8.8
TALOS-2021-1433 Webroot Secure Anywhere IOCTL GetProcessCommand and B_03 out-of-bounds read vulnerability 2022-03-15 CVE-2021-40425,CVE-2021-40424 7.1
TALOS-2022-1442 Lansweeper WebUserActions.aspx Stored XSS vulnerability 2022-02-28 CVE-2022-21145 9.1
TALOS-2022-1441 Lansweeper lansweeper HelpdeskSetupActions SQL injection vulnerability 2022-02-28 CVE-2022-22149 9.1
TALOS-2021-1413 Gerbv RS-274X aperture macro outline primitive out-of-bounds read vulnerability 2022-02-28 CVE-2021-40400 9.3
TALOS-2022-1443 Lansweeper lansweeper EchoAssets.aspx SQL injection vulnerability 2022-02-28 CVE-2022-21234 9.1
TALOS-2021-1431 Swift Sensors Gateway device password generation authentication bypass vulnerability 2022-02-28 CVE-2021-40422 10.0
TALOS-2022-1444 Lansweeper lansweeper AssetActions.aspx SQL injection vulnerability 2022-02-28 CVE-2022-21210 6.6
TALOS-2022-1467 MZ Automation GmbH libiec61850 parseNormalModeParameters denial of service vulnerability 2022-02-28 CVE-2022-21159 7.5
TALOS-2021-1416 Gerbv RS-274X aperture macro multiple outline primitives out-of-bounds read vulnerability 2022-02-28 CVE-2021-40402 9.3
TALOS-2021-1368 Accusoft ImageGear XWD parser heap-based buffer overflow vulnerability 2022-02-23 CVE-2021-21939 9.8
TALOS-2021-1374 Accusoft ImageGear TIFF parser heap-based buffer overflow vulnerabilities 2022-02-23 CVE-2021-21945,CVE-2021-21944 9.8
TALOS-2021-1362 Accusoft ImageGear DecoderStream::Append heap-based buffer overflow vulnerability 2022-02-23 CVE-2021-21914 9.8
TALOS-2021-1373 Accusoft ImageGear XWD parser::xwdread_pixmapformat_0_or_1 heap-based buffer overflow vulnerability 2022-02-23 CVE-2021-21943 9.8
TALOS-2021-1371 Accusoft ImageGear TIFF YCbCr image parser out-of-bounds write vulnerability 2022-02-23 CVE-2021-21942 9.8
TALOS-2021-1377 Accusoft ImageGear JPEG-JFIF Scan header parser out-of-bounds write vulnerability 2022-02-23 CVE-2021-21949 9.8
TALOS-2021-1375 Accusoft ImageGear JPEG-JFIF lossless Huffman parser heap-based buffer overflow vulnerabilities 2022-02-23 CVE-2021-21947,CVE-2021-21946 9.8
TALOS-2021-1367 Accusoft ImageGear Palette box parser heap-based buffer overflow vulnerability 2022-02-23 CVE-2021-21938 9.8
TALOS-2022-1453 KiCad EDA Gerber Viewer gerber and excellon coordinates parsing stack-based buffer overflow vulnerability 2022-02-16 CVE-2022-23804,CVE-2022-23803 7.8
TALOS-2022-1460 KiCad EDA Gerber Viewer gerber and excellon GCode/Dcode parsing stack-based buffer overflow vulnerability 2022-02-16 CVE-2022-23947,CVE-2022-23946 7.8
TALOS-2021-1386 Hancom Office 2020 Hword HwordApp.dll SectorLoc heap-based buffer overflow 2022-02-15 CVE-2021-21958 7.8
TALOS-2021-1393 Texas Instruments CC3200 SimpleLink Solution HTTP Server /ping.html information disclosure vulnerability 2022-02-15 CVE-2021-21966 5.3
TALOS-2021-1403 Moxa MXView Series Web Application information disclosure vulnerability 2022-02-11 CVE-2021-40392 5.3
TALOS-2021-1401 Moxa MXView Series Web Application authentication bypass vulnerability 2022-02-11 CVE-2021-40390 10.0
TALOS-2021-1396 Sealevel Systems, Inc. SeaConnect 370W HandleSeaCloudMessage out-of-bounds write vulnerabilities 2022-02-01 CVE-2021-21970,CVE-2021-21969 3.7
TALOS-2021-1391 Sealevel Systems, Inc. SeaConnect 370W Web Server information disclosure vulnerability 2022-02-01 CVE-2021-21963 7.4
TALOS-2021-1392 Sealevel Systems, Inc. SeaConnect 370W Modbus/SeaMAX Remote Configuration denial of service vulnerabilities 2022-02-01 CVE-2021-21965,CVE-2021-21964 8.6
TALOS-2021-1394 Sealevel Systems, Inc. SeaConnect 370W OTA update task out-of-bounds write vulnerability 2022-02-01 CVE-2021-21967 6.5
TALOS-2021-1395 Sealevel Systems, Inc. SeaConnect 370W OTA update task file overwrite vulnerability 2022-02-01 CVE-2021-21968 8.1
TALOS-2021-1397 Sealevel Systems, Inc. SeaConnect 370W URL_decode out-of-bounds write vulnerability 2022-02-01 CVE-2021-21971 3.7
TALOS-2021-1390 Sealevel Systems, Inc. SeaConnect 370W OTA Update "u-download" heap-based buffer overflow vulnerability 2022-02-01 CVE-2021-21962 9.0
TALOS-2021-1389 Sealevel Systems, Inc. SeaConnect 370W LLMNR/NBNS stack-based buffer overflow vulnerabilities 2022-02-01 CVE-2021-21960,CVE-2021-21961 10.0
TALOS-2021-1388 Sealevel Systems, Inc. SeaConnect 370W MQTTS Certificate Validation vulnerability 2022-02-01 CVE-2021-21959 7.7
TALOS-2021-1406 Eclipse Foundation Paho MQTTClient-C library readPacket out-of-bounds write vulnerability 2022-02-01 CVE-2021-41036 9.8
TALOS-2021-1417 Gerbv pick-and-place rotation parsing use of uninitialized variable vulnerability 2022-01-31 CVE-2021-40403 5.8
TALOS-2021-1415 Gerbv RS-274X aperture definition tokenization use-after-free vulnerability 2022-01-31 CVE-2021-40401 10.0
TALOS-2021-1429 Foxit Reader deletePages use-after-free vulnerability 2022-01-31 CVE-2021-40420 8.8
TALOS-2022-1439 Foxit Reader getPageNthWordQuads mishandled exception vulnerability 2022-01-31 CVE-2022-22150 8.8
TALOS-2021-1398 Google Chrome MediaStreamTrackGenerator use after free vulnerability 2022-01-27 CVE-2021-38008 8.3
TALOS-2021-1420 Reolink RLC-410W cgiserver.cgi Login authentication bypass vulnerability 2022-01-26 CVE-2021-40404 5.3
TALOS-2021-1424 Reolink RLC-410W device network settings OS command injection vulnerabilities 2022-01-26 CVE-2021-40407,CVE-2021-40408, CVE-2021-40409, CVE-2021-40410,CVE-2021-40411,CVE-2021-40412 9.1
TALOS-2021-1421 Reolink RLC-410W cgiserver.cgi JSON command parser denial of service vulnerabilities 2022-01-26 CVE-2021-44354,CVE-2021-44355, CVE-2021-44356, CVE-2021-44357, CVE-2021-44358, CVE-2021-44359, CVE-2021-44360, CVE-2021-44361, CVE-2021-44362, CVE-2021-44363, CVE-2021-44364, CVE-2021-44365, CVE-2021-44366, CVE-2021-44367, CVE-2021-44368, CVE-2021-44369, CVE-2021-44370, CVE-2021-44371, CVE-2021-44372, CVE-2021-44373, CVE-2021-44374, CVE-2021-44375, CVE-2021-44376, CVE-2021-44377, CVE-2021-44378, CVE-2021-44379, CVE-2021-44380, CVE-2021-44381, CVE-2021-44382, CVE-2021-44383, CVE-2021-44384, CVE-2021-44385, CVE-2021-44386, CVE-2021-44387, CVE-2021-44388, CVE-2021-44389, CVE-2021-44390, CVE-2021-44391, CVE-2021-44392, CVE-2021-44393, CVE-2021-44394, CVE-2021-44395, CVE-2021-44396, CVE-2021-44397, CVE-2021-44398, CVE-2021-44399, CVE-2021-44400,CVE-2021-44401, CVE-2021-44402,CVE-2021-44403,CVE-2021-44404,CVE-2021-44405, CVE-2021-44406, CVE-2021-44407, CVE-2021-44408, CVE-2021-44409, CVE-2021-44410, CVE-2021-44411, CVE-2021-44412, CVE-2021-44413, CVE-2021-44414, CVE-2021-44415, CVE-2021-44416, CVE-2021-44417, CVE-2021-44418, CVE-2021-44419 8.6
TALOS-2022-1447 Reolink RLC-410W "update" firmware checks firmware update vulnerability 2022-01-26 CVE-2022-21134 8.3
TALOS-2021-1428 Reolink RLC-410W "factory" binary firmware update vulnerability 2022-01-26 CVE-2021-40419 10.0
TALOS-2022-1445 Reolink RLC-410W device TestEmail out-of-bounds write vulnerability 2022-01-26 CVE-2022-21217 9.1
TALOS-2021-1422 Reolink RLC-410W cgiserver.cgi Upgrade API denial of service vulnerability 2022-01-26 CVE-2021-40405 7.7
TALOS-2022-1446 Reolink RLC-410W web server misconfiguration information disclosure vulnerability 2022-01-26 CVE-2022-21236 8.1
TALOS-2022-1451 Reolink RLC-410W netserver parse_command_list memory corruption vulnerability 2022-01-26 CVE-2022-21796 9.3
TALOS-2021-1423 Reolink RLC-410W cgiserver.cgi session creation denial of service vulnerability 2022-01-26 CVE-2021-40406 7.5
TALOS-2021-1425 Reolink RLC-410W cgiserver.cgi cgi_check_ability improper access control vulnerabilities 2022-01-26 CVE-2021-40413, CVE-2021-40414, CVE-2021-40415,CVE-2021-40416 7.1
TALOS-2022-1448 Reolink RLC-410W hardcoded TLS key information disclosure vulnerability 2022-01-26 CVE-2022-21199 7.5
TALOS-2022-1450 Reolink RLC-410W netserver recv_command denial of service vulnerability 2022-01-26 CVE-2022-21801 8.6
TALOS-2021-1432 Reolink RLC-410W cgiserver.cgi command parser denial of service vulnerability 2022-01-26 CVE-2021-40423 7.5
TALOS-2021-1414 Apple macOS ImageIO DDS image out-of-bounds read vulnerability 2022-01-25 CVE-2021-30939 5.3
TALOS-2021-1400 Advantech DeviceOn/iEdge Server 1.0.2 privilege escalation vulnerability 2022-01-18 CVE-2021-40389 8.8
TALOS-2021-1409 Advantech WISE-PaaS/OTA 3.0.9 Server installation privilege escalation vulnerability 2022-01-18 CVE-2021-40397 8.8
TALOS-2021-1408 Advantech DeviceOn/iService 1.1.7 Server installation privilege escalation vulnerability 2022-01-18 CVE-2021-40396 8.8
TALOS-2021-1399 Advantech SQ Manager Server 1.0.6 privilege escalation vulnerability 2022-01-18 CVE-2021-40388 8.8
TALOS-2021-1387 Adobe Acrobat Reader Javascript event.richValue use-after-free vulnerability 2022-01-11 CVE-2021-44710 8.8
TALOS-2021-1410 Adobe Acrobat Reader DC annotation gestures integer overflow vulnerability 2022-01-11 CVE-2021-44711 8.8
TALOS-2021-1376 AnyCubic Chitubox AnyCubic Plugin readDatHeadVec heap-based buffer overflow vulnerability 2022-01-10 CVE-2021-21948 7.8
TALOS-2021-1372 Google Chrome WebRTC RTPSenderVideoFrameTransformerDelegate memory corruption vulnerability 2022-01-10 CVE-2021-37979 7.1
TALOS-2021-1358 Garrett Metal Detectors iC Module CMA CLI getenv command directory traversal vulnerability 2021-12-20 CVE-2021-21907 4.9
TALOS-2021-1427 Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame parsing uninitialized uuid object vulnerability 2021-12-20 CVE-2021-40418 9.8
TALOS-2021-1356 Garrett Metal Detectors iC Module CMA CLI setenv command directory traversal vulnerability 2021-12-20 CVE-2021-21904 9.1
TALOS-2021-1359 Garrett Metal Detectors iC Module CMA CLI del[env] command directory traversal vulnerabilities 2021-12-20 CVE-2021-21908,CVE-2021-21909 6.0
TALOS-2021-1355 Garrett Metal Detectors iC Module CMA check_udp_crc strcpy stack-based buffer overflow vulnerability 2021-12-20 CVE-2021-21903 9.8
TALOS-2021-1426 Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame decoding heap-based buffer overflow vulnerability 2021-12-20 CVE-2021-40417 9.8
TALOS-2021-1354 Garrett Metal Detectors iC Module CMA run_server_6877 authentication bypass vulnerability 2021-12-20 CVE-2021-21902 7.5
TALOS-2021-1353 Garrett Metal Detectors iC Module CMA check_udp_crc memcpy stack-based buffer overflow vulnerability 2021-12-20 CVE-2021-21901 9.8
TALOS-2021-1357 Garrett Metal Detectors iC Module CMA CLI readfile stack-based buffer overflow vulnerabilities 2021-12-20 CVE-2021-21905,CVE-2021-21906 8.2
TALOS-2021-1405 Gerbv RS-274X aperture macro outline primitive integer overflow vulnerability 2021-12-06 CVE-2021-40394 10.0
TALOS-2021-1384 Dream Report ODS Remote Connector privilege escalation vulnerability 2021-12-06 CVE-2021-21957 8.8
TALOS-2021-1404 Gerbv RS-274X format aperture macro variables out-of-bounds write vulnerability 2021-12-06 CVE-2021-40393 10.0
TALOS-2021-1352 Google Chrome Blink setBaseAndExtent use after free vulnerability 2021-11-30 CVE-2021-30625 8.3
TALOS-2021-1381 Anker Eufy Homebase 2 home_security wifi_country_code_update command execution vulnerability 2021-11-29 CVE-2021-21954 9.9
TALOS-2021-1378 Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_SERVER_LIST_REQUEST out-of-bounds write vulnerability 2021-11-29 CVE-2021-21950,CVE-2021-21951 10.0
TALOS-2021-1380 Anker Eufy Homebase 2 home_security process_msg() authentication bypass vulnerability 2021-11-29 CVE-2021-21953 7.7
TALOS-2021-1382 Anker Eufy Homebase 2 home_security get_aes_key_info_by_packetid() authentication bypass vulnerability 2021-11-29 CVE-2021-21955 7.7
TALOS-2021-1379 Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_RSA_KEY_REQUEST authentication bypass vulnerability 2021-11-29 CVE-2021-21952 9.4
TALOS-2021-1383 CloudLinux Inc Imunify360 Ai-Bolit php unserialize vulnerability 2021-11-22 CVE-021-21956 8.2
TALOS-2021-1363 Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'group_list' page 2021-11-22 CVE-2021-21915,CVE-2021-21916,CVE-2021-21917 7.7
TALOS-2021-1364 Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'company_list' page 2021-11-22 CVE-2021-21918,CVE-2021-21919 7.7
TALOS-2021-1366 Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'device_list' page 2021-11-22 CVE-2021-21924,CVE-2021-21925,CVE-21926,CVE-2021-21927,CVE-2021-21928,CVE-2021-21929,CVE-2021-21930,CVE-2021-21931,CVE-2021-21932,CVE-2021-21933,CVE-2021-21934,CVE-2021-21935,CVE-2021-21936,CVE-2021-21937 7.7
TALOS-2021-1365 Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'user_list' page 2021-11-22 CVE-2021-21920,CVE-2021-21921, CVE-2021-21922,CVE-2021-21923 7.7
TALOS-2021-1360 Advantech R-SeeNet installation privilege escalation vulnerability 2021-11-22 CVE-2021-21910, CVE-2021-21911, CVE-2021-21912 8.8
TALOS-2021-1351 LibreCad libdxfrw dxfRW::processLType() use-after-free vulnerability 2021-11-17 CVE-2021-21900 8.8
TALOS-2021-1350 LibreCad libdxfrw dwgCompressor::copyCompBytes21 heap-based buffer overflow vulnerability 2021-11-17 CVE-2021-21899 8.8
TALOS-2021-1349 LibreCad libdxfrw dwgCompressor::decompress18() out-of-bounds write vulnerability 2021-11-17 CVE-2021-21898 8.8
TALOS-2021-1348 Google Chrome WebRTC addIceCandidate use after free vulnerability 2021-11-16 CVE-2021-30602 8.3
TALOS-2021-1335 Lantronix PremierWave 2050 Web Manager FsUnmount stack-based buffer overflow vulnerability 2021-11-15 CVE-2021-21892 9.9
TALOS-2021-1326 Lantronix PremierWave 2050 Web Manager FsUnmount OS command injection vulnerability 2021-11-15 CVE-2021-21882 9.9
TALOS-2021-1323 Lantronix PremierWave 2050 Web Manager File Upload directory traversal vulnerability 2021-11-15 CVE-2021-21879 9.9
TALOS-2021-1330 Lantronix PremierWave 2050 Web Manager FSBrowsePage directory traversal vulnerability 2021-11-15 CVE-2021-21886 4.3
TALOS-2021-1315 Lantronix PremierWave 2050 Web Manager FsTFtp OS command injection vulnerabilities 2021-11-15 CVE-2021-21876,CVE-2021-21877 9.1
TALOS-2021-1327 Lantronix PremierWave 2050 Web Manager Diagnostics: Ping OS command injection vulnerability 2021-11-15 CVE-2021-21883 9.9
TALOS-2021-1338 Lantronix PremierWave 2050 Web Manager FsBrowseClean directory traversal vulnerability 2021-11-15 CVE-2021-21896 4.9
TALOS-2021-1331 Lantronix PremierWave 2050 Web Manager SslGenerateCSR stack-based buffer overflow vulnerability 2021-11-15 CVE-2021-21887 9.1
TALOS-2021-1328 Lantronix PremierWave 2050 Web Manager SslGenerateCSR OS command injection vulnerability 2021-11-15 CVE-2021-21884 9.1
TALOS-2021-1333 Lantronix PremierWave 2050 Web Manager Ping stack-based buffer overflow vulnerability 2021-11-15 CVE-2021-21889 9.9
TALOS-2021-1334 Lantronix PremierWave 2050 Web Manager FsBrowseClean stack-based buffer overflow vulnerability 2021-11-15 CVE-2021-21890,CVE-2021-21891 9.1
TALOS-2021-1337 Lantronix PremierWave 2050 Web Manager FsTFtp directory traversal vulnerability 2021-11-15 CVE-2021-21894,CVE-2021-21895 9.1
TALOS-2021-1312 Lantronix PremierWave 2050 Web Manager Diagnostics: Traceroute OS command injection vulnerability 2021-11-15 CVE-2021-21872 9.9
TALOS-2021-1329 Lantronix PremierWave 2050 Web Manager FsMove directory traversal vulnerability 2021-11-15 CVE-2021-21885 7.2
TALOS-2021-1314 Lantronix PremierWave 2050 Web Manager SSL Credential Upload OS command injection vulnerabilities 2021-11-15 CVE-2021-21873,CVE-2021-21874,CVE-2021-21875 9.1
TALOS-2021-1322 Lantronix PremierWave 2050 Web Manager Applications and FsBrowse local file inclusion vulnerability 2021-11-15 CVE-2021-21878 4.9
TALOS-2021-1325 Lantronix PremierWave 2050 Web Manager Wireless Network Scanner OS command injection vulnerability 2021-11-15 CVE-2021-21881 9.9
TALOS-2021-1332 Lantronix PremierWave 2050 Web Manager SslGenerateCertificate OS command injection vulnerability 2021-11-15 CVE-2021-21888 9.1
TALOS-2021-1324 Lantronix PremierWave 2050 Web Manager FsCopyFile directory traversal vulnerability 2021-11-15 CVE-2021-21880 7.2
TALOS-2021-1343 Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests offset calculation out-of-bounds read vulnerability 2021-11-09 CVE-2021-41376 2.3
TALOS-2021-1347 Microsoft Azure Sphere Pluton concurrent syscalls denial of service vulnerability 2021-11-09 -- 6.2
TALOS-2021-1339 Microsoft Azure Sphere Kernel GPIO_SET_PIN_CONFIG_IOCTL information disclosure vulnerability 2021-11-09 None 6.7
TALOS-2021-1344 Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging 1BL firmware downgrade vulnerability 2021-11-09 -- 6.0
TALOS-2021-1341 Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging stage-without-manifest denial of service vulnerability 2021-11-09 -- 6.0
TALOS-2021-1342 Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests image validation signature check bypass vulnerability 2021-11-09 CVE-2021-42300 6.0
TALOS-2021-1340 Microsoft Azure Sphere Kernel GPIO_GET_PIN_ACCESS_CONTROL_USER information disclosure vulnerability 2021-11-09 None 4.4
TALOS-2021-1402 Gerbv drill format T-code tool number out-of-bounds write vulnerability 2021-11-04 CVE-2021-40391 10.0
TALOS-2021-1319 ZTE MF971R xmlclient cross-site scripting vulnerability 2021-10-18 CVE-2021-21747 6.1
TALOS-2021-1318 ZTE MF971R sms_cmd_status_info cross-site scripting vulnerability 2021-10-18 CVE-2021-21746 6.1
TALOS-2021-1317 ZTE MF971R Referer authentication bypass vulnerability 2021-10-18 CVE-2021-21745 4.7
TALOS-2021-1316 ZTE MF971R goform_get_cmd_process Config Control External config control vulnerability 2021-10-18 CVE-2021-21744 5.4
TALOS-2021-1321 ZTE MF971R STK_PROCESS stack-based buffer overflow vulnerability 2021-10-18 CVE-2021-21749 8.3
TALOS-2021-1313 ZTE MF971R HTTP_HOST CRLF Injection vulnerability 2021-10-18 CVE-2021-21743 6.3
TALOS-2021-1320 ZTE MF971R ADB_MODE_SWITCH stack-based buffer overflow vulnerability 2021-10-18 CVE-2021-21748 9.6
TALOS-2021-1266 Nitro Pro PDF JavaScript TimeOutObject double free vulnerability 2021-10-13 CVE-2021-21797 8.8
TALOS-2021-1265 Nitro Pro PDF JavaScript local_file_path Object use-after-free vulnerability 2021-10-13 CVE-2021-21796 8.8
TALOS-2021-1259 Microsoft Office Excel 2019/365 ConditionalFormatting code execution vulnerability 2021-10-12 CVE-2021-40474 8.8
TALOS-2021-1369 Anker Eufy Homebase 2 pushMuxer processRtspInfo heap buffer overflow vulnerability 2021-10-11 CVE-2021-21940 10.0
TALOS-2021-1370 Anker Eufy Homebase 2 pushMuxer CreatePushThread use-after-free vulnerability 2021-10-11 CVE-2021-21941 10.0
TALOS-2021-1361 D-LINK DIR-3040 WiFi Smart Mesh information disclosure vulnerability 2021-09-23 CVE-2021-21913 10.0
TALOS-2021-1309 Microsoft Azure Sphere Security Monitor SMSyscallPeripheralAcquire information disclosure vulnerability 2021-09-14 None 4.4
TALOS-2021-1267 Nitro Pro PDF JavaScript document.flattenPages JSStackFrame stack-based use-after-free vulnerability 2021-09-13 CVE-2021-21798 8.8
TALOS-2021-1346 Ribbonsoft dxflib DL_Dxf::handleLWPolylineData heap-based buffer overflow vulnerability 2021-09-07 CVE-2021-21897 8.8
TALOS-2021-1295 Disc Soft Ltd Daemon Tools Pro ISO Parsing memory corruption vulnerability 2021-08-17 CVE-2021-21832 8.1
TALOS-2021-1298 GPAC Project Advanced Content MPEG-4 Decoding multiple integer truncation vulnerabilities 2021-08-16 CVE-2021-21859,CVE-2021-21860,CVE-2021-21861,CVE-2021-21862 8.8
TALOS-2021-1297 GPAC Project on Advanced Content library MPEG-4 Decoding multiple multiplication integer overflow vulnerabilities 2021-08-16 CVE-2021-21834, CVE-2021-21835, CVE-2021-21836, CVE-2021-21837, CVE-2021-21838, CVE-2021-21839, CVE-2021-21840, CVE-2021-21841, CVE-2021-21842, CVE-2021-21843, CVE-2021-21844, CVE-2021-21845, CVE-2021-21846, CVE-2021-21847, CVE-2021-21848, CVE-2021-21849, CVE-2021-21850, CVE-2021-21851, CVE-2021-21852 8.8
TALOS-2021-1299 GPAC Project Advanced Content MPEG-4 Decoding multiple integer addition overflow vulnerabilities 2021-08-16 CVE-2021-21853, CVE-2021-21854,CVE-2021-21855,CVE-2021-21856,CVE-2021-21857,CVE-2021-21858 8.8
TALOS-2021-1279 AT&T Labs Xmill XML parsing CreateLabelOrAttrib memory corruption vulnerability 2021-08-11 CVE-2021-21811 8.1
TALOS-2021-1278 AT&T Labs Xmill XML parsing ParseAttribs memory corruption vulnerability 2021-08-10 CVE-2021-21810 8.1
TALOS-2021-1280 AT&T Labs Xmill multiple command line parsing vulnerabilities 2021-08-10 CVE-2021-21812, CVE-2021-21813, CVE-2021-21814, CVE-2021-21815 7.8
TALOS-2021-1292 AT&T Labs Xmill XML decompression EnumerationUncompressor::UncompressItem heap-based buffer overflow vulnerability 2021-08-10 CVE-2021-21829 8.1
TALOS-2021-1290 AT&T Labs Xmill XML decompression PlainTextUncompressor::UncompressItem heap-based buffer overflow vulnerability 2021-08-10 CVE-2021-21825 8.1
TALOS-2021-1310 Microsoft Azure Sphere Security Monitor SMSyscallWriteBlockToStageImage information disclosure vulnerability 2021-08-10 None 4.4
TALOS-2021-1293 AT&T Labs Xmill XML decompression LabelDict::Load heap-based buffer overflow vulnerability 2021-08-10 CVE-2021-21830 8.1
TALOS-2021-1291 AT&T Labs Xmill XML decompression DecodeTreeBlock multiple heap-based buffer overflow vulnerabilities 2021-08-10 CVE-2021-21826, CVE-2021-21827, CVE-2021-21828 8.1
TALOS-2021-1311 Microsoft Azure Sphere Security Monitor SECTION_ABIDepends denial of service vulnerability 2021-08-10 None 6.0
TALOS-2021-1345 Mozilla Firefox MediaCacheStream::NotifyDataReceived use-after-free vulnerability 2021-08-10 CVE-2021-29985 8.8
TALOS-2020-1212 tinyobjloader LoadObj improper array index validation vulnerability 2021-07-30 CVE-2020-28589 9.6
TALOS-2021-1307 Foxit Reader FileAttachment annotation use-after-free vulnerability redux 2021-07-27 CVE-2021-21870 8.8
TALOS-2021-1336 Foxit Reader Field OnFocus event use-after-free vulnerability 2021-07-27 CVE-2021-21893 8.8
TALOS-2021-1294 Foxit Reader removeField use-after-free vulnerability 2021-07-27 CVE-2021-21831 8.8
TALOS-2021-1306 CODESYS Development System Engine.plugin ProfileInformation ProfileData Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21869 8.8
TALOS-2021-1305 CODESYS Development System ObjectManager.plugin Project.get_MissingTypes() Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21868 8.8
TALOS-2021-1300 CODESYS Development System ComponentModel Profile.FromFile() Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21863 8.8
TALOS-2021-1304 CODESYS Development System ObjectManager.plugin ObjectStream.ProfileByteArray Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21867 8.8
TALOS-2021-1303 CODESYS Development System ObjectManager.plugin ProfileInformation.ProfileData Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21866 8.8
TALOS-2021-1302 CODESYS Development System PackageManagement.plugin ExtensionMethods.Clone() Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21865 8.8
TALOS-2021-1301 CODESYS Development System ComponentModel ComponentManager.StartupCultureSettings Unsafe Deserialization vulnerability 2021-07-26 CVE-2021-21864 7.8
TALOS-2021-1274 Advantech R-SeeNet ping.php OS Command Injection vulnerability 2021-07-15 CVE-2021-21805 9.8
TALOS-2021-1273 Advantech R-SeeNet options.php local file inclusion (LFI) vulnerability 2021-07-15 CVE-2021-21804 8.1
TALOS-2021-1272 Advantech R-SeeNet device_graph_page.php Multiple Reflected XSS vulnerabilities 2021-07-15 CVE-2021-21801, CVE-2021-21802, CVE-2021-21803 9.6
TALOS-2021-1271 Advantech R-SeeNet ssh_form.php Reflected XSS vulnerability 2021-07-15 CVE-2021-21800 9.6
TALOS-2021-1285 D-LINK DIR-3040 Libcli test environment hard-coded password vulnerability 2021-07-15 CVE-2021-21820 10.0
TALOS-2021-1283 D-LINK DIR-3040 Syslog information disclosure vulnerability 2021-07-15 CVE-2021-21818 6.5
TALOS-2021-1281 D-LINK DIR-3040 Syslog information disclosure vulnerability 2021-07-15 CVE-2021-21816 6.5
TALOS-2021-1282 D-LINK DIR-3040 Zebra IP routing manager information disclosure vulnerability 2021-07-15 CVE-2021-21817 7.5
TALOS-2021-1284 D-LINK DIR-3040 Libcli command injection vulnerability 2021-07-15 CVE-2021-21819 9.1
TALOS-2021-1270 Advantech R-SeeNet telnet_form.php Reflected XSS vulnerability 2021-07-15 CVE-2021-21799 9.6
TALOS-2021-1252 IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c40a148 vulnerability 2021-07-07 CVE-2021-21785 6.5
TALOS-2021-1254 IOBit Advanced SystemCare ultimate privileged I/O write vulnerabilities 2021-07-07 CVE-2021-21787, CVE-2021-21788,CVE-2021-21789 8.8
TALOS-2021-1255 IOBit Advanced SystemCare Ultimate Privileged I/O Read vulnerabilities 2021-07-07 CVE-2021-21790, CVE-2021-21791, CVE-2021-21792 6.5
TALOS-2021-1253 IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c406144 vulnerability 2021-07-07 CVE-2021-21786 8.8
TALOS-2021-1308 PowerISO DMG File Format Handler memory corruption vulnerability 2021-06-28 CVE-2021-21871 8.8
TALOS-2021-1277 Moodle spellchecker plugin command execution vulnerability 2021-06-22 CVE-2021-21809 8.2
TALOS-2021-1234 EIP Stack Group OpENer Ethernet/IP UDP handler information disclosure vulnerability 2021-06-16 CVE-2021-21777 8.6
TALOS-2021-1288 Komoot GmbH Komoot Friend finder information disclosure vulnerability 2021-06-09 CVE-2021-21823 5.3
TALOS-2021-1251 Google Chrome WebAudio blink::AudioNodeOutput::Pull code execution vulnerability 2021-06-08 CVE-2021-30522 8.3
TALOS-2021-1238 Webkit WebCore::GraphicsContext use-after-free vulnerability 2021-06-02 CVE-2021-21779 6.8
TALOS-2021-1246 Apple macOS SMB server TREE_CONNECT stack buffer overflow vulnerability 2021-06-02 CVE-2020-10005 8.5
TALOS-2021-1229 Webkit ImageLoader dispatchPendingErrorEvent use-after-free vulnerability 2021-06-02 CVE-2021-21775 6.8
TALOS-2021-1268 Apple macOS SMB server create file request uninitialized memory disclosure 2021-06-02 CVE-2021-30722 6.5
TALOS-2021-1260 Apple macOS SMB server directory query request integer overflow vulnerability 2021-06-02 CVE-2021-30717 7.5
TALOS-2021-1263 Apple macOS SMB server lock request infinite loop 2021-06-02 CVE-2021-30716 6.5
TALOS-2021-1269 Apple macOS SMB server directory query arbitrary file access 2021-06-02 CVE-2021-30721 4.3
TALOS-2021-1258 Apple macOS SMB server IOCTL request uninitialized stack variable vulnerability 2021-06-02 CVE-2021-30712 4.2
TALOS-2021-1276 Accusoft ImageGear PNG png_palette_process memory corruption vulnerability 2021-06-01 CVE-2021-21808 8.1
TALOS-2021-1296 Accusoft ImageGear TIF IP_planar_raster_unpack improper array index validation vulnerability 2021-06-01 CVE-2021-21833 9.8
TALOS-2021-1261 Accusoft ImageGear TIF bits_per_sample processing out-of-bounds write vulnerability 2021-06-01 CVE-2021-21794 9.8
TALOS-2021-1257 Accusoft ImageGear JPG sof_nb_comp header processing out-of-bounds write vulnerability 2021-06-01 CVE-2021-21793 9.8
TALOS-2021-1286 Accusoft ImageGear PDF process_fontname stack-based buffer overflow vulnerability 2021-06-01 CVE-2021-21821 9.8
TALOS-2021-1289 Accusoft ImageGear JPG Handle_JPEG420 out-of-bounds write vulnerability 2021-06-01 CVE-2021-21824 8.1
TALOS-2021-1275 Accusoft ImageGear DICOM parse_dicom_meta_info integer overflow vulnerability 2021-06-01 CVE-2021-21807 9.8
TALOS-2021-1243 Linux Kernel Arm SIGPAGE information disclosure vulnerability 2021-05-28 CVE-2021-21781 4.0
TALOS-2021-1230 Trend Micro, Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability 2021-05-24 CVE-2021-32457 7.8
TALOS-2021-1241 Trend Micro Inc. Home Network Security SFTP log collection server hard-coded password vulnerability 2021-05-24 CVE-2021-32459 4.9
TALOS-2021-1231 Trend Micro Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability 2021-05-24 CVE-2021-32458 7.8
TALOS-2021-1237 Apple macOS SMB server signature verification information disclosure vulnerability 2021-05-19 CVE-2021-1878 7.1
TALOS-2021-1235 Google Chrome AudioDelayDSPKernel::ProcessKRate heap-based buffer overflow vulnerability 2021-05-19 CVE-2021-21160 8.8
TALOS-2021-1233 Adobe Acrobat Reader DC JavaScript search query code execution vulnerability 2021-05-11 CVE-2021-28562 8.0
TALOS-2021-1287 Foxit Reader FileAttachment annotation use-after-free vulnerability 2021-05-06 CVE-2021-21822 8.8
TALOS-2021-1236 MZ Automation GmbH lib60870.NET ASDU message processing denial of service vulnerability 2021-04-26 CVE-2021-21778 7.5
TALOS-2020-1142 Systemd DHCP client denial-of-service vulnerability 2021-04-26 CVE-2020-13529 6.1
TALOS-2021-1240 Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability 2021-04-22 None 7.4
TALOS-2021-1239 Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability 2021-04-22 None 7.4
TALOS-2020-1219 Prusa Research PrusaSlicer Obj.cpp load_obj() out-of-bounds write vulnerability 2021-04-21 CVE-2020-28595 8.8
TALOS-2020-1220 Prusa Research PrusaSlicer Objparser::objparse() stack-based buffer overflow vulnerability 2021-04-21 CVE-2020-28596 8.8
TALOS-2020-1222 Prusa Research PrusaSlicer Admesh stl_fix_normal_directions() out-of-bounds write vulnerability 2021-04-21 CVE-2020-28598 8.8
TALOS-2020-1160 Synology QuickConnect servers HTTP redirection Information Disclosure Vulnerability 2021-04-19 CVE-2021-26564, CVE-2021-26565, CVE-2021-26566 8.3
TALOS-2020-1159 Synology DSM synoagentregisterd server finder out-of-bounds write vulnerability 2021-04-19 CVE-2021-26560, CVE-2021-26561, CVE-2021-26562 9.4
TALOS-2020-1216 Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability 2021-04-15 CVE-2020-28592 8.1
TALOS-2020-1217 Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability 2021-04-15 CVE-2020-28593 8.1
TALOS-2021-1262 Microsoft Azure Sphere Kernel pwm_ioctl_apply_state kfree() code execution vulnerability 2021-04-13 CVE-2021-28460 8.1
TALOS-2020-1204 OpenClinic GA installation privilege escalation vulnerability 2021-04-13 CVE-2020-27228 8.8
TALOS-2020-1207 OpenClinic GA web portal multiple SQL injection vulnerabilities in the 'getAssets.jsp' page 2021-04-13 CVE-2020-27233, CVE-2020-27234, CVE-2020-27235, CVE-2020-27236, CVE-2020-27237, CVE-2020-27238, CVE-2020-27239, CVE-2020-27240, CVE-2020-27241 6.4
TALOS-2021-1249 Microsoft Azure Sphere Linux namespace ptrace unsigned code execution vulnerability 2021-04-13 CVE-2021-27074 6.2
TALOS-2020-1206 OpenClinic GA Web portal SQL injection vulnerability in 'manageServiceStocks.jsp' page 2021-04-13 CVE-2020-27232 6.4
TALOS-2020-1203 OpenClinic GA unauthenticated command injection vulnerability 2021-04-13 CVE-2020-27227 10.0
TALOS-2021-1247 Microsoft Azure Sphere mount namespace unsigned code execution vulnerability 2021-04-13 CVE-2021-27074 6.2
TALOS-2021-1250 Microsoft Azure Sphere mqueue inode initialization kernel code execution vulnerability 2021-04-13 CVE-2021-27080 9.3
TALOS-2020-1202 OpenClinic GA web portal SQL injection vulnerability in 'statistics/quickFile.jsp' page 2021-04-13 CVE-2020-27226 6.4
TALOS-2020-1205 OpenClinic GA web portal multiple SQL injection vulnerabilities in 'patientslist.do' page 2021-04-13 CVE-2020-27229, CVE-2020-27230, CVE-2020-27231 6.4
TALOS-2020-1208 OpenClinic GA web portal multiple SQL injection vulnerabilities in 'listImmoLabels.jsp' page 2021-04-13 CVE-2020-27242, CVE-2020-27243, CVE-2020-27244, CVE-2020-27245, CVE-2020-27246 6.4
TALOS-2020-1200 Rukovoditel Project Management App application SQL injection vulnerability in the 'access_rules/rules_form' page 2021-04-08 CVE-2020-13591 5.4
TALOS-2020-1199 Rukovoditel Project Management App multiple SQL injection vulnerabilities in the 'entities/fields' page 2021-04-08 CVE-2020-13588, CVE-2020-13589, CVE-2020-13599 5.4
TALOS-2020-1201 Rukovoditel Project Management App application SQL injection vulnerability in the 'global_lists/choices' page 2021-04-08 CVE-2020-13592 5.4
TALOS-2020-1146 Dream Report platform privilege escalation vulnerability 2021-04-08 CVE-2020-13532, CVE-2020-13533, CVE-2020-13534 9.3
TALOS-2020-1198 Rukovoditel Project Management App SQL injection vulnerability in the 'forms_fields_rules/rules' page 2021-04-08 CVE-2020-13587 5.4
TALOS-2021-1244 Accusoft ImageGear SGI format buffer size processing out-of-bounds write vulnerability 2021-03-30 CVE-2021-21782 9.8
TALOS-2021-1232 Accusoft ImageGear SGI Format Buffer Size Processing out-of-bounds write vulnerability 2021-03-30 CVE-2021-21776 9.8
TALOS-2021-1227 Accusoft ImageGear TIFF Header count processing out-of-bounds write vulnerability 2021-03-30 CVE-2021-21773 8.1
TALOS-2021-1245 Genivia gSOAP WS-Addressing plugin code execution vulnerability redux 2021-03-24 CVE-2021-21783 9.8
TALOS-2021-1264 Accusoft ImageGear PSD read_icc_icCurve_data heap-based buffer overflow vulnerability 2021-03-16 CVE-2021-21795 9.8
TALOS-2020-1226 3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability 2021-03-10 CVE-2021-21772 8.1
TALOS-2021-1226 3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability 2021-03-10 CVE-2021-21772 8.1
TALOS-2021-1248 Accusoft ImageGear JPG format SOF marker processing out-of-bounds write vulnerability 2021-03-02 CVE-2021-21784 9.8
TALOS-2020-1213 Slic3r libslic3r Obj File TriangleMesh::TriangleMesh() out-of-bounds read vulnerability 2021-02-24 CVE-2020-28590 8.6
TALOS-2020-1225 CGAL libcgal multiple code execution vulnerabilities in Nef polygon-parsing code 2021-02-24 CVE-2020-28601,CVE-2020-28602,CVE-2020-28603,CVE-2020-28604,CVE-2020-28605,CVE-2020-28606,CVE-2020-28607,CVE-2020-28608,CVE-2020-28609,CVE-2020-28610,CVE-2020-28611,CVE-2020-28612,CVE-2020-28613,CVE-2020-28614,CVE-2020-28615,CVE-2020-28616, CVE-2020-28617,CVE-2020-28618,CVE-2020-28619,CVE-2020-28620, CVE-2020-28621,CVE-2020-28622,CVE-2020-28623,CVE-2020-28624,CVE-2020-28625,CVE-2020-28626,CVE-2020-28627,CVE-2020-28628,CVE-2020-28629,CVE-2020-28630,CVE-2020-28631,CVE-2020-28632,CVE-2020-28633,CVE-2020-28634,CVE-2020-28635,CVE-2020-28636,CVE-2020-35628,CVE-2020-35629,CVE-2020-35630, CVE-2020-35631,CVE-2020-35632,CVE-2020-35633,CVE-2020-35634,CVE-2020-35635,CVE-2020-35636 10.0
TALOS-2020-1224 Openscad import_stl.cc:import_stl() out-of-bounds stack write vulnerability 2021-02-23 CVE-2020-28600 8.8
TALOS-2020-1223 Openscad import_stl.cc:import_stl() stack-based buffer overflow vulnerability 2021-02-23 CVE-2020-28599 8.8
TALOS-2020-1167 Sytech XL reporter installation privilege escalation vulnerability 2021-02-19 CVE-2020-13549 8.8
TALOS-2020-1169 Advantech WebAccess/SCADA installation privilege escalation vulnerability 2021-02-16 CVE-2020-13551, CVE-2020-13552, CVE-2020-13553, CVE-2020-13554, CVE-2020-13555 8.8
TALOS-2020-1168 Advantech WebAccess/SCADA installation local file inclusion 2021-02-16 CVE-2020-13550 7.7
TALOS-2020-1182 Accusoft ImageGear SGI RLE decompression out-of-bounds write vulnerability 2021-02-09 CVE-2020-13571 9.8
TALOS-2020-1196 Accusoft ImageGear PSD Header processing out-of-bounds write vulnerability 2021-02-09 CVE-2020-13585 9.8
TALOS-2020-1176 Accusoft ImageGear TIFF index record out-of-bounds write vulnerability 2021-02-09 CVE-2020-13561 9.8
TALOS-2020-1183 Accusoft ImageGear GIF LZW decoder heap overflow vulnerability 2021-02-05 CVE-2020-13572 9.8
TALOS-2020-1191 SoftMaker Office PlanMaker Document Record 0x8010 out-of-bounds write vulnerability 2021-02-03 CVE-2020-13580 8.8
TALOS-2020-1210 SoftMaker Office PlanMaker Excel document CEscherObject::ReadNativeProperties multiple heap buffer overflow vulnerabilities 2021-02-03 CVE-2020-27247, CVE-2020-27248, CVE-2020-27249,CVE-2020-27250,CVE-2020-28587 8.8
TALOS-2020-1190 SoftMaker Office PlanMaker Document Records 0x8011 and 0x820a integer overflow vulnerability 2021-02-03 CVE-2020-13579 8.8
TALOS-2020-1192 SoftMaker Office PlanMaker Document Record 0x800d memory corruption vulnerability 2021-02-03 CVE-2020-13581 8.8
TALOS-2020-1197 SoftMaker Office PlanMaker Excel document record 0x00fc memory corruption vulnerability 2021-02-03 CVE-2020-13586 8.8
TALOS-2020-1008 Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Network Segment Denial of Service Vulnerability 2021-02-02 CVE-2020-6088 7.5
TALOS-2020-1179 phpGACL database multiple SQL injection vulnerabilities 2021-01-27 CVE-2020-13566, CVE-2020-13568 8.8
TALOS-2020-1177 phpGACL template multiple cross-site scripting vulnerabilities 2021-01-27 CVE-2020-13562, CVE-2020-13563, CVE-2020-13564 9.6
TALOS-2020-1180 OpenEMR GACL cross-site request forgery vulnerability 2021-01-27 CVE-2020-13569 8.8
TALOS-2020-1178 phpGACL return_page redirection open redirect vulnerability 2021-01-27 CVE-2020-13565 6.1
TALOS-2020-1194 Micrium uC-HTTP HTTP Server null pointer dereference denial-of-service vulnerability 2021-01-26 CVE-2020-13583 8.6
TALOS-2020-1193 Micrium uC-HTTP HTTP Server unchecked return value denial-of-service vulnerability 2021-01-26 CVE-2020-13582 8.6
TALOS-2020-1174 FreyrSCADA IEC-60879-5-104 server simulator traffic logging denial-of-service vulnerability 2021-01-11 CVE--2020-13559 5.9
TALOS-2020-1184 Rockwell Automation RSLinx classic ethernet/IP server denial-of-service vulnerability 2021-01-07 CVE-2020-13573 7.5
TALOS-2020-1161 SoftMaker Office TextMaker Document Record 0x001f sign-extension vulnerability 2021-01-05 CVE-2020-13544 8.8
TALOS-2020-1162 SoftMaker Office TextMaker Document Record 0x003f integer conversion vulnerability 2021-01-05 CVE-2020-13545 8.8
TALOS-2020-1187 Genivia gSOAP WS-Addressing plugin code execution vulnerability 2021-01-05 CVE-2020-13576 9.8
TALOS-2020-1185 Genivia gSOAP WS-Security plugin denial-of-service vulnerability 2021-01-05 CVE-2020-13574 7.5
TALOS-2020-1163 SoftMaker Office TextMaker Document Record 0x002a integer overflow vulnerability 2021-01-05 CVE-2020-13546 8.8
TALOS-2020-1189 Genivia gSOAP WS-Security plugin denial-of-service vulnerability 2021-01-05 CVE-2020-13578 7.5
TALOS-2020-1186 Genivia gSOAP WS-Addressing plugin denial-of-service vulnerability 2021-01-05 CVE-2020-13575 7.5
TALOS-2020-1188 Genivia gSOAP WS-Security plugin denial-of-service vulnerability 2021-01-05 CVE-2020-13577 7.5
TALOS-2020-1150 Win-911 Enterprise Platform privilege escalation vulnerability 2021-01-04 CVE-2020-13539, CVE-2020-13540 9.3
TALOS-2020-1151 Win-911 mobile server platform privilege escalation vulnerability 2021-01-04 CVE-2020-13541 9.3
TALOS-2020-1141 Microsoft Azure Sphere networkd mdns denial-of-service vulnerability 2020-12-18 -- 5.9
TALOS-2020-1111 NZXT CAM WinRing0x64 Driver Privileged I/O Write IRPs Privilege Escalation Vulnerability 2020-12-16 CVE-2020-13512, CVE-2020-13513, CVE-2020-13514 8.8
TALOS-2020-1113 NZXT CAM WinRing0x64 driver IRP 0x9c406144 information disclosure vulnerability 2020-12-16 CVE-2020-13516 6.5
TALOS-2020-1136 Lantronix XPort EDGE Web Manager and telnet CLI cleartext transmission of sensitive information vulnerability 2020-12-16 CVE-2020-13528 3.1
TALOS-2020-1147 Kepware LinkMaster Service privilege escalation vulnerability 2020-12-16 CVE-2020-13535 9 .3
TALOS-2020-1116 NZXT CAM WinRing0x64 driver IRP 0x9c402088 privilege escalation vulnerability 2020-12-16 CVE-2020-13519 8.8
TALOS-2020-1114 NZXT CAM WinRing0x64 Driver IRP 0x9c406104 information disclosure vulnerability 2020-12-16 CVE-2020-13517 6.5
TALOS-2020-1110 NZXT CAM WinRing0x64 driver privileged I/O read IRPs information disclosure vulnerability 2020-12-16 CVE-2020-13509, CVE-2020-13511 6.5
TALOS-2020-1112 NZXT CAM WinRing0x64 driver IRP 0x9c40a148 privilege escalation vulnerability 2020-12-16 CVE-2020-13515 8.8
TALOS-2020-1135 Lantronix XPort EDGE Web Manager CSRF vulnerability 2020-12-16 CVE-2020-13527 4.8
TALOS-2020-1115 NZXT CAM WinRing0x64 driver IRP 0x9c402084 information disclosure vulnerability 2020-12-16 CVE-2020-13518 6.5
TALOS-2020-1171 Foxit Reader JavaScript choice field use-after-free vulnerability 2020-12-09 CVE-2020-13557 8.8
TALOS-2020-1166 Foxit Reader Javascript Field fileSelect Use After Free Vulnerability 2020-12-09 CVE-2020-13548 8.0
TALOS-2020-1165 Foxit Reader JavaScript media openPlayer type confusion vulnerability 2020-12-09 CVE-2020-13547 8.8
TALOS-2020-1181 Foxit Reader JavaScript remove template use-after-free vulnerability 2020-12-09 CVE-2020-13570 7.5
TALOS-2020-1175 Foxit Reader JavaScript choice field format event use-after-free vulnerability 2020-12-09 CVE-2020-13560 8.8
TALOS-2020-1153 Microsoft Office ElementType code execution vulnerability 2020-12-08 CVE-2020-17123 8.8
TALOS-2020-1140 Schneider Electric EcoStruxure Control Expert PLC Simulator Modbus message processing remote code execution vulnerability 2020-12-08 CVE-2020-7559 10.0
TALOS-2020-1144 Schneider Electric EcoStruxure Control Expert APX project file processing code execution vulnerability 2020-12-08 CVE-2020-7560 8.6
TALOS-2020-1170 EIP Stack Group OpENer Ethernet/IP server out-of-bounds write vulnerability 2020-12-02 CVE-2020-13556 9.8
TALOS-2020-1143 EIP Stack Group OpENer ethernet/IP server denial-of-service vulnerability 2020-12-02 CVE-2020-13530 7.5
TALOS-2020-1155 Webkit WebSocket code execution vulnerability 2020-11-30 CVE-2020-13543 8.8
TALOS-2020-1195 Webkit ImageDecoderGStreamer use-after-free vulnerability 2020-11-30 CVE-2020-13584 8.8
TALOS-2020-1126 ProcessMaker sort parameter multiple SQL Injection Vulnerabilities 2020-11-17 CVE-2020-13525, CVE-2020-13526 6.4
TALOS-2020-1125 Pixar OpenUSD binary file format specs memory corruption 2020-11-12 CVE-2020-13524 6.3
TALOS-2020-1103 Pixar OpenUSD Binary File Format Token Strings Information Leak Vulnerability 2020-11-12 CVE-2020-13494 4.3
TALOS-2020-1101 Pixar OpenUSD Binary File Format Compressed Value Reps Code Execution Vulnerabilities 2020-11-12 CVE-2020-6155 8.8
TALOS-2020-1120 Pixar OpenUSD Binary File Format Decompressed Path Rebuilding Memory corruption 2020-11-12 CVE-2020-13520 8.8
TALOS-2020-1105 Pixar OpenUSD binary file format index type values information leak vulnerability 2020-11-12 CVE-2020-13498,CVE-2020-13496,CVE-2020-13497 4.3
TALOS-2020-1094 Pixar OpenUSD binary file format compressed sections code execution vulnerabilities 2020-11-12 CVE-2020-6147, CVE-2020-6148, CVE-2020-6149, CVE-2020-6150, CVE-2020-6156, CVE-2020-13493 8.8
TALOS-2020-1145 Pixar OpenUSD SDF layer path remote code execution 2020-11-12 CVE-2020-13531 8.8
TALOS-2020-1104 Pixar OpenUSD binary file format offset seek information leak vulnerability 2020-11-12 CVE-2020-9973 4.3
TALOS-2020-1154 LogicalDoc installation privilege escalation vulnerability 2020-11-10 CVE-2020-13542 9.3
TALOS-2020-1032 BIMx Desktop Viewer Resource Parsing Integer Overflow Vulnerability 2020-11-06 CVE-2020-6099 8.8
TALOS-2020-1156 Adobe Acrobat Reader DC form field format use after free 2020-11-05 CVE-2020-24437 8.8
TALOS-2020-1157 Adobe Acrobat Reader DC JavaScript submitForm heap buffer overflow redux 2020-11-05 CVE-2020-24435 8.8
TALOS-2020-1148 Moxa MXView series installation privilege escalation vulnerability 2020-11-03 CVE-2020-13537,CVE-2020-13536 9.3
TALOS-2020-1086 Synology SRM web interface session cookie HttpOnly flag information disclosure vulnerability 2020-10-30 CVE-2020-27658 7.5
TALOS-2020-1058 Synology SRM QuickConnect authentication Information Disclosure Vulnerability 2020-10-29 CVE-2020-27649 8.3
TALOS-2020-1061 Synology SRM QuickConnect HTTP connection Information Disclosure Vulnerability 2020-10-29 CVE-2020-27653 8.3
TALOS-2020-1060 Synology QuickConnect servers HTTP redirection Information Disclosure Vulnerability 2020-10-29 None 8.3
TALOS-2020-1071 Synology SRM dnsExit DDNS provider information disclosure vulnerability 2020-10-29 CVE-2020-27656-CVE-2020-27657 4.0
TALOS-2020-1065 Synology SRM lbd service Command Execution Vulnerability 2020-10-29 CVE-2020-27654, CVE-2020-11117 9.6
TALOS-2020-1066 Synology SRM QuickConnect iptables network misconfiguration vulnerability 2020-10-29 CVE-2020-27655 6.5
TALOS-2020-1059 Synology SRM web interface session cookie secure flag Information Disclosure Vulnerability 2020-10-29 CVE-2020-27651 8.3
TALOS-2020-1064 Synology QuickConnect servers network misconfiguration vulnerability 2020-10-29 -- 6.5
TALOS-2020-1123 Google Chrome DrawElementsInstanced information leak vulnerability 2020-10-22 CVE-2020-6555 6.8
TALOS-2020-1127 Google Chrome WebGL Buffer11::getBufferStorage Code Execution Vulnerability 2020-10-20 CVE-2020-6542 8.3
TALOS-2020-1049 F2fs-Tools F2fs.Fsck dev_read Information Disclosure Vulnerability 2020-10-14 CVE-2020-6107 4.4
TALOS-2020-1050 F2fs-Tools F2fs.Fsck fsck_chk_orphan_node Code Execution Vulnerability 2020-10-14 CVE-2020-6108 8.2
TALOS-2020-1046 F2fs-Tools F2fs.Fsck filesystem checking Information Disclosure Vulnerability 2020-10-14 CVE-2020-6104 4.4
TALOS-2020-1047 F2fs-Tools F2fs.Fsck Multiple Devices Code Execution Vulnerability 2020-10-14 CVE-2020-6105 8.2
TALOS-2020-1048 F2fs-Tools F2fs.Fsck init_node_manager Information Disclosure Vulnerability 2020-10-14 CVE-2020-6106 4.4
TALOS-2020-1005 Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Port Segment Denial of Service Vulnerability 2020-10-13 CVE-2020-6083 7.5
TALOS-2020-1006 Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Logical Segment Denial of Service Vulnerability 2020-10-13 CVE-2020-6084, CVE-2020-6085 7.5
TALOS-2020-1057 Allen-Bradley MicroLogix 1100 programmable logic controller systems IPv4 denial-of-service vulnerability 2020-10-13 CVE-2020-6111 7.5
TALOS-2020-1007 Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Data Segment Denial of Service Vulnerability 2020-10-13 CVE-2020-6086, CVE-2020-6087 7.5
TALOS-2020-1102 AMD ATIKMDAG.SYS D3DKMTEscape handler Denial of Service Vulnerability 2020-10-13 CVE-2020-12933 7.1
TALOS-2020-1119 AMD ATIKMDAG.SYS D3DKMTCreateAllocation handler denial-of-service vulnerability 2020-10-07 CVE-2020-12911 7.1
TALOS-2020-1035 NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV code execution vulnerability 2020-09-30 CVE‑2020‑5981 8.5
TALOS-2020-1038 NVIDIA D3D10 Driver nvwgf2umx_cfg.dll nvwg DCL_CONSTANT_BUFFER code execution vulnerability 2020-09-30 CVE‑2020‑5981 8.5
TALOS-2020-1034 NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV_SAT code execution vulnerability 2020-09-30 CVE‑2020‑5981 8.5
TALOS-2020-1037 NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MUL code execution vulnerability 2020-09-30 CVE‑2020‑5981 8.5
TALOS-2020-1124 Apple Safari/Webkit aboutBlankURL() code execution vulnerability 2020-09-30 CVE-2020-9951 8.8
TALOS-2020-1129 Microsoft Azure Sphere Littlefs Quota denial of service vulnerability 2020-09-23 CVE-2020-16986 9.0
TALOS-2020-1106 Aveva eDNA Enterprise data historian CHaD.asmx multiple SQL injection vulnerabilities 2020-09-23 CVE-2020-13501,CVE-2020-13499,CVE-2020-13500 9.8
TALOS-2020-1130 Microsoft Azure Sphere Littlefs truncate information disclosure vulnerability 2020-09-23 None 7.1
TALOS-2020-1134 Microsoft Azure Sphere Normal World application PACKET_MMAP unsigned code execution vulnerability 2020-09-23 None 5.5
TALOS-2020-1139 Microsoft Azure Sphere Pluton SIGN_WITH_TENANT_ATTESTATION_KEY memory corruption vulnerability 2020-09-23 None 9.3
TALOS-2020-1084 Nitro Pro PDF ICCBased ColorSpace Stroke Color Code Execution Vulnerability 2020-09-15 CVE-2020-6146 8.8
TALOS-2020-1070 Nitro Pro Indexed ColorSpace Rendering Code Execution Vulnerability 2020-09-15 CVE-2020-6116 8.8
TALOS-2020-1068 Nitro Pro XRefTable Entry Missing Object Code Execution Vulnerability 2020-09-15 CVE-2020-6115 8.8
TALOS-2020-1063 Nitro Pro PDF Object Stream Parsing Number of Objects Remote Code Execution Vulnerability 2020-09-15 CVE-2020-6113 8.8
TALOS-2020-1062 Nitro Pro PDF JPEG2000 Stripe Sub-sample Decoding Out-of-bounds Write Code Execution Vulnerability 2020-09-15 CVE-2020-6112 8.8
TALOS-2020-1092 Google Chrome PDFium Javascript Active Document Memory Corruption Vulnerability 2020-09-14 CVE-2020-6513 6.3
TALOS-2020-1098 Microsoft Windows 10 CLFS.sys ValidateRegionBlocks privilege escalation vulnerability 2020-09-08 CVE-2020-1115 8.8
TALOS-2020-1096 Accusoft ImageGear DICOM parse_dicom_meta_info code execution vulnerability 2020-09-01 CVE-2020-6152 9.8
TALOS-2020-1095 Accusoft ImageGear TIFF handle_COMPRESSION_PACKBITS memory corruption vulnerability 2020-09-01 CVE-2020-6151 8.1
TALOS-2020-1073 OS4Ed openSIS email parameter SQL injection vulnerability 2020-08-31 CVE-2020-6123, CVE-2020-6124 6.4
TALOS-2020-1081 OS4Ed openSIS login SQL injection vulnerability 2020-08-31 CVE-2020-6141 9.8
TALOS-2020-1077 OS4Ed openSIS id parameter multiple SQL injection vulnerabilities 2020-08-31 CVE-2020-6132, CVE-2020-6133, CVE-2020-6134 6.4
TALOS-2020-1076 OS4Ed openSIS course_period_id parameter multiple SQL injection vulnerabilities 2020-08-31 CVE-2020-6129, CVE-2020-6130, CVE-2020-6131 6.4
TALOS-2020-1075 OS4Ed openSIS CoursePeriodModal.php page multiple SQL injection vulnerabilities 2020-08-31 CVE-2020-6126, CVE-2020-6127, CVE-2020-6128 6.4
TALOS-2020-1082 OS4Ed openSIS Modules.php remote code execution vulnerability 2020-08-31 CVE-2020-6142 9.9
TALOS-2020-1072 OS4Ed openSIS CheckDuplicateStudent.php page SQL injection vulnerability 2020-08-31 CVE-2020-6117,CVE-2020-6119,CVE-2020-6121,CVE-2020-6118,CVE-2020-6120,CVE-2020-6122 6.4
TALOS-2020-1078 OS4Ed openSIS Validator.php SQL injection vulnerability 2020-08-31 CVE-2020-6135 6.4
TALOS-2020-1083 OS4Ed openSIS install remote code execution vulnerability 2020-08-31 CVE-2020-6143, CVE-2020-6144 10.0
TALOS-2020-1074 OS4Ed openSIS GetSchool.php SQL injection Vulnerability 2020-08-31 CVE-2020-6125 6.4
TALOS-2020-1080 OS4Ed openSIS Password Reset Multiple SQL injection vulnerabilities 2020-08-31 CVE-2020-6137, CVE-2020-6138, CVE-2020-6139, CVE-2020-6140 9.8
TALOS-2020-1079 OS4Ed openSIS DownloadWindow.php SQL injection vulnerability 2020-08-31 CVE-2020-6136 6.4
TALOS-2020-1036 NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV2 code execution vulnerability 2020-08-30 CVE‑2020‑5981 8.5
TALOS-2020-1029 atftpd daemon Denial of Service Vulnerability 2020-08-26 CVE-2020-6097 7.5
TALOS-2020-1128 Microsoft Azure Sphere Normal World application READ_IMPLIES_EXEC personality unsigned code execution vulnerability 2020-08-24 CVE-2020-16984 6.2
TALOS-2020-1137 Microsoft Azure Sphere uid_map UID uniqueness privilege escalation vulnerability 2020-08-24 CVE-2020-16993 8.1
TALOS-2020-1085 Google Chrome WebGL code execution vulnerability 2020-08-24 CVE-2020-6492 8.3
TALOS-2020-1138 Microsoft Azure Sphere Normal World application /proc/thread-self/mem unsigned code execution vulnerability 2020-08-24 CVE-2020-16987 6.2
TALOS-2020-1133 Microsoft Azure Sphere Capability access control privilege escalation vulnerability 2020-08-24 None 8.1
TALOS-2020-1100 Internet Systems Consortium's BIND TCP Receive Buffer Length Assertion Check Denial of Service Vulnerability 2020-08-20 CVE-2020-8620 7.5
TALOS-2020-1091 ERPNext frappe.desk.reportview.get SQL injection vulnerability 2020-08-18 CVE-2020-6145 6.4
TALOS-2020-1122 SoftPerfect RAM Disk spvve.sys 0x222024 information disclosure vulnerability 2020-08-04 CVE-2020-13523 3.8
TALOS-2020-1121 SoftPerfect RAM Disk spvve.sys 0x222004 arbitrary file deletion vulnerability 2020-08-04 CVE-2020-13522 8.8
TALOS-2020-1132 Microsoft Azure Sphere mtd character device driver privilege escalation vulnerability 2020-07-31 CVE-2020-16982 8.1
TALOS-2020-1118 Microsoft Azure Sphere AF_AZSPIO socket memory corruption vulnerability 2020-07-31 CVE-2020-16970 8.1
TALOS-2020-1131 Microsoft Azure Sphere ASXipFS inode type privilege escalation vulnerability 2020-07-31 None 8.1
TALOS-2020-1117 Microsoft Azure Sphere asynchronous ioctl denial-of-service vulnerability 2020-07-31 CVE-2020-35609 7.1
TALOS-2020-1093 Microsoft Azure Sphere Normal World application /proc/self/mem unsigned code execution vulnerability 2020-07-31 CVE-2020-16994 6.2
TALOS-2020-1090 Microsoft Azure Sphere Normal World application ptrace unsigned code execution vulnerability 2020-07-31 CVE-2020-16991 6.2
TALOS-2020-1089 Microsoft Azure Sphere kernel message ring buffer Information Disclosure Vulnerability 2020-07-31 CVE-2020-16990 4.3
TALOS-2020-1030 freeDiameter freeDiameterd Denial of Service Vulnerability 2020-07-28 CVE-2020-6098 7.5
TALOS-2020-1069 Siemens LOGO! Web Server Code Execution Vulnerability 2020-07-15 CVE-2020-7593 10.0
TALOS-2020-1043 AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality ROUND_NI Code Execution Vulnerability 2020-07-14 CVE-2020-6103 8.5
TALOS-2020-0979 Intel IGC64.DLL shader functionality ATOMIC_ADD code execution vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1036 8.5
TALOS-2020-0980 Intel IGC64.DLL shader functionality DCL_INDEXABLETEMP code execution vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1040 8.5
TALOS-2020-1040 AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality MOV REG Code Execution Vulnerability 2020-07-14 CVE-2020-6100 8.5
TALOS-2020-0982 Intel IGC64.DLL Shader Functionality HeapReAlloc code execution vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1042 8.5
TALOS-2020-1042 AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality RESOURCE Code Execution Vulnerability 2020-07-14 CVE-2020-6102 8.5
TALOS-2020-1041 AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality DCL_OUTPUT Code Execution Vulnerability 2020-07-14 CVE-2020-6101 8.5
TALOS-2020-0983 Intel IGC64.DLL Shader Functionality hull shader denial of service vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1043 6.3
TALOS-2020-0981 Intel IGC64.DLL shader functionality realloc code execution vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1041 8.5
TALOS-2020-0978 Intel IGC64.DLL Shader Functionality DCL_OUTPUT code execution vulnerability 2020-07-14 Microsoft Hyper-V/RemoteFX: CVE-2020-1032 8.5
TALOS-2020-1067 Glacies IceHRM Admin Reports SQL injection Vulnerability 2020-07-10 CVE-2020-6114 6.6
TALOS-2020-1044 Google Chrome PDFium Javascript Regexp Memory Corruption Vulnerability 2020-07-02 CVE-2020-6458 8.8
TALOS-2020-1009 Leadtools Image Parser Animated Icon Code Execution Vulnerability 2020-07-01 CVE-2020-6089 8.8
TALOS-2020-1088 Mozilla Firefox URL mPath Information Disclosure Vulnerability 2020-07-01 CVE-2020-12418 6.5
TALOS-2019-0971 NVIDIA NVWGF2UMX_CFG.DLL shader functionality denial-of-service vulnerability 2020-06-24 CVE-2020-5965 8.5
TALOS-2020-1027 Microsoft Office Excel PivotField code execution vulnerability 2020-06-10 CVE-2020-1226 8.8
TALOS-2020-1010 WAGO PFC 200 Web-Based Management (WBM) Code Execution Vulnerability 2020-06-10 CVE-2020-6090 9.1
TALOS-2020-1053 Mozilla Firefox SharedWorkerService Code Execution Vulnerability 2020-06-10 CVE-2020-12405 8.8
TALOS-2020-1045 Microsoft Office Excel HTML and XML Table Code Execution Vulnerability 2020-06-10 CVE-2020-1225 8.8
TALOS-2020-1024 Siemens LOGO! TDE service "NFSAccess" Delete Denial of Service Vulnerability 2020-06-09 CVE-2020-7589 9.3
TALOS-2020-1026 Siemens LOGO! TDE service "NFSAccess" Upload File Write Vulnerability 2020-06-09 CVE-2020-7589 7.5
TALOS-2020-1025 Siemens LOGO! TDE service "DELETEPROG" Denial of Service Vulnerability 2020-06-09 CVE-2020-7589 9.3
TALOS-2020-1056 Zoom Client Application Chat Code Snippet Remote Code Execution Vulnerability 2020-06-03 CVE-2020-6110 8.0
TALOS-2020-1055 Zoom client application chat Giphy arbitrary file write 2020-06-03 CVE-2020-6109 8.5
TALOS-2020-1214 Webkit fireEventListeners use-after-free vulnerability 2020-06-02 CVE-2021-21806 8.8
TALOS-2019-0957 VMware Workstation 15 shader functionality round_ni denial of service vulnerability 2020-06-01 CVE-2020-3958 6.5
TALOS-2020-1011 Epson EB-1470Ui ESPON Web Control Authentication Bypass Vulnerability 2020-05-21 CVE-2020-6091 9.8
TALOS-2020-1019 GNU glibc ARMv7 memcpy() memory corruption vulnerability 2020-05-21 CVE-2020-6096 8.1
TALOS-2020-1087 Synology SRM SafeAccess 1.2.1-0220 code execution Vvulnerability 2020-05-18 CVE-2020-27659, CVE-2020-27660 8.3
TALOS-2020-0997 Nitro PRO PDF nested pages remote code execution vulnerability 2020-05-18 CVE-2020-6074 8.8
TALOS-2020-1013 Nitro Pro PDF Pattern Object Code Execution Vulnerability 2020-05-18 CVE-2020-6092 8.8
TALOS-2020-1014 Nitro Pro PDF Javascript XML error handling Information Disclosure Vulnerability 2020-05-18 CVE-2020-6093 6.5
TALOS-2020-1031 Adobe Acrobat Reader DC Javascript submitForm Remote Code Execution Vulnerability 2020-05-12 CVE-2020-9609 8.8
TALOS-2020-1028 Adobe Acrobat Reader DC Annotation Destroy Remote Code Execution 2020-05-12 CVE-2020-9607 8.8
TALOS-2020-1015 Microsoft Office Excel s_Schema Code Execution Vulnerability 2020-05-12 CVE-2020-0901 8.8
TALOS-2020-1051 Synology SRM DHCP monitor hostname parsing Denial of Service Vulnerability 2020-05-06 CVE-2019-11823 7.4
TALOS-2020-1003 3S-Smart Software Solutions GmbH CODESYS Runtime PLC_Task Code Execution Vulnerability 2020-05-06 CVE-2020-6081 9.9
TALOS-2020-1004 Accusoft ImageGear ICO ico_read buffer size computation code execution vulnerability 2020-05-05 CVE-2020-6082 9.8
TALOS-2020-1017 Accusoft ImageGear TIFF fill_in_raster buffer copy operation code execution vulnerability 2020-05-05 CVE-2020-6094 9.8
TALOS-2020-0998 Accusoft ImageGear PNG store_data_buffer size computation code execution vulnerability 2020-05-05 CVE-2020-6075 9.8
TALOS-2020-0999 Accusoft ImageGear ICO icoread code execution vulnerability 2020-05-05 CVE-2020-6076 9.8
TALOS-2020-1033 Windows 10 Insider Preview Fast win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability Regression 2020-05-05 -- 8.4
TALOS-2020-1211 Linux Kernel /proc/pid/syscall information disclosure vulnerability 2020-04-27 CVE-2020-28588 4.0
TALOS-2020-1218 Prusa Research PrusaSlicer _3MF_Importer::_handle_end_model() use-after-free vulnerability 2020-04-21 CVE-2020-28594 8.8
TALOS-2020-1052 Zoom Communications Registered Users Enumeration 2020-04-21 -- 6.5
TALOS-2020-1158 Synology DSM AppArmor synosearchagent misconfiguration vulnerability 2020-04-19 CVE-2021-26563 6.7
TALOS-2020-1012 Microsoft Media Foundation CQTMetadataKeysAtom GetKeyForIndex Information Disclosure Vulnerability 2020-04-14 CVE-2020-0939 6.5
TALOS-2020-0988 F2fs-tools fsck.f2fs sanity_check_area_boundary code execution vulnerability 2020-04-09 CVE-2020-6070 6.7
TALOS-2020-1039 NVIDIA D3D10 Driver nvwgf2umx_cfg.dll nvwg FTOI code execution vulnerability 2020-03-25 CVE‑2020‑5981 8.5
TALOS-2019-0897 3S-Smart Software Solutions CODESYS GatewayService memory corruption vulnerability 2020-03-25 CVE-2019-5105 7.5
TALOS-2019-0894 Intel Raid Web Console 3 add server denial-of-service vulnerability 2020-03-24 CVE-2020-8688 7.5
TALOS-2019-0914 Intel Raid Web Console 3 DISCOVERY Denial of Service 2020-03-24 CVE-2020-8688 7.5
TALOS-2020-1000 Videolabs libmicrodns 0.1.0 message-parsing bounds denial-of-service vulnerability 2020-03-23 CVE-2020-6077 7.5
TALOS-2020-0996 Videolabs libmicrodns 0.1.0 TXT record RDATA-parsing denial-of-service vulnerability 2020-03-23 CVE-2020-6073 7.5
TALOS-2020-1002 Videolabs libmicrodns 0.1.0 resource allocation denial-of-service vulnerabilities 2020-03-23 CVE-2020-6079, CVE-2020-6080 7.5
TALOS-2020-0994 Videolabs libmicrodns 0.1.0 resource record recursive label uncompression denial-of-service vulnerability 2020-03-23 CVE-2020-6071 7.5
TALOS-2020-0995 Videolabs libmicrodns 0.1.0 rr_decode return value remote code execution vulnerability 2020-03-23 CVE-2020-6072 9.8
TALOS-2020-1018 GStreamer gst-rtsp-server GstRTSPAuth Denial of Service Vulnerability 2020-03-23 CVE-2020-6095 7.5
TALOS-2020-1001 Videolabs libmicrodns 0.1.0 mdns_recv return value denial-of-service vulnerability 2020-03-23 CVE-2020-6078 7.5
TALOS-2020-1016 Microsoft Windows 10 Kernel SetMapMode MM_HIENGLISH information disclosure vulnerability 2020-03-10 CVE-2020-0791 7.3
TALOS-2019-0952 WAGO e!COCKPIT file path improper input validation vulnerability 2020-03-09 CVE-2019-5159 8.6
TALOS-2019-0923 WAGO PFC100/200 Web-Based Management (WBM) Authentication Regex Information Disclosure Vulnerability 2020-03-09 CVE-2019-5134 5.3
TALOS-2019-0966 WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Memory Corruption Vulnerabilities 2020-03-09 CVE-2019-5185, CVE-2019-5186 7.0
TALOS-2019-0924 WAGO PFC100/200 Web-Based Management (WBM) Authentication Timing Information Disclosure Vulnerability 2020-03-09 CVE-2019-5135 5.3
TALOS-2019-0939 WAGO PFC100/200 Web-Based Management (WBM) FastCGI configuration insufficient resource pool denial of service 2020-03-09 CVE-2019-5149 5.3
TALOS-2019-0949 WAGO PFC200 Cloud Connectivity TimeoutPrepared Command Injection Vulnerability 2020-03-09 CVE-2019-5156 7.2
TALOS-2019-0962 WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Command Injection Vulnerabilities 2020-03-09 CVE-2019-5167, CVE-2019-5168, CVE-2019-5169, CVE-2019-5170, CVE-2019-5171, CVE-2019-5172, CVE-2019-5173, CVE-2019-5174, CVE-2019-5175 8.8
TALOS-2019-0948 WAGO PFC200 Cloud Connectivity Multiple Command Injection Vulnerabilities 2020-03-09 CVE-2019-5155 7.2
TALOS-2019-0965 WAGO PFC200 iocheckd service "I/O-Check" cache gateway Memory Corruption Vulnerability 2020-03-09 CVE-2019-5184 7.0
TALOS-2019-0950 WAGO PFC200 Cloud Connectivity TimeoutUnconfirmed Command Injection Vulnerability 2020-03-09 CVE-2019-5157 7.2
TALOS-2019-0899 WAGO e!Cockpit network communication cleartext transmission vulnerability 2020-03-09 CVE-2019-5107 7.5
TALOS-2019-0954 WAGO PFC200 Cloud Connectivity Remote Code Execution Vulnerability 2020-03-09 CVE-2019-5161 9.1
TALOS-2019-0953 WAGO PFC200 Cloud Connectivity Improper Host Validation Vulnerability 2020-03-09 CVE-2019-5160 9.1
TALOS-2019-0963 WAGO PFC200 iocheckd service "I/O-Check" cache Multiple Code Execution Vulnerabilities 2020-03-09 CVE-2019-5176, CVE-2019-5177, CVE-2019-5178, CVE-2019-5179, CVE-2019-5180, CVE-2019-5181, CVE-2019-5182 8.8
TALOS-2019-0969 Zoom conference room connector service insufficient session invalidation 2020-03-05 -- 6.4
TALOS-2020-1172 Webkit AudioSourceProviderGStreamer use-after-free vulnerability 2020-03-03 CVE-2020-13558 8.8
TALOS-2020-1221 Epignosis eFront LMS Password Reset authentication bypass vulnerability 2020-03-03 CVE-2020-28597 9.8
TALOS-2020-1173 Synology DSM findhostd unencrypted credentials disclosure vulnerability 2020-02-25 -- 8.0
TALOS-2019-0928 Moxa AWK-3131A multiple iw_* utilities Use of Hard-coded Credentials Vulnerability 2020-02-24 CVE-2019-5139 6.2
TALOS-2019-0927 Moxa AWK-3131A Encrypted Diagnostic Script Command Injection Vulnerability 2020-02-24 CVE-2019-5138 9.9
TALOS-2019-0960 Moxa AWK-3131A iw_webs hostname Authentication Bypass Vulnerability 2020-02-24 CVE-2019-5165 8.0
TALOS-2019-0938 Moxa AWK-3131A ServiceAgent denial-of-service vulnerability 2020-02-24 CVE-2019-5148 7.5
TALOS-2019-0929 Moxa AWK-3131A iw_webs DecryptScriptFile file name Command Injection Vulnerability 2020-02-24 CVE-2019-5140 8.8
TALOS-2019-0925 Moxa AWK-3131A iw_console Privilege Escalation Vulnerability 2020-02-24 CVE-2019-5136 8.8
TALOS-2019-0930 Moxa AWK-3131A iw_webs iw_serverip Parameter Command Injection Vulnerability 2020-02-24 CVE-2019-5141 8.8
TALOS-2019-0944 Moxa AWK-3131A iw_webs User Configuration Remote Code Execution Vulnerability 2020-02-24 CVE-2019-5153 9.9
TALOS-2020-1215 Slic3r libslic3r AMF File AMFParserContext::endElement() out-of-bounds read vulnerability 2020-02-24 CVE-2020-28591 8.6
TALOS-2019-0955 Moxa AWK-3131A iw_webs Account Settings Improper Access Control Vulnerability 2020-02-24 CVE-2019-5162 9.9
TALOS-2019-0926 Moxa AWK-3131A ServiceAgent Use of Hard-coded Cryptographic Key 2020-02-24 CVE-2019-5137 7.5
TALOS-2019-0932 Moxa AWK-3131A iw_console conio_writestr Remote Code Execution Vulnerability 2020-02-24 CVE-2019-5143 8.8
TALOS-2019-0931 Moxa AWK-3131A WAP Hostname Command Injection Vulnerability 2020-02-24 CVE-2019-5142 7.2
TALOS-2020-0984 CoTURN HTTP Server POST-parsing information leak vulnerability 2020-02-18 CVE-2020-6061 7.0
TALOS-2020-0985 CoTURN HTTP Server POST-parsing denial-of-service vulnerability 2020-02-18 CVE-2020-6062 5.9
TALOS-2019-0967 Apple Safari FontFaceSet Remote Code Execution Vulnerability 2020-02-12 CVE-2020-3868 8.8
TALOS-2019-0959 Adobe Acrobat Reader DC Javascript Field Name Information Leak 2020-02-11 CVE-2020-3744 6.8
TALOS-2019-0970 Windows 10 win32kbase HMMarkObjectDestroy Arbitrary Code Execution Vulnerability 2020-02-11 CVE-2020-0731 8.4
TALOS-2019-0946 Microsoft Media Foundation IMFASFSplitter::Initialize Code Execution Vulnerability 2020-02-11 CVE-2020-0738 8.8
TALOS-2019-0968 Microsoft Office Excel Ordinal43 code execution vulnerability 2020-02-11 CVE-2020-0759 8.8
TALOS-2020-0986 Accusoft ImageGear PCX uncompress_scan_line buffer size computation code execution vulnerability 2020-02-10 CVE-2020-6063 9.8
TALOS-2020-0989 Accusoft ImageGear BMP bmp_parsing buffer size computation code execution vulnerability 2020-02-10 CVE-2020-6065 9.8
TALOS-2020-0990 Accusoft ImageGear JPEG SOFx Code Execution Vulnerability 2020-02-10 CVE-2020-6066 9.8
TALOS-2020-0993 Accusoft ImageGear JPEG jpegread precision code execution vulnerability 2020-02-10 CVE-2020-6069 9.8
TALOS-2020-0987 Accusoft ImageGear PCX uncompress_scan_line buffer copy operation code execution vulnerability 2020-02-10 CVE-2020-6064 9.8
TALOS-2020-0991 Accusoft ImageGear TIFF tifread code execution vulnerability 2020-02-10 CVE-2020-6067 9.8
TALOS-2019-0972 Accusoft ImageGear TIFF TIF_read_stripdata code execution vulnerability 2020-02-05 CVE-2019-5187 9.8
TALOS-2020-0976 Mini-SNMPD decode_int Information Leak Vulnerability 2020-02-03 CVE-2020-6059 8.2
TALOS-2020-0977 Mini-SNMPD socket disconnect denial-of-service vulnerability 2020-02-03 CVE-2020-6060 7.5
TALOS-2020-0975 Mini-SNMPD decode_cnt information leak vulnerability 2020-02-03 CVE-2020-6058 8.2
TALOS-2020-0992 Accusoft ImageGear PNG pngread width code execution vulnerability 2020-01-27 CVE-2020-6068 9.8
TALOS-2019-0937 AMD ATI Radeon ATIDXX64.DLL MAD shader functionality denial-of-service vulnerability 2020-01-21 CVE-2019-5146 8.6
TALOS-2019-0964 AMD ATI Radeon ATIDXX64.DLL shader functionality VTABLE remote code execution vulnerability 2020-01-21 CVE-2019-5183 9.0
TALOS-2019-0913 AMD ATI Radeon ATIDXX64.DLL shader functionality constant buffer denial-of-service vulnerability 2020-01-21 CVE-2019-5124 8.6
TALOS-2019-0936 AMD ATI Radeon ATIDXX64.DLL MOVC shader functionality denial-of-service vulnerability 2020-01-21 CVE-2019-5147 8.6
TALOS-2019-0915 Foxit PDF Reader Javascript Field Action Validate Remote Code Execution Vulnerability 2020-01-16 CVE-2019-5126 8.8
TALOS-2019-0920 Foxit PDF Reader JavaScript field action OnBlur remote code execution vulnerability 2020-01-16 CVE-2019-5131 8.8
TALOS-2019-0934 Foxit PDF Reader JavaScript field keystroke action remote code execution vulnerability 2020-01-16 CVE-2019-5145 8.8
TALOS-2019-0935 Foxit PDF Reader Javascript createTemplate Invalid Page Code Execution Vulnerability 2020-01-16 CVE-2019-5130 8.0
TALOS-2019-0973 E2fsprogs e2fsck rehash.c mutate_name() Code Execution Vulnerability 2020-01-07 CVE-2019-5188 7.5
TALOS-2019-0852 OpenCV XML Persistence Parser Buffer Overflow Vulnerability 2020-01-02 CVE-2019-5063 8.8
TALOS-2019-0853 OpenCV JSON persistence parser buffer overflow vulnerability 2020-01-02 CVE-2019-5064 8.8
TALOS-2019-0870 WAGO PFC200 iocheckd service "I/O-Check" Erase Denial of Service Vulnerability 2019-12-16 CVE-2019-5078 10.0
TALOS-2019-0872 WAGO PFC200 iocheckd service "I/O-Check" factory restore denial-of-service vulnerability 2019-12-16 CVE-2019-5080 10.0
TALOS-2019-0863 WAGO PFC200 iocheckd service "I/O-Check" BC_ProductLabel remote code execution vulnerability 2019-12-16 CVE-2019-5074 9.8
TALOS-2019-0871 WAGO PFC200 iocheckd service "I/O-Check" ReadPSN remote code execution vulnerability 2019-12-16 CVE-2019-5079 10.0
TALOS-2019-0869 WAGO PFC200 iocheckd service "I/O-Check" MAC Address overwrite Denial of Service Vulnerability 2019-12-16 CVE-2019-5077 10.0
TALOS-2019-0873 WAGO PFC200 iocheckd service "I/O-Check" ReadPCBManuNum remote code execution vulnerability 2019-12-16 CVE-2019-5081 10.0
TALOS-2019-0874 WAGO PFC200 iocheckd service "I/O-Check" ReadPCBManuNum remote code execution vulnerability 2019-12-16 CVE-2019-5082 10.0
TALOS-2019-0864 WAGO PFC200 iocheckd service "I/O-Check" get_coupler_details remote code execution vulnerability 2019-12-16 CVE-2019-5075 9.8
TALOS-2019-0862 WAGO PFC200 iocheckd service "I/O-Check" external tool information exposure vulnerability 2019-12-16 CVE-2019-5073 5.3
TALOS-2019-0900 Linux kernel CAM table denial-of-service vulnerability 2019-12-11 CVE-2019-5108 7.4
TALOS-2019-0849 W1.fi hostapd CAM table denial-of-service vulnerability 2019-12-11 CVE-2019-5061 7.4
TALOS-2019-0943 Apple Safari SVG Marker Element baseVal Remote Code Execution Vulnerability 2019-12-11 CVE-2019-8846 8.8
TALOS-2019-0850 W1.fi hostapd deauthentication denial-of-service vulnerability 2019-12-11 CVE-2019-5062 7.4
TALOS-2019-0933 Kakadu Software SDK ATK marker code execution vulnerability 2019-12-11 CVE-2019-5144 8.1
TALOS-2019-0895 Microsoft Remote Desktop Services (RDP7) Windows XP Multiple Information Leak Vulnerabilities 2019-12-10 CVE-2019-1489 5.3
TALOS-2019-0882 LEADTOOLS libltdic.so DICOM LDicomNet::receive information disclosure vulnerability 2019-12-10 CVE-2019-5090 9.1
TALOS-2019-0947 Adobe Acrobat Reader DC Javascript gotoNamedDest information leak vulnerability 2019-12-10 CVE-2019-16463 6.8
TALOS-2019-0877 LEADTOOLS libltdic.so DICOM receive code execution vulnerability 2019-12-10 CVE-2019-5085 9.8
TALOS-2019-0901 Microsoft Remote Desktop Services (RDP8) license negotiation denial-of-service vulnerability 2019-12-10 CVE-2019-1453 7.5
TALOS-2019-0945 LEADTOOLS JPEG2000 Isot parsing Memory Corruption Vulnerability 2019-12-10 CVE-2019-5154 8.8
TALOS-2019-0885 LEADTOOLS libltdic.so DICOM LDicomNet::SendData Code Execution Vulnerability 2019-12-10 CVE-2019-5093 8.1
TALOS-2019-0884 LEADTOOLS DICOM UI Parsing Code Execution Vulnerability 2019-12-10 CVE-2019-5092 8.8
TALOS-2019-0883 LEADTOOLS libltdic.so LDicomAssociate::SetBinary denial-of-service vulnerability 2019-12-10 CVE-2019-5091 7.5
TALOS-2019-0890 AMD ATI Radeon ATIDXX64.DLL shader functionality sincos denial-of-service vulnerability 2019-12-05 CVE-2019-5098 8.6
TALOS-2019-0958 Shadowsocks-libev ss-manager add_server Code Execution Vulnerability 2019-12-03 CVE-2019-5164 7.8
TALOS-2019-0942 Shadowsocks-libev ss-server Stream Cipher Information Disclosure Vulnerability 2019-12-03 CVE-2019-5152 7.4
TALOS-2019-0956 Shadowsocks-libev ss-server UdpRelay Denial-of-Service Vulnerability 2019-12-03 CVE-2019-5163 5.9
TALOS-2019-0904 Forma LMS 2.2.1 /appLms/ajax.server.php filter_cat and filter_status parameters SQL injections 2019-12-02 CVE-2019-5111 - CVE-2019-5112 7.4
TALOS-2019-0888 EmbedThis GoAhead web server code execution vulnerability 2019-12-02 CVE-2019-5096 9.8
TALOS-2019-0865 Accusoft ImageGear PNG IHDR width code execution vulnerability 2019-12-02 CVE-2019-5076 9.8
TALOS-2019-0889 EmbedThis GoAhead web server denial-of-service vulnerability 2019-12-02 CVE-2019-5097 5.3
TALOS-2019-0922 Accusoft ImageGear BMP code execution vulnerability 2019-12-02 CVE-2019-5133 9.8
TALOS-2019-0902 Forma LMS 2.2.1 ajax.adm_server.php dir parameter SQL injections 2019-12-02 CVE-2019-5109 7.4
TALOS-2019-0903 Forma LMS 2.2.1 /appCore/index.php users parameter SQL injections 2019-12-02 CVE-2019-5110 7.4
TALOS-2019-0921 Accusoft ImageGear GEM Raster Code Execution Vulnerability 2019-12-02 CVE-2019-5132 9.8
TALOS-2019-0875 Accusoft ImageGear TIFF TIF_decode_thunderscan code execution vulnerability 2019-12-02 CVE-2019-5083 9.8
TALOS-2019-0861 Tenda AC9 /goform/WanParameterSetting Command Injection Vulnerability 2019-11-21 CVE-2019-5071-CVE-2019-5072 7.8
TALOS-2019-0878 xcftools flattenIncrementally tiles walk code execution vulnerability 2019-11-21 CVE-2019-5086 7.5
TALOS-2019-0879 xcftools flattenIncrementally rows allocation code execution vulnerability 2019-11-20 CVE-2019-5087 8.8
TALOS-2019-0893 OpenWrt ustream-ssl certificate verification information leak vulnerability 2019-11-15 CVE-2019-5101,CVE-2019-5102 4.0
TALOS-2019-0845 Intel IGC64.DLL shader functionality DCL_INDEXABLE_TEMP denial-of-service vulnerability 2019-11-13 CVE-2019-14574 8.5
TALOS-2019-0790 Exhibitor UI command injection vulnerability 2019-11-13 CVE-2019-5029 9.8
TALOS-2019-0886 Microsoft Office Excel WorksheetOptions Code Execution Vulnerability 2019-11-12 CVE-2019-1448 8.8
TALOS-2019-0912 Microsoft Media Foundation CMP4MetadataHandler AddQTMetadata Code Execution Vulnerability 2019-11-12 CVE-2019-1430 8.8
TALOS-2019-0891 LEADTOOLS CMP-parsing code execution vulnerability 2019-11-05 CVE-2019-5099 8.8
TALOS-2019-0892 LEADTOOLS BMP Parsing Remote Code Execution Vulnerability 2019-11-05 CVE-2019-5100 8.8
TALOS-2019-0876 LEADTOOLS TIF ImageWidth code execution vulnerability 2019-11-05 CVE-2019-5084 8.8
TALOS-2019-0916 LEADTOOLS JPEG2000 j2pc Parsing Remote Code Execution Vulnerability 2019-11-05 CVE-2019-5125 8.8
TALOS-2019-0881 Investintech Able2Extract professional JPEG decoding code execution vulnerability 2019-11-04 CVE-2019-5089 8.8
TALOS-2019-0880 Investintech Able2Extract Professional BMP decoding biClrUsed code execution vulnerability 2019-11-04 CVE-2019-5088 8.8
TALOS-2019-0941 YouPHPTube /objects/video.php getVideo videoName code execution vulnerability 2019-10-30 CVE-2019-5151 10.0
TALOS-2019-0940 YouPHPTube /objects/video.php getVideo search code execution vulnerability 2019-10-30 CVE-2019-5150 8.9
TALOS-2019-0848 VMware Fusion 11 Shader Functionality Denial Of Service 2019-10-28 CVE-2019-5536 6.5
TALOS-2019-0857 X11 Mesa 3D Graphics Library shared memory permissions vulnerability 2019-10-23 CVE-2019-5068 5.1
TALOS-2019-0910 YouPHPTube /plugin/AD_Server/view/campaignsVideos.json.php id SQL injection vulnerability 2019-10-17 CVE-2019-5120 7.4
TALOS-2019-0911 YouPHPTube /objects/pluginSwitch.json.php Multiple SQL Injection Vulnerabilities 2019-10-17 CVE-2019-5121 - CVE-2019-5123 7.4
TALOS-2019-0908 YouPHPTube /objects/subscribe.json.php SQL injection vulnerability 2019-10-17 CVE-2019-5117 7.4
TALOS-2019-0906 YouPHPTube /objects/commentAddNew.json.php comments_id SQL injection vulnerability 2019-10-17 CVE-2019-5114 7.4
TALOS-2019-0907 YouPHPTube /objects/videoAddNew.json.php SQL injection vulnerability 2019-10-17 CVE-2019-5116 7.4
TALOS-2019-0909 YouPHPTube /objects/subscribeNotify.json.php user_id SQL injection vulnerability 2019-10-17 CVE-2019-5119 7.4
TALOS-2019-0917 YouPHPTube Encoder base64Url multiple command injections 2019-10-17 CVE-2019-5127 - CVE-2019-5129 10.0
TALOS-2019-0860 Adobe Acrobat Reader DC text field value remote code execution vulnerability redux 2019-10-15 CVE-2019-8183 8.8
TALOS-2019-0819 NitroPDF Page Kids Remote Code Execution Vulnerability 2019-10-09 CVE-2019-5050 8.8
TALOS-2019-0814 NitroPDF jpeg2000 ssizDepth Remote Code Execution Vulnerability 2019-10-09 CVE-2019-5045 8.8
TALOS-2019-0830 NitroPDF Stream Length Memory Corruption Vulnerability 2019-10-09 CVE-2019-5053 7.5
TALOS-2019-0816 NitroPDF CharProcs Remote Code Execution Vulnerability 2019-10-09 CVE-2019-5047 7.5
TALOS-2019-0815 NitroPDF jpeg2000 yTsiz Remote Code Execution Vulnerability 2019-10-09 CVE-2019-5046 8.8
TALOS-2019-0817 NitroPDF ICCBased Color Space Remote Code Execution Vulnerability 2019-10-09 CVE-2019-5048 8.8
TALOS-2019-0822 Schneider Electric Modicon M580 FTP firmware update loader service denial-of-service vulnerability 2019-10-08 CVE-2019-6841 4.9
TALOS-2019-0851 Schneider Electric Modicon M580 TFTP server information disclosure vulnerability 2019-10-08 CVE-2019-6851 7.5
TALOS-2019-0827 Schneider Electric Modicon M580 FTP cleartext authentication vulnerability 2019-10-08 CVE-2019-6846 5.9
TALOS-2019-0826 Schneider Electric Modicon M580 UMAS cleartext data transmission vulnerability 2019-10-08 CVE-2019-6845 5.9
TALOS-2019-0823 Schneider Electric Modicon M580 FTP incomplete firmware update denial-of-service vulnerability 2019-10-08 CVE-2019-6842 4.9
TALOS-2019-0824 Schneider Electric Modicon M580 malformed firmware image FTP upgrade denial-of-service vulnerability 2019-10-08 CVE-2019-6843 4.9
TALOS-2019-0867 Schneider Electric Modicon M580 UMAS REST API getcominfo information disclosure vulnerability 2019-10-08 CVE-2019-6849 7.5
TALOS-2019-0825 Schneider Electric Modicon M580 Mismatched Firmware Image FTP Upgrade Denial of Service Vulnerability 2019-10-08 CVE-2019-6844 4.9
TALOS-2019-0868 Schneider Electric Modicon M580 UMAS REST API readbolarray information disclosure vulnerability 2019-10-08 CVE-2019-6850 7.5
TALOS-2019-0866 Schneider Electric Modicon M580 UMAS REST API getcominfo denial-of-service vulnerability 2019-10-08 CVE-2019-6848 8.6
TALOS-2019-0847 Schneider Electric Modicon M580 outdated firmware image FTP upgrade denial-of-service vulnerability 2019-10-08 CVE-2019-6847 4.9
TALOS-2019-0793 Foxit PDF Reader JavaScript Array.includes remote code execution vulnerability 2019-09-30 CVE-2019-5031 8.8
TALOS-2019-0887 E2fsprogs quotaio_tree.c report_tree() code execution vulnerability 2019-09-24 CVE-2019-5094 7.5
TALOS-2019-0855 Aspose.PDF for C++ LZWDecode filter predictor remote code execution vulnerability 2019-09-17 CVE-2019-5066 9.8
TALOS-2019-0856 Aspose.PDF for C++ parent generation remote code execution vulnerability 2019-09-17 CVE-2019-5067 9.8
TALOS-2019-0809 Aspose.PDF for C++ Remote Code Execution Vulnerability 2019-09-17 CVE-2019-5042 8.8
TALOS-2019-0840 Atlassian Jira Worklog Information Disclosure Vulnerability 2019-09-16 CVE-2019-8445 4.3
TALOS-2019-0839 Atlassian Jira issueTable username information disclosure vulnerability 2019-09-16 CVE-2019-8446 5.3
TALOS-2019-0836 Atlassian Jira Issue Key Information Disclosure Vulnerability 2019-09-16 CVE-2019-14995 5.3
TALOS-2019-0838 Atlassian Jira Tempo plugin issue summary information disclosure vulnerability 2019-09-16 CVE-2019-5095 4.3
TALOS-2019-0818 AMD ATI Radeon ATIDXX64.DLL shader functionality remote code execution vulnerability 2019-09-16 CVE-2019-5049 9.0
TALOS-2019-0833 Atlassian Jira WikiRenderer parser XSS vulnerability 2019-09-16 CVE-2019-8444 7.4
TALOS-2019-0837 Atlassian Jira issue attachment name information disclosure vulnerability 2019-09-16 CVE-2019-14995 5.3
TALOS-2019-0834 Atlassian Jira CSRF Login Vulnerability 2019-09-16 CVE-2019-15002 3.5
TALOS-2019-0835 Atlassian Jira CSRF Protections Bypass Vulnerability 2019-09-16 CVE-2019-14998 5.4
TALOS-2019-0831 NETGEAR N300 WNR2000v5 unauthenticated HTTP denial-of-service vulnerability 2019-09-09 CVE-2019-5054 7.5
TALOS-2019-0832 NETGEAR N300 WNR2000v5 unauthenticated host access point daemon denial-of-service vulnerability 2019-09-09 CVE-2019-5055 7.5
TALOS-2019-0854 Blynk inc. Blynk-Library BlynkProtocol<Transp>::processInput() information disclosure vulnerability 2019-09-04 CVE-2019-5065 5.3
TALOS-2019-0858 Epignosis eFront LMS PHP deserialization code execution vulnerability 2019-09-03 CVE-2019-5069 8.8
TALOS-2019-0859 Epignosis eFront LMS unauthenticated SQL injection vulnerability 2019-09-03 CVE-2019-5070 6.5
TALOS-2019-0794 Aspose Aspose.Cells for C++ LabelSst Code Execution Vulnerability 2019-08-20 CVE-2019-5032 9.8
TALOS-2019-0805 Aspose Aspose.Words for C++ EnumMetaInfo Code Execution Vulnerability 2019-08-20 CVE-2019-5041 9.8
TALOS-2019-0795 Aspose Aspose.Cells for C++ Number Code Execution Vulnerability 2019-08-20 CVE-2019-5033 9.8
TALOS-2019-0802 Nest Labs Openweave Weave ASN1Writer PutValue Code Execution Vulnerability 2019-08-19 CVE-2019-5039 7.5
TALOS-2019-0800 Nest Labs Nest Cam IQ Indoor WeaveCASEEngine::DecodeCertificateInfo denial-of-service vulnerability 2019-08-19 CVE-2019-5037 7.5
TALOS-2019-0797 Nest Labs Nest Cam IQ Indoor Weave Legacy Pairing Information Disclosure Vulnerability 2019-08-19 CVE-2019-5034 5.3
TALOS-2019-0801 Nest Labs Openweave Weave tool Print-TLV code execution vulnerability 2019-08-19 CVE-2019-5038 7.5
TALOS-2019-0803 Nest Labs Openweave Weave DecodeMessageWithLength Information Disclosure Vulnerability 2019-08-19 CVE-2019-5040 8.2
TALOS-2019-0798 Nest Labs Nest Cam IQ Indoor Weave PASE pairing brute force vulnerability 2019-08-19 CVE-2019-5035 9.0
TALOS-2019-0799 Nest Labs Nest Cam IQ Indoor Weave KeyError denial-of-service vulnerability 2019-08-19 CVE-2019-5036 7.5
TALOS-2019-0810 Nest Labs Nest Cam IQ Indoor Weave TCP connection denial-of-service vulnerability 2019-08-19 CVE-2019-5043 5.3
TALOS-2018-0736 Schneider Electric Modicon M580 UMAS read strategy denial-of-service vulnerability 2019-08-13 CVE-2019-6809 7.5
TALOS-2019-0807 Schneider Electric Modicon M580 UMAS Function Code 0x29 Denial of Service Vulnerability 2019-08-13 CVE-2019-6829 7.5
TALOS-2019-0806 Schneider Electric Modicon M580 UMAS Read System Coils and Registers Denial of Service Vulnerability 2019-08-13 CVE-2019-6828 7.5
TALOS-2019-0808 Schneider Electric Modicon M580 HTTP Request Denial of Service Vulnerability 2019-08-13 CVE-2019-6830 5.9
TALOS-2019-0829 MongoDB Server session reuse vulnerability 2019-08-06 CVE-2019-2386 7.1
TALOS-2019-0813 NVIDIA NVWGF2UMX_CFG.DLL Shader functionality DCL_INDEXABLETEMP code execution vulnerability 2019-08-05 CVE-2019- 5685 9.0
TALOS-2019-0779 NVIDIA NVWGF2UMX_CFG.DLL shader functionality code execution vulnerability 2019-08-05 CVE‑2019‑5684 9.0
TALOS-2019-0757 VMware Workstation 15 pixel shader functionality denial of service vulnerability 2019-08-05 CVE‑2019‑5521 6.5
TALOS-2019-0812 NVIDIA NVWGF2UMX_CFG.DLL Shader functionality DCL_INDEXABLETEMP code execution vulnerability 2019-08-05 CVE-2019-5685 9.0
TALOS-2019-0781 Yara Object Lookup Denial of Service Vulnerability 2019-07-30 CVE-2019-5020 6.5
TALOS-2019-0844 SDL_image XPM image colorhash parsing Code Execution Vulnerability 2019-07-29 CVE-2019-5060 8.8
TALOS-2019-0843 SDL_image XPM image color code code execution vulnerability 2019-07-29 CVE-2019-5059 8.8
TALOS-2019-0841 SDL_image PCX Image Code execution Vulnerability 2019-07-29 CVE-2019-5057 8.8
TALOS-2019-0842 SDL_image XCF Image Code Execution Vulnerability 2019-07-29 CVE-2019-5058 8.8
TALOS-2019-0820 Simple DirectMedia Layer SDL2_image IMG_LoadPCX_RW code execution vulnerability 2019-07-02 CVE-2019-5051 8.8
TALOS-2019-0821 Simple DirectMedia Layer SDL2_image IMG_LoadPCX_RW signed comparison code execution vulnerability 2019-07-02 CVE-2019-5052 8.8
TALOS-2019-0791 Google V8 Array.prototype Memory Corruption Vulnerability 2019-07-01 CVE-2019-5831 7.5
TALOS-2019-0776 KCodes NetUSB unauthenticated remote kernel information disclosure vulnerability 2019-06-17 CVE-2019-5017 5.8
TALOS-2019-0775 KCodes NetUSB unauthenticated remote kernel arbitrary memory read vulnerability 2019-06-14 CVE-2019-5016 10.0
TALOS-2019-0763 Schneider Electric Modicon M580 UMAS function code 0x6d multiple denial-of-service vulnerabilities 2019-06-10 CVE-2018-7852 7.5
TALOS-2018-0735 Schneider Electric Modicon M580 UMAS release reservation denial-of-service vulnerability 2019-06-10 CVE-2018-7846 5.3
TALOS-2018-0740 Schneider Electric Modicon M580 UMAS strategy read information disclosure vulnerability 2019-06-10 CVE-2018-7848 7.5
TALOS-2019-0770 Schneider Electric Modicon M580 UMAS write system bits and blocks denial-of-service vulnerability 2019-06-10 CVE-2019-6807 7.5
TALOS-2019-0764 Schneider Electric Modicon M580 UMAS function code 0x28 denial-of-service vulnerability 2019-06-10 CVE-2018-7853 7.5
TALOS-2019-0765 Schneider Electric Modicon M580 UMAS function code 0x65 denial-of-service vulnerability 2019-06-10 CVE-2018-7854 7.5
TALOS-2018-0742 Schneider Electric Modicon M580 UMAS Strategy File Write Vulnerability 2019-06-10 CVE-2018-7847 9.8
TALOS-2019-0768 Schneider Electric Modicon M580 UMAS write system coils and holding registers denial-of-service vulnerability 2019-06-10 CVE-2018-7857 7.5
TALOS-2018-0738 Schneider Electric Modicon M580 UMAS memory block read denial-of-service vulnerability 2019-06-10 CVE-2018-7843 7.5
TALOS-2019-0766 Schneider Electric Modicon M580 UMAS set breakpoint denial-of-service vulnerability 2019-06-10 CVE-2018-7855 7.5
TALOS-2019-0769 Schneider Electric Modicon M580 UMAS read system blocks and bits information disclosure vulnerability 2019-06-10 CVE-2019-6806 7.5
TALOS-2018-0741 Schneider Electric Modicon M580 UMAS Improper Authentication Vulnerability 2019-06-10 CVE-2018-7842 7.5
TALOS-2018-0745 Schneider Electric Modicon M580 UMAS Read Memory Block Out Of Bounds Information Disclosure Vulnerability 2019-06-10 CVE-2018-7845 7.5
TALOS-2019-0771 Schneider Electric UnityPro PLC simulator remote code execution vulnerability 2019-06-10 CVE-2019-6808 10.0
TALOS-2018-0737 Schneider Electric Modicon M580 UMAS strategy transfer denial-of-service vulnerability 2019-06-10 CVE-2018-7849 7.5
TALOS-2018-0739 Schneider Electric Modicon M580 UMAS read memory block information disclosure vulnerability 2019-06-10 CVE-2018-7844 7.5
TALOS-2018-0743 Schneider Electric Modicon M580 UnityPro reliance on untrusted inputs vulnerability 2019-06-10 CVE-2018-7850 7.5
TALOS-2019-0767 Schneider Electric Modicon M580 UMAS memory block write denial-of-service vulnerability 2019-06-10 CVE-2018-7856 7.5
TALOS-2019-0846 Jenkins Artifactory Plugin fillCredentialsIdItems information disclosure vulnerability 2019-06-04 CVE-2019-10323 4.3
TALOS-2019-0787 Jenkins Artifactory Plugin information disclosure vulnerability 2019-06-04 CVE-2019-10321 - CVE-2019-10322 7.7
TALOS-2019-0784 PaX read_kmem denial of service vulnerability 2019-05-29 CVE-2019-5023 5.3
TALOS-2019-0760 Wacom update helper tool startProcess privilege escalation vulnerability 2019-05-16 CVE-2019-5012 7.8
TALOS-2019-0761 Wacom update helper tool start/stopLaunchDProcess privilege escalation vulnerability 2019-05-16 CVE-2019-5013 7.1
TALOS-2019-0778 Adobe Acrobat Reader DC OCGs state change remote code execution vulnerability 2019-05-14 CVE-2019-7761 8.8
TALOS-2019-0792 Antenna House Rainbow PDF Office server document converter TxMasterStyleAtom parsing code execution vulnerability 2019-05-14 CVE-2019-5030 8.8
TALOS-2019-0796 Adobe Acrobat Reader DC app.thermometer Remote Code Execution Vulnerability 2019-05-14 CVE-2019-7831 8.0
TALOS-2018-0696 Novatek NT9665X XML_GetThumbNail denial-of-service vulnerability 2019-05-13 CVE-2018-4024 7.5
TALOS-2018-0688 Anker Roav A1 Dashcam Wifi AP Default Credential Vulnerability 2019-05-13 CVE-2018-4017 7.1
TALOS-2018-0685 Anker Roav A1 Dashcam WifiCmd 9999 Code Execution Vulnerability 2019-05-13 CVE-2018-4014 8.0
TALOS-2018-0700 Novatek NT9665X HFS Overwrite denial-of-service vulnerability 2019-05-13 CVE-2018-4028 5.3
TALOS-2018-0687 Anker Roav A1 Dashcam HTTP Path Overflow Code Execution Vulnerability 2019-05-13 CVE-2018-4016 8.0
TALOS-2018-0699 Novatek NT9665X XML_UploadFile WifiCmd denial-of-service vulnerability 2019-05-13 CVE-2018-4027 5.3
TALOS-2018-0701 Novatek NT9665X HFS Recv buffer overflow code execution vulnerability 2019-05-13 CVE-2018-4029 10.0
TALOS-2018-0698 Novatek NT9665X XML_GetScreen Strncmp denial-of-service vulnerability 2019-05-13 CVE-2018-4026 7.5
TALOS-2018-0689 Novatek NT9665X HTTP Upload Firmware Update Vulnerability 2019-05-13 CVE-2018-4018 10.0
TALOS-2018-0695 Novatek NT9665X XML_UploadFile path overflow code execution vulnerability 2019-05-13 CVE-2018-4023 10.0
TALOS-2018-0697 Novatek NT9665X XML_GetRawEncJpg denial-of-service vulnerability 2019-05-13 CVE-2018-4025 7.5
TALOS-2019-0777 Sqlite3 Window Function Remote Code Execution Vulnerability 2019-05-09 CVE-2019-5018 8.1
TALOS-2019-0782 Alpine Linux Docker Image root User Hard-Coded Credential Vulnerability 2019-05-08 CVE-2019-5021 9.8
TALOS-2019-0772 Winco Fireworks FireFly Bluetooth Low Energy Improper Access Control Vulnerability 2019-05-08 CVE-2019-5014 6.5
TALOS-2019-0786 Jenkins Ansible Tower Plugin information disclosure vulnerability 2019-05-06 CVE-2019-10310 7.7
TALOS-2019-0783 Jenkins Swarm Plugin XML external entities information disclosure vulnerability 2019-05-06 CVE-2019-10309 6.1
TALOS-2019-0788 Jenkins GitLab Plugin Information Disclosure Vulnerability 2019-05-06 CVE-2019-10300 7.7
TALOS-2018-0749 Sierra Wireless AirLink ES450 ACEManager upload.cgi Unverified Password Change Vulnerability 2019-04-25 CVE-2018-4064 8.5
TALOS-2018-0751 Sierra Wireless AirLink ES450 ACEManager Cross-Site Request Forgery Vulnerability 2019-04-25 CVE-2018-4066 6.4
TALOS-2018-0756 Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Set_Task.cgi Permission Assignment Vulnerability 2019-04-25 CVE-2018-4072, CVE-2018-4073 9.9
TALOS-2018-0750 Sierra Wireless AirLink ES450 ACEManager ping_result.cgi Cross-Site Scripting Vulnerability 2019-04-25 CVE-2018-4065 6.1
TALOS-2018-0755 Sierra Wireless AirLink ES450 ACEManager Embedded_Ace_Get_Task.cgi Information Disclosure Vulnerability 2019-04-25 CVE-2018-4070, CVE-2018-4071 7.7
TALOS-2018-0752 Sierra Wireless AirLink ES450 ACEManager template_load.cgi Information Disclosure Vulnerability 2019-04-25 CVE-2018-4067 5.0
TALOS-2018-0753 Sierra Wireless AirLink ES450 ACEManager Information Disclosure Vulnerability 2019-04-25 CVE-2018-4068 5.3
TALOS-2018-0748 Sierra Wireless AirLink ES450 ACEManager upload.cgi Remote Code Execution Vulnerability 2019-04-25 CVE-2018-4063 9.9
TALOS-2018-0754 Sierra Wireless AirLink ES450 ACEManager Information Exposure Vulnerability 2019-04-25 CVE-2018-4069 5.9
TALOS-2018-0746 Sierra Wireless AirLink ES450 ACEManager iplogging.cgi command injection vulnerability 2019-04-25 CVE-2018-4061 9.9
TALOS-2018-0747 Sierra Wireless AirLink ES450 SNMPD hard-coded credentials vulnerability 2019-04-25 CVE-2018-4062 7.7
TALOS-2018-0693 Symantec Endpoint Protection Small Business Edition ccSetx86.sys 0x224844 kernel memory information disclosure vulnerability 2019-04-23 CVE-2018-18366 4.3
TALOS-2018-0673 Shimo VPN Helper Tool disconnectService denial-of-service vulnerability 2019-04-15 CVE-2018-4004 7.1
TALOS-2018-0674 Shimo VPN helper tool configureRoutingWithCommand privilege escalation vulnerability 2019-04-15 CVE-2018-4005 9.3
TALOS-2018-0678 Shimo VPN helper tool code-signing privilege escalation vulnerability 2019-04-15 CVE-2018-4009 8.8
TALOS-2018-0677 Shimo VPN helper tool RunVpncScript privilege escalation vulnerability 2019-04-15 CVE-2018-4008 9.3
TALOS-2018-0675 Shimo VPN helper tool writeConfig privilege escalation vulnerability 2019-04-15 CVE-2018-4006 9.3
TALOS-2018-0676 Shimo VPN helper tool deleteConfig denial-of-service vulnerability 2019-04-15 CVE-2018-4007 9.0
TALOS-2019-0762 VMware Workstation 15 vertex shader functionality denial-of-service vulnerability 2019-04-15 CVE-2019-5516 6.5
TALOS-2019-0774 Adobe Acrobat Reader DC text field value remote code execution vulnerability — redux 2019-04-09 CVE-2019-7125 8.8
TALOS-2019-0785 Capsule Technologies SmartLinx Neuron 2 restricted environment protection mechanism failure vulnerability 2019-04-08 CVE-2019-5024 7.6
TALOS-2018-0725 GOG Galaxy Games createFolderAtPath privilege escalation vulnerability 2019-03-26 CVE-2018-4051 7.1
TALOS-2018-0724 GOG Galaxy Games changeFolderPermissionsAtPath privilege escalation vulnerability 2019-03-26 CVE-2018-4050 7.1
TALOS-2018-0722 GOG Galaxy updater temp directory insecure file permissions local privilege elevation vulnerability 2019-03-26 CVE-2018-4048 9.3
TALOS-2018-0727 GOG Galaxy Games privileged helper denial-of-service vulnerability 2019-03-26 CVE-2018-4053 6.2
TALOS-2018-0723 GOG Galaxy Games directory insecure file permissions local privilege elevation vulnerability 2019-03-26 CVE-2018-4049 9.3
TALOS-2018-0647 Nouveau Display Driver Remote Denial of Service 2019-03-26 CVE-2018-3979 7.4
TALOS-2018-0640 GOG Galaxy service insecure file permissions local privilege elevation vulnerability 2019-03-26 CVE-2018-3974 9.3
TALOS-2018-0726 GOG Galaxy Games fillProcessInformationForPids information leak vulnerability 2019-03-26 CVE-2018-4052 6.2
TALOS-2018-0703 CUJO Smart Firewall threatd hostname reputation check code execution vulnerability 2019-03-19 CVE-2018-4031 9.0
TALOS-2018-0681 CUJO Smart Firewall mdnscap mDNS SRV record denial-of-service vulnerability 2019-03-19 CVE-2018-4011 6.5
TALOS-2018-0633 Das U-Boot verified boot bypass 2019-03-19 CVE-2018-3968 8.2
TALOS-2018-0672 CUJO Smart Firewall mdnscap mDNS character-strings code execution vulnerability 2019-03-19 CVE-2018-4003 8.3
TALOS-2018-0702 CUJO Smart Firewall safe browsing Host header-parsing firewall bypass vulnerability 2019-03-19 CVE-2018-4030 5.3
TALOS-2018-0627 CUJO Smart Firewall static DHCP hostname command injection vulnerability 2019-03-19 CVE-2018-3963 9.0
TALOS-2018-0671 CUJO Smart Firewall mdnscap mDNS label compression denial-of-service vulnerability 2019-03-19 CVE-2018-4002 5.3
TALOS-2018-0634 CUJO Smart Firewall dhcpd.conf verified boot bypass 2019-03-19 CVE-2018-3969 8.2
TALOS-2018-0653 CUJO Smart Firewall mdnscap mDNS record parsing code execution vulnerability 2019-03-19 CVE-2018-3985 8.3
TALOS-2019-0759 CleanMyMac X incomplete update patch privilege escalation vulnerability 2019-03-11 CVE-2019-5011 7.1
TALOS-2019-0961 WAGO PFC200 iocheckd service "I/O-Check" cache DNS code execution vulnerability 2019-03-09 CVE-2019-5166 8.8
TALOS-2019-0951 WAGO e!COCKPIT Firmware Downgrade Vulnerability 2019-03-09 CVE-2019-5158 8.6
TALOS-2019-0898 WAGO e!Cockpit authentication hard-coded encryption key vulnerability 2019-03-09 CVE-2019-5106 6.2
TALOS-2019-0773 Pixar Renderman Install Helper Privilege Escalation Vulnerability 2019-03-07 CVE-2019-5015 9.0
TALOS-2019-0780 Antenna House Rainbow PDF Office server document converter getSummaryInformation NumProperties code execution vulnerability 2019-02-28 CVE-2019-5019 8.8
TALOS-2017-0509 McAfee GetSusp VersionInfo Parsing Denial of Service Vulnerability 2019-02-20 CVE-2018-6687 6.5
TALOS-2018-0682 AutoDesk AutoCAD 2019 LinetypeTableRecord Code Execution Vulnerability 2019-02-14 CVE-2019-7360 8.8
TALOS-2018-0670 AutoDesk AutoCAD 2019 DXF-parsing code execution vulnerability 2019-02-14 CVE-2019-7358 8.8
TALOS-2018-0680 AutoDesk AutoCAD 2019 cell margin code execution vulnerability 2019-02-14 CVE-2019-7359 8.8
TALOS-2018-0714 Adobe Acrobat Reader DC text field "comb" property remote code execution vulnerability 2019-02-12 CVE-2019-7039 8.8
TALOS-2018-0655 Rakuten Viber Android Secret Chats Information Disclosure Vulnerability 2019-02-07 CVE-2018-3987 4.2
TALOS-2018-0642 ACD Systems Canvas Draw 5 IO metadata out-of-bounds write code execution vulnerability 2019-01-30 CVE-2018-3976 8.8
TALOS-2018-0648 ACD Systems Canvas Draw 5 huff table out-of-bounds write code execution vulnerability 2019-01-30 CVE-2018-3980 8.8
TALOS-2018-0649 ACD Systems Canvas Draw 5 Resolution_Set out-of-bounds write code execution vulnerability 2019-01-30 CVE-2018-3981 8.8
TALOS-2018-0638 ACD Systems Canvas Draw 4 FillSpan Out of Bounds Write Code Execution Vulnerability 2019-01-30 CVE-2018-3973 8.8
TALOS-2019-0758 Python.org CPython X509 certificate parsing denial-of-service vulnerability 2019-01-28 CVE-2019-5010 5.9
TALOS-2018-0657 WIBU-SYSTEMS WibuKey.sys 0x8200E804 kernel memory information disclosure vulnerability 2019-01-28 CVE-2018-3989 4.3
TALOS-2018-0658 WIBU-SYSTEMS WibuKey.sys 0x8200E804 pool corruption privilege escalation vulnerability 2019-01-28 CVE-2018-3990 9.3
TALOS-2018-0659 WIBU-SYSTEMS WibuKey network server management WkbProgramLow remote code execution vulnerability 2019-01-28 CVE-2018-3991 10.0
TALOS-2019-0919 Bitdefender BOX 2 bootstrap download_image command injection vulnerability 2019-01-21 CVE-2019-17095, CVE-2019-17096 9.0
TALOS-2019-0918 Bitdefender BOX 2 bootstrap update_setup command execution vulnerability 2019-01-21 CVE-2019-17102 9.0
TALOS-2018-0728 Pixar Renderman install helper privilege escalation vulnerability 2019-01-14 CVE-2018-4054 9.0
TALOS-2018-0729 Pixar Renderman Install Helper Arbitrary File Read Privilege Escalation Vulnerability 2019-01-14 CVE-2018-4055 7.1
TALOS-2018-0615 Apple IntelHD5000 Graphics Process Token Privilege Escalation Vulnerability 2019-01-08 CVE-2018-4421 8.8
TALOS-2018-0614 Apple IntelHD5000 Graphics Delete Resource Privilege Escalation Vulnerability 2019-01-03 CVE-2018-4456, CVE-2018-4451 8.8
TALOS-2018-0626 Foxit PDF Reader XFA xdpContent information leak vulnerability 2019-01-03 CVE-2018-3956 6.8
TALOS-2018-0708 CleanMyMac X truncateFileAtPath Privilege Escalation Vulnerability 2019-01-02 CVE-2018-4035 7.1
TALOS-2018-0718 Clean My Mac X removePackageWithID privilege escalation vulnerability 2019-01-02 CVE-2018-4044 7.1
TALOS-2018-0719 Clean My Mac X securelyRemoveItemAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4045 7.1
TALOS-2018-0716 Clean My Mac X removeLaunchdAgentAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4042 7.1
TALOS-2018-0721 Clean My Mac X disableLaunchdAgentAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4047 7.1
TALOS-2018-0710 CleanMyMac X removeDiagnosticLogs privilege escalation vulnerability 2019-01-02 CVE-2018-4037 7.1
TALOS-2018-0707 CleanMyMac X removeItemAtPath Privilege Escalation Vulnerability 2019-01-02 CVE-2018-4034 7.1
TALOS-2018-0709 CleanMyMac X removeKextAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4036 7.1
TALOS-2018-0715 Clean My Mac X enableLaunchdAgentAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4041 7.1
TALOS-2018-0717 Clean My Mac X removeASL Privilege Escalation Vulnerability 2019-01-02 CVE-2018-4043 7.1
TALOS-2018-0706 CleanMyMac X moveToTrashItemAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4033 7.1
TALOS-2018-0705 CleanMyMac X moveItemAtPath privilege escalation vulnerability 2019-01-02 CVE-2018-4032 7.1
TALOS-2018-0720 Clean My Mac X pleaseTerminate denial-of-service vulnerability 2019-01-02 CVE-2018-4046 7.1
TALOS-2018-0654 Telegram Android Secret Chats Information Disclosure Vulnerability 2018-12-21 CVE-2018-3986 4.2
TALOS-2018-0683 Webroot BrightCloud SDK HTTP headers-parsing code execution vulnerability 2018-12-17 CVE-2018-4012 9.0
TALOS-2018-0686 Webroot BrightCloud SDK HTTP connection unsafe defaults vulnerability 2018-12-17 CVE-2018-4015 8.1
TALOS-2018-0704 Adobe Acrobat Reader DC Text Field Value Remote Code Execution Vulnerability 2018-12-11 CVE-2018-19716 8.8
TALOS-2018-0643 Facebook WhatsApp Desktop Multiple Web Connection Notice Bypass Vulnerability 2018-12-10 -- 6.0
TALOS-2018-0656 Signal Messenger Android self deleting messages Information Disclosure Vulnerability 2018-12-06 CVE-2018-3988 3.3
TALOS-2018-0690 Netgate pfSense system_advanced_misc.php multiple remote command injection vulnerabilities 2018-12-03 CVE-2018-4019, CVE-2018-4020, CVE-2018-4021 7.2
TALOS-2018-0711 Atlantis Word Processor open document format unchecked NewAnsiString length remote code execution vulnerability 2018-11-20 CVE-2018-4038 8.8
TALOS-2018-0712 Atlantis Word Processor Huffman table code length remote code execution vulnerability 2018-11-20 CVE-2018-4039 8.8
TALOS-2018-0713 Atlantis Word Processor rich text format uninitialized TAutoList remote code execution vulnerability 2018-11-20 CVE-2018-4040 8.8
TALOS-2018-0618 TP-Link TL-R600VPN HTTP server information disclosure vulnerability 2018-11-19 CVE-2018-3949 7.5
TALOS-2018-0619 TP-Link TL-R600VPN HTTP server ping address remote code execution vulnerability 2018-11-19 CVE-2018-3950 7.2
TALOS-2018-0620 TP-Link TL-R600VPN HTTP Server fs directory Remote Code Execution Vulnerability 2018-11-19 CVE-2018-3951 7.2
TALOS-2018-0617 TP-Link TL-R600VPN HTTP server denial-of-service vulnerability 2018-11-19 CVE-2018-3948 7.5
TALOS-2018-0602 Yi Technology Home Camera 27US CRCDec denial-of-service vulnerability 2018-10-31 CVE-2018-3935 7.5
TALOS-2018-0645 Simple DirectMedia Layer SDL2_Image do_layer_surface code execution vulnerability 2018-10-31 CVE-2018-3977 8.8
TALOS-2018-0580 Yi Technology Home Camera 27US cloudAPI SSID Code Execution Vulnerability 2018-10-31 CVE-2018-3910 8.8
TALOS-2018-0616 Yi Technology Home Camera 27US p2p_tnp cleartext data transmission vulnerability 2018-10-31 CVE-2018-3947 9.0
TALOS-2018-0595 Yi Technology Home Camera 27US notice_to denial-of-service vulnerability 2018-10-31 CVE-2018-3928 7.5
TALOS-2018-0584 Yi Technology Home Camera 27US Firmware 7z CRC Collision Vulnerability 2018-10-31 CVE-2018-3920 7.6
TALOS-2018-0565 Yi Technology Home Camera 27US Firmware Update Code Execution Vulnerability 2018-10-31 CVE-2018-3890 7.6
TALOS-2018-0572 Yi Technology Home Camera 27US QR Code Base64 Code Execution Vulnerability 2018-10-31 CVE-2018-3900 9.1
TALOS-2018-0567 Yi Technology Home Camera 27US TimeSync Code Execution Vulnerability 2018-10-31 CVE-2018-3892 9.6
TALOS-2018-0601 Yi Technology Home Camera 27US nonce reuse authentication bypass vulnerability 2018-10-31 CVE-2018-3934 9.0
TALOS-2018-0566 Yi Technology Home Camera 27US Firmware Downgrade Vulnerability 2018-10-31 CVE-2018-3891 5.7
TALOS-2018-0571 Yi Technology Home Camera 27US QR Code trans_info Code Execution Vulnerability 2018-10-31 CVE-2018-3898, CVE-2018-3899 8.3
TALOS-2018-0694 MKVToolNix MKVINFO read_one_element code execution vulnerability 2018-10-26 CVE-2018-4022 7.3
TALOS-2018-0635 Sophos HitmanPro.Alert hmpalert 0x222000 kernel memory disclosure vulnerability 2018-10-25 CVE-2018-3970 4.0
TALOS-2018-0636 Sophos HitmanPro.Alert hmpalert 0x2222CC privilege escalation vulnerability 2018-10-25 CVE-2018-3971 9.3
TALOS-2018-0684 Live Networks LIVE555 streaming media RTSPServer lookForHeader code execution vulnerability 2018-10-18 CVE-2018-4013 10.0
TALOS-2018-0625 Linksys ESeries multiple OS command injection vulnerabilities 2018-10-16 CVE-2018-3953, CVE-2018-3954, CVE-2018-3955 7.2
TALOS-2018-0644 Microsoft WindowsCodecs.dll SniffAndConvertToWideString information leak vulnerability 2018-10-10 CVE-2018-8506 5.3
TALOS-2018-0589 VMware Workstation 14 Shader Functionality Assert Denial Of Service 2018-10-09 CVE-2018-6977 6.5
TALOS-2018-0533 Intel Unified Shader Compiler for Intel Graphics Accelerator Pointer Corruption 2018-10-09 CVE-2018-12152 9.0
TALOS-2018-0579 Intel Unified Shader Compiler for Intel Graphics Accelerator Remote Denial Of Service 2018-10-09 CVE-2018-12154 6.5
TALOS-2018-0568 Intel Unified Shader Compiler for Intel Graphics Accelerator Remote Denial Of Service 2018-10-09 CVE-2018-12153 7.7
TALOS-2018-0537 Intuit Quicken Deluxe 2018 for Mac Password Protection Authentication Bypass Vulnerability 2018-10-09 CVE-2018-3854 7.1
TALOS-2018-0639 Google PDFium JBIG2 image ComposeToOpt2WithRect information disclosure vulnerability 2018-10-03 CVE-2018-16076 5.9
TALOS-2018-0623 Adobe Acrobat Reader DC collab review server remote code execution vulnerability 2018-10-02 CVE-2018-12852 6.8
TALOS-2018-0631 Foxit PDF Reader JavaScript this.dataObjects remote code execution vulnerability 2018-10-01 CVE-2018-3966 8.0
TALOS-2018-0613 Foxit PDF Reader JavaScript getPageNthWord remote code execution vulnerability 2018-10-01 CVE-2018-3946 8.0
TALOS-2018-0666 Atlantis Word Processor Windows Enhanced Metafile Code Execution Vulnerability 2018-10-01 CVE-2018-3998 8.8
TALOS-2018-0629 Foxit PDF Reader JavaScript getPageNumWords remote code execution vulnerability 2018-10-01 CVE-2018-3964 8.0
TALOS-2018-0664 Foxit PDF Reader JavaScript field object isDefaultChecked remote code execution vulnerability 2018-10-01 CVE-2018-3996 8.0
TALOS-2018-0660 Foxit PDF Reader JavaScript page change remote code execution vulnerability 2018-10-01 CVE-2018-3992 8.0
TALOS-2018-0650 Atlantis Word Processor document endnote reference code execution vulnerability 2018-10-01 CVE-2018-3982 8.8
TALOS-2018-0663 Foxit PDF Reader JavaScript Field object signatureInfo remote code execution vulnerability 2018-10-01 CVE-2018-3995 8.0
TALOS-2018-0665 Foxit PDF Reader JavaScript field object signatureGetSeedValue remote code execution vulnerability 2018-10-01 CVE-2018-3997 8.0
TALOS-2018-0669 Atlantis Word Processor Office Open XML uninitialized TTableRow code execution vulnerability 2018-10-01 CVE-2018-4001 8.8
TALOS-2018-0610 Foxit PDF Reader JavaScript getPageBox remote code execution vulnerability 2018-10-01 CVE-2018-3943 8.0
TALOS-2018-0652 Atlantis Word Processor Word document paragraph property (0xD608) sprmTDefTable uninitialized length code execution vulnerability 2018-10-01 CVE-2018-3984 8.8
TALOS-2018-0661 Foxit PDF Reader Javascript Optional Content Group Remote Code Execution Vulnerability 2018-10-01 CVE-2018-3993 8.0
TALOS-2018-0641 Atlantis Word Processor uninitialized TDocOleObject code execution vulnerability 2018-10-01 CVE-2018-3975 7.5
TALOS-2018-0628 Foxit PDF Reader JavaScript this.info multiple remote code execution vulnerabilities 2018-10-01 CVE-2018-3957, CVE-2018-3958, CVE-2018-3959, CVE-2018-3960, CVE-2018-3961, CVE-2018-3962 8.0
TALOS-2018-0668 Atlantis Word Processor Office Open XML TTableRow double free code execution vulnerability 2018-10-01 CVE-2018-4000 8.8
TALOS-2018-0646 Atlantis Word Processor Word Document Complex Piece Descriptor Table Fc.Compressed Code Execution Vulnerability 2018-10-01 CVE-2018-3978 8.8
TALOS-2018-0611 Foxit PDF Reader JavaScript JSON.Stringify this remote code execution vulnerability 2018-10-01 CVE-2018-3944 8.0
TALOS-2018-0607 Foxit PDF Reader Javascript removeDataObject Remote Code Execution Vulnerability 2018-10-01 CVE-2018-3940 8.0
TALOS-2018-0612 Foxit PDF Reader Javascript JSON.Stringify this.info Remote Code Execution Vulnerability 2018-10-01 CVE-2018-3945 8.0
TALOS-2018-0632 Foxit PDF Reader JavaScript this.event.target Remote Code Execution Vulnerability 2018-10-01 CVE-2018-3967 8.0
TALOS-2018-0608 Foxit PDF Reader JavaScript getNthFieldName remote code execution vulnerability 2018-10-01 CVE-2018-3941 8.0
TALOS-2018-0651 Atlantis Word Processor empty TTableRow TList code execution vulnerability 2018-10-01 CVE-2018-3983 8.8
TALOS-2018-0630 Foxit PDF Reader JavaScript this.bookmarkRoot.children remote code execution vulnerability 2018-10-01 CVE-2018-3965 8.0
TALOS-2018-0609 Foxit PDF Reader JavaScript getPageRotation remote code execution vulnerability 2018-10-01 CVE-2018-3942 8.0
TALOS-2018-0667 Atlantis Word Processor JPEG length underflow code execution vulnerability 2018-10-01 CVE-2018-3999 8.8
TALOS-2018-0662 Foxit PDF Reader Javascript importDataObject Remote Code Execution Vulnerability 2018-10-01 CVE-2018-3994 8.0
TALOS-2018-0637 Epee Levin Packet Deserialization Code Execution Vulnerability 2018-09-25 CVE-2018-3972 10.0
TALOS-2018-0622 NordVPN VPN client connect privilege escalation vulnerability 2018-09-07 CVE-2018-3952 8.8
TALOS-2018-0679 ProtonVPN VPN client connect privilege escalation vulnerability 2018-09-07 CVE-2018-4010 8.8
TALOS-2018-0560 ERPNext SQL Injection Vulnerabilities 2018-09-05 CVE-2018-3882, CVE-2018-3883, CVE-2018-3884, CVE-2018-3885 5.4
TALOS-2018-0549 Samsung SmartThings Hub video-core samsungWifiScan Callback Code Execution Vulnerability 2018-07-26 CVE-2018-3867 9.9
TALOS-2018-0575 Samsung SmartThings Hub video-core Camera Creation Code Execution Vulnerability 2018-07-26 CVE-2018-3905 8.5
TALOS-2018-0574 Samsung SmartThings Hub video-core Camera Update Code Execution Vulnerabilities 2018-07-26 CVE-2018-3903, CVE-2018-3904 9.9
TALOS-2018-0593 Samsung SmartThings Hub hubCore ZigBee firmware update CRC16 check denial-of-service vulnerability 2018-07-26 CVE-2018-3926 5.3
TALOS-2018-0554 Samsung SmartThings Hub video-core credentials videoHostUrl Code Execution Vulnerability 2018-07-26 CVE-2018-3872 9.9
TALOS-2018-0594 Samsung SmartThings Hub hubCore Google Breakpad backtrace.io information disclosure vulnerability 2018-07-26 CVE-2018-3927 6.8
TALOS-2018-0556 Samsung SmartThings Hub video-core credentials Parsing SQL Injection Vulnerability 2018-07-26 CVE-2018-3879 8.8
TALOS-2018-0577 Samsung SmartThings Hub video-core REST Request Parser HTTP Pipelining Injection Vulnerabilities 2018-07-26 CVE-2018-3907, CVE-2018-3908, CVE-2018-3909 9.1
TALOS-2018-0581 Samsung SmartThings Hub video-core database shard code execution vulnerabilities 2018-07-26 CVE-2018-3912, CVE-2018-3913, CVE-2018-3914, CVE-2018-3915, CVE-2018-3916, CVE-2018-3917 7.5
TALOS-2018-0570 Samsung SmartThings Hub video-core clips Code Execution Vulnerability 2018-07-26 CVE-2018-3893, CVE-2018-3894, CVE-2018-3895, CVE-2018-3896, CVE-2018-3897 9.9
TALOS-2018-0578 Samsung SmartThings Hub hubCore Port 39500 HTTP Header Injection Vulnerability 2018-07-26 CVE-2018-3911 8.6
TALOS-2018-0548 Samsung SmartThings Hub video-core samsungWifiScan Code Execution Vulnerability 2018-07-26 CVE-2018-3863, CVE-2018-3864, CVE-2018-3865, CVE-2018-3866 9.9
TALOS-2018-0576 Samsung SmartThings Hub video-core Database shard.videoHostURL Code Execution Vulnerability 2018-07-26 CVE-2018-3906 7.5
TALOS-2018-0557 Samsung SmartThings Hub video-core Database find-by-cameraId Code Execution Vulnerability 2018-07-26 CVE-2018-3880 8.2
TALOS-2018-0591 Samsung SmartThings Hub video-core AWSELB Cookie Code Execution Vulnerability 2018-07-26 CVE-2018-3925 8.5
TALOS-2018-0539 Samsung SmartThings Hub video-core RTSP Configuration Command Injection Vulnerability 2018-07-26 CVE-2018-3856 9.9
TALOS-2018-0573 Samsung SmartThings Hub video-core Camera URL Replace Code Execution Vulnerability 2018-07-26 CVE-2018-3902 9.9
TALOS-2018-0555 Samsung SmartThings Hub video-core credentials Code Execution Vulnerability 2018-07-26 CVE-2018-3873, CVE-2018-3874, CVE-2018-3875, CVE-2018-3876, CVE-2018-3877, CVE-2018-3878 9.9
TALOS-2018-0582 Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability 2018-07-26 CVE-2018-3918 6.5
TALOS-2018-0583 Samsung SmartThings Hub video-core Database clips Code Execution Vulnerability 2018-07-26 CVE-2018-3919 7.5
TALOS-2018-0559 FocalScope XML External Entity Injection Vulnerability 2018-07-20 CVE-2018-3881 9.4
TALOS-2018-0604 Sony IPELA E Series Camera measurementBitrateExec command injection vulnerability 2018-07-20 CVE-2018-3937 9.1
TALOS-2018-0605 Sony IPELA E Series Camera 802dot1xclientcert remote code execution vulnerability 2018-07-20 CVE-2018-3938 9.1
TALOS-2018-0588 Foxit PDF Reader Javascript MailForm Remote Code Execution Vulnerability 2018-07-19 CVE-2018-3924 8.8
TALOS-2018-0552 ACD Systems Canvas Draw 4 IO Metadata Out-of-Bounds Write Code Execution Vulnerability 2018-07-19 CVE-2018-3870 8.8
TALOS-2018-0544 ACD Systems Canvas Draw 4 Resolution_Set Out of Bounds Write Code Execution Vulnerability 2018-07-19 CVE-2018-3860 8.8
TALOS-2018-0553 ACD Systems Canvas Draw 4 Invert Map Out-of-Bounds Write Code Execution Vulnerability 2018-07-19 CVE-2018-3871 8.8
TALOS-2018-0543 ACD Systems Canvas Draw 4 Huff Table Out-of-bounds Write Code Execution Vulnerability 2018-07-19 CVE-2018-3859 8.8
TALOS-2018-0542 ACD Systems Canvas Draw 4 PlanarConfiguration Heap Overflow Code Execution Vulnerability 2018-07-19 CVE-2018-3858 8.8
TALOS-2018-0606 Foxit PDF Reader Javascript createTemplate nPage Remote Code Execution Vulnerability 2018-07-19 CVE-2018-3939 8.0
TALOS-2018-0541 ACD Systems Canvas Draw 4 setRasterData Heap Overflow Code Execution Vulnerability 2018-07-19 CVE-2018-3857 8.8
TALOS-2018-0586 Computerinsel Photoline ANI Parsing Code Execution Vulnerability 2018-07-11 CVE-2018-3922 8.8
TALOS-2018-0585 Computerinsel Photoline PSD Blending Channel Code Execution Vulnerability 2018-07-11 CVE-2018-3921 8.8
TALOS-2018-0587 Computerinsel Photoline PCX Run Length Encoding Code Execution Vulnerability 2018-07-11 CVE-2018-3923 8.8
TALOS-2018-0600 Antenna House Office Server Document Converter vbputanld code execution vulnerability 2018-07-10 CVE-2018-3933 8.8
TALOS-2018-0597 Antenna House Office Server Document Converter vbgetfp code execution vulnerability 2018-07-10 CVE-2018-3930 8.8
TALOS-2018-0596 Antenna House Office Server Document Converter OLEread Code Execuction Vulnerability 2018-07-10 CVE-2018-3929 8.8
TALOS-2018-0603 Antenna House Office Server Document Converter GetShapePropery 0x105 code execution vulnerability 2018-07-10 CVE-2018-3936 8.8
TALOS-2018-0598 Antenna House Office Server Document Converter putShapeProperty Code Execution Vulnerability 2018-07-10 CVE-2018-3931 8.8
TALOS-2018-0592 Adobe Acrobat Reader DC JSON Stringify Remote Code Execution Vulnerability 2018-07-10 CVE-2018-12815 6.8
TALOS-2018-0599 Antenna House Office Server Document Converter putlsttbl code execution vulnerability 2018-07-10 CVE-2018-3932 8.8
TALOS-2018-0590 Adobe Acrobat Reader DC Collab newWrStreamToCosObj Remote Code Execution Vulnerability 2018-07-10 CVE-2018-12756 6.8
TALOS-2018-0569 Adobe Acrobat Reader DC Collab.drivers Remote Code Execution Vulnerability 2018-07-10 CVE-2018-12812 6.8
TALOS-2018-0624 IBM AIX rmsock SetUID Binary Information Leak 2018-07-03 CVE-2018-1655 4.0
TALOS-2018-0540 VMware Workstation 14 Shader Functionality Denial Of Service 2018-06-28 CVE-2018-6965 6.5
TALOS-2017-0495 Insteon Hub HTTPExecuteGet Parameters Extraction Code Execution Vulnerability 2018-06-19 CVE-2017-14446 8.5
TALOS-2017-0485 Insteon Hub Reboot Task Denial Of Service Vulnerability 2018-06-19 CVE-2017-16348 7.5
TALOS-2017-0496 Insteon Hub PubNub "ad" Channel Message Handler Code Execution Vulnerability 2018-06-19 CVE-2017-14447 8.5
TALOS-2018-0511 Insteon Hub MPFS Upload Firmware Update Vulnerability 2018-06-19 CVE-2018-3832 9.9
TALOS-2017-0492 Insteon Hub HTTPExecuteGet Firmware Update Information Leak Vulnerability 2018-06-19 CVE-2017-14443 9.6
TALOS-2017-0483 Insteon Hub PubNub "cc" Channel Message Handler Multiple Stack Overflow Code Execution Vulnerabilities 2018-06-19 CVE-2017-16252, CVE-2017-16253, CVE-2017-16254, CVE-2017-16255, CVE-2017-16256, CVE-2017-16257, CVE-2017-16258, CVE-2017-16259, CVE-2017-16260, CVE-2017-16261, CVE-2017-16262, CVE-2017-16263, CVE-2017-16264, CVE-2017-16265, CVE-2017-16266, CVE-2017-16267, CVE-2017-16268, CVE-2017-16269, CVE-2017-16270, CVE-2017-16271, CVE-2017-16272, CVE-2017-16273, CVE-2017-16274, CVE-2017-16275, CVE-2017-16276, CVE-2017-16277, CVE-2017-16278, CVE-2017-16279, CVE-2017-16280, CVE-2017-16281, CVE-2017-16282, CVE-2017-16283, CVE-2017-16284, CVE-2017-16285, CVE-2017-16286, CVE-2017-16287, CVE-2017-16288, CVE-2017-16289, CVE-2017-16290, CVE-2017-16291, CVE-2017-16292, CVE-2017-16293, CVE-2017-16294, CVE-2017-16295, CVE-2017-16296, CVE-2017-16297, CVE-2017-16298, CVE-2017-16299, CVE-2017-16300, CVE-2017-16301, CVE-2017-16302, CVE-2017-16303, CVE-2017-16304, CVE-2017-16305, CVE-2017-16306, CVE-2017-16307, CVE-2017-16308, CVE-2017-16309, CVE-2017-16310, CVE-2017-16311, CVE-2017-16312, CVE-2017-16313, CVE-2017-16314, CVE-2017-16315, CVE-2017-16316, CVE-2017-16317, CVE-2017-16318, CVE-2017-16319, CVE-2017-16320, CVE-2017-16321, CVE-2017-16322, CVE-2017-16323, CVE-2017-16324, CVE-2017-16325, CVE-2017-16326, CVE-2017-16327, CVE-2017-16328, CVE-2017-16329, CVE-2017-16330, CVE-2017-16331, CVE-2017-16332, CVE-2017-16333, CVE-2017-16334, CVE-2017-16335, CVE-2017-16336, CVE-2017-16337 8.5
TALOS-2017-0494 Insteon Hub HTTPExecuteGet Firmware Update host Parameter Buffer Overflow Vulnerability 2018-06-19 CVE-2017-14445 5.3
TALOS-2018-0513 Insteon Hub PubNub Firmware Upgrade Confusion Permanent Denial Of Service Vulnerability 2018-06-19 CVE-2018-3834 8.7
TALOS-2017-0493 Insteon Hub HTTPExecuteGet Firmware Update URL Parameter Code Execution Vulnerability 2018-06-19 CVE-2017-14444 8.5
TALOS-2017-0484 Insteon Hub PubNub "cc" Channel Message Handler Multiple Global Overflow Code Execution Vulnerabilities 2018-06-19 CVE-2017-16338, CVE-2017-16339, CVE-2017-16340, CVE-2017-16341, CVE-2017-16342, CVE-2017-16343, CVE-2017-16344, CVE-2017-16345, CVE-2017-16346, CVE-2017-16347 8.5
TALOS-2018-0512 Insteon Hub PubNub Firmware Downgrade Vulnerability 2018-06-19 CVE-2018-3833 8.6
TALOS-2017-0502 Insteon Hub PubNub control Channel Message Handler Code Execution Vulnerabilities 2018-06-19 CVE-2017-14452, CVE-2017-14453, CVE-2017-14454, CVE-2017-14455 8.5
TALOS-2018-0523 Pixar Renderman IT Display Service 0x67 Command Denial of Service Vulnerability 2018-06-14 CVE-2018-3840 5.3
TALOS-2018-0524 Pixar Renderman IT Display Service 0x69 Command Denial-of-Service Vulnerability 2018-06-14 CVE-2018-3841 5.3
TALOS-2018-0545 Microsoft wimgapi LoadIntegrityInfo Code Execution Vulnerability 2018-06-12 CVE-2018-8210 8.8
TALOS-2018-0535 Ocularis Recorder VMS_VA Denial of Service Vulnerability 2018-06-05 CVE-2018-3852 7.5
TALOS-2017-0364 Natus Xltek EEG NeuroWorks Invalid KeyTree Entry Denial-of-Service Vulnerability 2018-05-31 CVE-2017-2860 7.5
TALOS-2017-0354 Natus Xltek EEG NeuroWorks ItemList Deserialization Denial-of-Service Vulnerability 2018-05-31 CVE-2017-2852 7.5
TALOS-2017-0362 Natus Xltek EEG NeuroWorks ItemList Traversal Denial-of-Service Vulnerability 2018-05-31 CVE-2017-2858 7.5
TALOS-2018-0517 Adobe Acrobat Reader DC Net.Discovery.queryServices Remote Code Execution Vulnerability 2018-05-15 CVE-2018-4996 7.1
TALOS-2018-0518 Adobe Acrobat Reader DC ANFancyAlertImpl Remote Code Execution Vulnerability 2018-05-15 CVE-2018-4947 6.8
TALOS-2017-0501 Multi-Master Replication Manager for MySQL mmm_agentd Remote Command Injection Vulnerabilities 2018-05-07 CVE-2017-14474, CVE-2017-14475, CVE-2017-14476, CVE-2017-14477, CVE-2017-14478, CVE-2017-14479, CVE-2017-14480, CVE-2017-14481 9.8
TALOS-2018-0538 Hyland Perceptive Document Filters DOC to HTML updateNumbering Code Execution Vulnerability 2018-04-26 CVE-2018-3855 8.8
TALOS-2018-0534 Hyland Perceptive Document Filters Microsoft Word CDATA Code Execution Vulnerability 2018-04-26 CVE-2018-3851 8.8
TALOS-2018-0527 Hyland Perceptive Document Filters DOCX to HTML Code Execution Vulnerability 2018-04-26 CVE-2018-3844 8.8
TALOS-2018-0528 Hyland Perceptive Document Filters OpenDocument to JPEG conversion SkCanvas Code Execution vulnerability 2018-04-26 CVE-2018-3845 8.8
TALOS-2017-0506 Foxit PDF Reader Javascript Search Query Remote Code Execution Vulnerability 2018-04-19 CVE-2017-14458 8.8
TALOS-2018-0551 SAP BPC Web Application Information Disclosure Vulnerability 2018-04-19 CVE-2017-16349 6.4
TALOS-2018-0536 Foxit PDF Reader JavaScript createTemplate Remote Code Execution Vulnerability 2018-04-19 CVE-2018-3853 8.8
TALOS-2018-0526 Foxit PDF Reader AssociatedFile Annotation Type Confusion 2018-04-19 CVE-2018-3843 6.5
TALOS-2018-0532 Foxit PDF Reader JavaScript XFA Clone Remote Code Execution Vulnerability 2018-04-19 CVE-2018-3850 8.8
TALOS-2018-0525 Foxit PDF Reader JavaScript setPersistent Remote Code Execution Vulnerability 2018-04-19 CVE-2018-3842 8.8
TALOS-2017-0378 Foscam IP Video Camera Firmware Recovery Unsigned Image Vulnerability 2018-04-17 CVE-2017-2871 9.6
TALOS-2017-0487 Moxa EDR-810 Service Agent Multiple Denial of Service Vulnerabilities 2018-04-13 CVE-2017-14438, CVE-2017-14439 7.5
TALOS-2017-0476 Moxa EDR-810 Web Server URI Denial of Service Vulnerability 2018-04-13 CVE-2017-12124 7.5
TALOS-2017-0477 Moxa EDR-810 Web Server Certificate Signing Request Command Injection Vulnerability 2018-04-13 CVE-2017-12125 8.8
TALOS-2017-0480 Moxa EDR-810 Server Agent Information Disclosure Vulnerability 2018-04-13 CVE-2017-12128 5.3
TALOS-2017-0478 Moxa EDR-810 Web Server Cross-Site Request Forgery Vulnerability 2018-04-13 CVE-2017-12126 8.8
TALOS-2017-0479 Moxa EDR-810 Plaintext Password Storage Vulnerability 2018-04-13 CVE-2017-12127 4.4
TALOS-2017-0475 Moxa EDR-810 Cleartext Transmission of Password Vulnerability 2018-04-13 CVE-2017-12123 5.7
TALOS-2017-0481 Moxa EDR-810 Web Server Weak Cryptography for Passwords Vulnerability 2018-04-13 CVE-2017-12129 3.5
TALOS-2017-0474 Moxa EDR-810 Web Server strcmp Multiple Denial of Service Vulnerabilities 2018-04-13 CVE-2017-14435, CVE-2017-14436, CVE-2017-14437 7.5
TALOS-2017-0473 Moxa EDR-810 Web RSA Key Generation Command Injection Vulnerability 2018-04-13 CVE-2017-12121 8.8
TALOS-2017-0472 Moxa EDR-810 Web Server ping Command Injection Vulnerability 2018-04-13 CVE-2017-12120 8.8
TALOS-2017-0482 Moxa EDR-810 Web Server OpenVPN Config Multiple Command Injection Vulnerabilities 2018-04-13 CVE-2017-14432 - CVE-2017-14434 8.8
TALOS-2018-0531 NASA CFITSIO `ffghbn` and `ffghtb` Stack Overflow Code Execution Vulnerabilities 2018-04-12 CVE-2018-3848 - CVE-2018-3849 8.8
TALOS-2018-0529 NASA CFITSIO Multiple Stack Overflow Code Execution Vulnerabilities 2018-04-12 CVE-2018-3846 8.8
TALOS-2018-0530 NASA CFITSIO `ffgkyn` Stack Overflow Code Execution Vulnerability 2018-04-12 CVE-2018-3847 8.8
TALOS-2018-0562 Computerinsel Photoline PCX Run Length Code Execution Vulnerability 2018-04-11 CVE-2018-3887 8.8
TALOS-2018-0561 Computerinsel Photoline PCX Decompress Code Execution Vulnerability 2018-04-11 CVE-2018-3886 8.8
TALOS-2018-0550 Computerinsel Photoline PSD Blending Channels Code Execution Vulnerability 2018-04-11 CVE-2018-3868 8.8
TALOS-2018-0546 Computerinsel Photoline TIFF Samples Per Pixel Parsing Code Execution Vulnerability 2018-04-11 CVE-2018-3861 8.8
TALOS-2018-0547 Computerinsel Photoline TIFF Bits Per Pixel Parsing Code Execution Vulnerability 2018-04-11 CVE-2018-3862 8.8
TALOS-2018-0564 Computerinsel Photoline PCX Bits Per Pixel Code Execution Vulnerability 2018-04-11 CVE-2018-3889 8.8
TALOS-2018-0563 Computerinsel Photoline PCX Color Map Code Execution Vulnerability 2018-04-11 CVE-2018-3888 8.8
TALOS-2018-0519 Simple DirectMedia Layer SDL2_Image IMG_LoadPCX_RW Information Disclosure Vulnerability 2018-04-10 CVE-2018-3837 5.3
TALOS-2018-0521 Simple DirectMedia Layer SDL2_Image load_xcf_tile_rle bpp Code Execution Vulnerability 2018-04-10 CVE-2018-3839 6.5
TALOS-2018-0520 Simple DirectMedia Layer SDL2_Image load_xcf_tile_rle Information Disclosure Vulnerability 2018-04-10 CVE-2018-3838 5.3
TALOS-2017-0327 Zabbix Server Config Proxy Request Information Disclosure Vulnerability 2018-04-09 CVE-2017-2826 3.7
TALOS-2018-0558 IBM DB2 Shared Memory Insecure Permissions Vulnerability 2018-04-06 CVE-2017-1105 5.1
TALOS-2017-0355 Natus Xltek EEG NeuroWorks RequestForPatientInfoEEGfile Code Execution Vulnerability 2018-04-04 CVE-2017-2853 10.0
TALOS-2017-0373 Natus Xltek EEG NeuroWorks SavePatientMontage Code Execution Vulnerability 2018-04-04 CVE-2017-2867 9.0
TALOS-2017-0365 Natus Xltek EEG NeuroWorks NewProducerStream Use of Return Value Denial of Service Vulnerability 2018-04-04 CVE-2017-2861 7.5
TALOS-2017-0375 Natus Xltek EEG NeuroWorks OpenProducer Code Execution Vulnerability 2018-04-04 CVE-2017-2869 10.0
TALOS-2017-0374 Natus Xltek EEG NeuroWorks NewProducerStream Code Execution Vulnerability 2018-04-04 CVE-2017-2868 10.0
TALOS-2017-0447 Circle with Disney WiFi Insecure Access Point Vulnerability 2018-04-04 CVE-2017-12095 6.5
TALOS-2017-0507 Moxa AWK-3131A Multiple Features Login Username Parameter OS Command Injection Vulnerability 2018-04-03 CVE-2017-14459 10.0
TALOS-2017-0443 Allen Bradley Micrologix 1400 Series B Unauthenticated Data/Program/Function File Improper Access Control Vulnerability 2018-03-28 CVE-2017-14462, CVE-2017-14463, CVE-2017-14464, CVE-2017-14465, CVE-2017-14466, CVE-2017-14467, CVE-2017-14468, CVE-2017-14469, CVE-2017-14470, CVE-2017-14471, CVE-2017-14472, CVE-2017-14473 10.0
TALOS-2017-0442 Allen Bradley Micrologix 1400 Series B SNMP-Set Processing Incorrect Behavior Order Denial of Service Vulnerability 2018-03-28 CVE-2017-12090 7.7
TALOS-2018-0514 Nvidia D3D10 Driver Pixel Shader Heap Memory Corruption Vulnerability 2018-03-28 CVE-2018-6251 9.0
TALOS-2017-0441 Allen Bradley Micrologix 1400 Series B Ladder Logic Program Download Device Fault Denial of Service Vulnerability 2018-03-28 CVE-2017-12089 8.6
TALOS-2017-0444 Allen Bradley Micrologix 1400 Series B Memory Module Store Program File Write Vulnerability 2018-03-28 CVE-2017-12092 3.7
TALOS-2017-0440 Allen Bradley Micrologix 1400 Series B Ethernet Card Malformed Packet Denial of Service Vulnerability 2018-03-28 CVE-2017-12088 8.6
TALOS-2018-0522 Nvidia D3D10 Driver Pixel Shader Functionality Denial Of Service 2018-03-28 CVE-2018-6253 7.7
TALOS-2017-0445 Allen Bradley Micrologix 1400 Series B PLC Session Communication Insufficient Resource Pool Denial of Service Vulnerability 2018-03-28 CVE-2017-12093 5.3
TALOS-2017-0376 VMware VNC Lock Count Denial of Service Vulnerability 2018-03-15 CVE-2018-6957 7.5
TALOS-2017-0491 Simple DirectMedia Layer SDL2_image Image Palette Population Code Execution Vulnerability 2018-03-01 CVE-2017-14442 8.8
TALOS-2017-0499 Simple DirectMedia Layer SDL2_Image LWZ Decompression Buffer Overflow Vulnerability 2018-03-01 CVE-2017-14450 7.1
TALOS-2017-0489 Simple DirectMedia Layer SDL2_image ILBM CMAP Parsing Code Execution Vulnerability 2018-03-01 CVE-2017-14440 8.8
TALOS-2017-0490 Simple DirectMedia Layer SDL2_image ICO Pitch Handling Code Execution Vulnerability 2018-03-01 CVE-2017-14441 8.8
TALOS-2017-0510 Dovecot IMAP Server rfc822_parse_domain Information Leak Vulnerability 2018-03-01 CVE-2017-14461 5.9
TALOS-2017-0497 Simple DirectMedia Layer SDL2_image load_xcf_tile_rle Decompression Code Execution Vulnerability 2018-03-01 CVE-2017-14448 8.8
TALOS-2017-0488 Simple DirectMedia Layer SDL2_Image IMG_LoadLBM_RW Code Execution Vulnerability 2018-03-01 CVE-2017-12122 8.8
TALOS-2017-0498 Simple DirectMedia Layer SDL2_image do_layer_surface Double-Free Vulnerability 2018-03-01 CVE-2017-14449 7.5
TALOS-2017-0505 Adobe Acrobat Reader DC Document ID Remote Code Execution Vulnerability 2018-02-23 CVE-2018-4901 8.8
TALOS-2018-0733 coTURN server unsafe telnet admin portal default configuration vulnerability 2018-01-29 CVE-2018-4059 6.5
TALOS-2018-0732 coTURN TURN server unsafe loopback forwarding default configuration vulnerability 2018-01-29 CVE-2018-4058 7.7
TALOS-2018-0730 coTURN Administrator Web Portal SQL injection vulnerability 2018-01-29 CVE-2018-4056 9.1
TALOS-2018-0515 Walt Disney Per-Face Texture Mapping faceInfoSize Code Execution Vulnerability 2018-01-26 CVE-2018-3835 8.8
TALOS-2018-0516 Leptonica gplotMakeOutput Command Injection Vulnerability 2018-01-22 CVE-2018-3836 7.0
TALOS-2017-0486 Tinysvcmdns Multi-label DNS mdns_parse_qn Denial Of Service Vulnerability 2018-01-17 CVE-2017-12130 7.5
TALOS-2017-0409 Blender Sequencer dpxOpen Buffer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-2902 8.8
TALOS-2017-0411 Blender Sequencer imb_loadhdr Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-2904 8.8
TALOS-2017-0410 Blender Sequencer imb_load_dpx_cineon Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-2903 8.8
TALOS-2017-0412 Blender Sequencer imb_bmp_decode Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-2905 8.8
TALOS-2017-0413 Blender Sequencer imb_get_anim_type Streams Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-2906 8.8
TALOS-2017-0408 Blender Sequencer imb_loadiris Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-2901 8.8
TALOS-2017-0414 Blender Sequencer avi_format_convert Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-2907 8.8
TALOS-2017-0415 Blender Directory Browsing Thumbnail Viewer Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-2908 7.5
TALOS-2017-0407 Blender Sequencer imb_loadpng Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-2900 8.8
TALOS-2017-0457 Blender mesh_calc_modifiers eModifierTypeType_OnlyDeform Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-12105 8.8
TALOS-2017-0456 Blender draw_new_particle_system PART_DRAW_AXIS Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-12104 8.8
TALOS-2017-0406 Blender Sequencer imb_loadtiff Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-2899 8.8
TALOS-2017-0455 Blender BKE_vfont_to_curve_ex Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-12103 8.8
TALOS-2017-0453 Blender modifier_mdef_compact_influences Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-12101 8.8
TALOS-2017-0425 Blender BKE_image_acquire_ibuf Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-2918 8.8
TALOS-2017-0452 Blender multires_load_old_dm base vertex map Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-12100 8.8
TALOS-2017-0451 Blender customData_add_layer__internal Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-12099 8.8
TALOS-2017-0433 Blender vcol_to_fcol Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-12081 8.8
TALOS-2017-0438 Blender BKE_mesh_calc_normals_tessface Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-12086 8.8
TALOS-2017-0434 Blender Object CustomData_external_read Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-12082 8.8
TALOS-2017-0454 Blender BKE_curve_bevelList_make Integer Overflow Code Execution Vulnerability 2018-01-11 CVE-2017-12102 8.8
TALOS-2017-0450 rails_admin rails gem XSS vulnerability 2018-01-10 CVE-2017-12098 6.1
TALOS-2017-0449 delayed_job_web rails gem XSS vulnerability 2018-01-10 CVE-2017-12097 6.1
TALOS-2017-0464 CPP-Ethereum JSON-RPC admin_addPeer Authorization Bypass Vulnerability 2018-01-09 CVE-2017-12112 4.0
TALOS-2017-0465 CPP-Ethereum JSON-RPC admin_nodeInfo improper authorization Vulnerability 2018-01-09 CVE-2017-12113 4.0
TALOS-2017-0503 CPP-Ethereum libevm create2 Information Leak Vulnerability 2018-01-09 CVE-2017-14457 8.2
TALOS-2017-0500 CPP-Ethereum libevm pow2N Code Execution Vulnerability 2018-01-09 CVE-2017-14451 9.0
TALOS-2017-0467 CPP-Ethereum JSON-RPC miner_setEtherbase improper authorization Vulnerability 2018-01-09 CVE-2017-12115 6.8
TALOS-2017-0471 CPP-Ethereum JSON-RPC Denial Of Service Vulnerabilities 2018-01-09 CVE-2017-12119 7.5
TALOS-2017-0468 CPP-Ethereum JSON-RPC miner_setGasPrice improper authorization Vulnerability 2018-01-09 CVE-2017-12116 6.8
TALOS-2017-0469 CPP-Ethereum JSON-RPC miner_start improper authorization Vulnerability 2018-01-09 CVE-2017-12117 4.0
TALOS-2017-0470 CPP-Ethereum JSON-RPC miner_stop improper authorization Vulnerability 2018-01-09 CVE-2017-12118 4.0
TALOS-2017-0508 Parity Ethereum Client Overly Permissive Cross-domain Whitelist JSON-RPC vulnerability 2018-01-09 CVE-2017-14460 7.5
TALOS-2017-0466 CPP-Ethereum JSON-RPC admin_peers improper authorization Vulnerability 2018-01-09 CVE-2017-12114 4.0
TALOS-2017-0368 VMware VNC Dynamic Resolution Request Code Execution Vulnerability 2017-12-19 CVE-2017-4933 9.0
TALOS-2017-0369 VMware VNC Pointer Decode Code Execution Vulnerability 2017-12-19 CVE-2017-4941 9.0
TALOS-2017-0393 ACDSee Ultimate 10 IDE_PSD PSD Parsing Code Execution Vulnerability 2017-12-08 CVE-2017-2886 8.8
TALOS-2017-0439 Tinysvcmdns Multi-label DNS Heap Overflow Vulnerability 2017-11-20 CVE-2017-12087 10.0
TALOS-2017-0463 libxls xls_addCell Formula Code Execution Vulnerability 2017-11-15 CVE-2017-12111 8.8
TALOS-2017-0426 libxls xls_getfcell Code Execution Vulnerability 2017-11-15 CVE-2017-2919 8.8
TALOS-2017-0460 libxls xls_preparseWorkSheet MULBLANK Code Execution Vulnerability 2017-11-15 CVE-2017-12108 8.8
TALOS-2017-0461 libxls xls_preparseWorkSheet MULRK Code Execution Vulnerability 2017-11-15 CVE-2017-12109 8.8
TALOS-2017-0462 libxls xls_appendSST Code Execution Vulnerability 2017-11-15 CVE-2017-12110 8.8
TALOS-2017-0403 libxls xls_mergedCells Code Execution Vulnerability 2017-11-15 CVE-2017-2896 8.8
TALOS-2017-0404 libxls read_MSAT Code Execution Vulnerability 2017-11-15 CVE-2017-2897 8.8
TALOS-2017-0356 Adobe Acrobat Reader DC PDF Structured Hierarchy ActualText Structure Element Remote Code Execution Vulnerability 2017-11-14 CVE-2017-16367 8.8
TALOS-2017-0360 Foscam IP Video Camera webService 9299.org DDNS Client Code Execution Vulnerability 2017-11-13 CVE-2017-2857 8.1
TALOS-2017-0380 Foscam IP Video Camera CGIProxy.fcgi SoftAP Configuration Command Injection Vulnerability 2017-11-13 CVE-2017-2873 8.8
TALOS-2017-0358 Foscam IP Video Camera webService 3322.net DDNS Client Code Execution Vulnerability 2017-11-13 CVE-2017-2855 8.1
TALOS-2017-0384 Foscam IP Video Camera devMng Multi-Camera Port 10001 Command 0x0064 Empty AuthResetKey Vulnerability 2017-11-13 CVE-2017-2877 9.8
TALOS-2017-0357 Foscam IP Video Camera webService oray.com DDNS Client Code Execution Vulnerability 2017-11-13 CVE-2017-2854 8.1
TALOS-2017-0382 Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0002 Username Field Code Execution Vulnerability 2017-11-13 CVE-2017-2875 8.8
TALOS-2017-0385 Foscam IP Video Camera CGIProxy.fcgi logOut Code Execution Vulnerability 2017-11-13 CVE-2017-2878 8.8
TALOS-2017-0379 Foscam IP Video Camera CGIProxy.fcgi Firmware Upgrade Code Execution Vulnerability 2017-11-13 CVE-2017-2872 9.9
TALOS-2017-0381 Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0000 Information Disclosure Vulnerability 2017-11-13 CVE-2017-2874 7.5
TALOS-2017-0359 Foscam IP Video Camera webService dyndns.com DDNS Client Code Execution Vulnerability 2017-11-13 CVE-2017-2856 8.1
TALOS-2017-0383 Foscam IP Video Camera devMng Multi-Camera Port 10000 Command 0x0002 Password Field Code Execution Vulnerability 2017-11-13 CVE-2017-2876 8.8
TALOS-2017-0386 Foscam IP Video Camera UPnP Discovery Code Execution Vulnerability 2017-11-13 CVE-2017-2879 7.5
TALOS-2017-0417 libxls xls_addCell MulBlank Code Execution Vulnerability 2017-11-09 CVE-2017-2910 8.8
TALOS-2017-0436 Circle with Disney Rclient SSH Persistent Remote Access Vulnerability 2017-10-31 CVE-2017-12084 8.0
TALOS-2017-0391 Circle with Disney Apid Photo Upload Denial of Service Vulnerability 2017-10-31 CVE-2017-2884 7.5
TALOS-2017-0405 Circle with Disney Firmware Update Signature Check Bypass Vulnerability 2017-10-31 CVE-2017-2898 9.9
TALOS-2017-0419 Circle with Disney Goclient SSL TLD MITM Vulnerability 2017-10-31 CVE-2017-2912 7.4
TALOS-2017-0422 Circle with Disney WiFi Restart SSID Parsing Command Injection Vulnerability 2017-10-31 CVE-2017-2915 9.0
TALOS-2017-0424 Circle with Disney configure.xml Notifications Command Injection Vulnerability 2017-10-31 CVE-2017-2917 9.9
TALOS-2017-0437 Circle with Disney Token Routing Vulnerability 2017-10-31 CVE-2017-12085 9.0
TALOS-2017-0448 Circle with Disney WiFi Security Downgrade Vulnerability 2017-10-31 CVE-2017-12096 6.5
TALOS-2017-0390 Circle with Disney Database Updater Code Execution Vulnerability 2017-10-31 CVE-2017-2883 9.0
TALOS-2017-0396 Circle with Disney Apid Server Fork Denial of Service Vulnerability 2017-10-31 CVE-2017-2889 7.5
TALOS-2017-0397 Circle with Disney Restore API Command Injection Vulnerability 2017-10-31 CVE-2017-2890 9.9
TALOS-2017-0398 Cesanta Mongoose HTTP Server CGI Remote Code Execcution Vulnerability 2017-10-31 CVE-2017-2891 9.8
TALOS-2017-0399 Cesanta Mongoose MQTT Payload Length Remote Code Execution 2017-10-31 CVE-2017-2892 6.8
TALOS-2017-0400 Cesanta Mongoose MQTT SUBSCRIBE Command Denial Of Service 2017-10-31 CVE-2017-2893 6.8
TALOS-2017-0401 Cesanta Mongoose MQTT SUBSCRIBE Multiple Topics Remote Code Execution 2017-10-31 CVE-2017-2894 9.8
TALOS-2017-0402 Cesanta Mongoose MQTT SUBSCRIBE Topic Length Information Leak 2017-10-31 CVE-2017-2895 8.2
TALOS-2017-0428 Cesanta Mongoose Websocket Protocol Packet Length Code Execution Vulnerability 2017-10-31 CVE-2017-2921 8.1
TALOS-2017-0429 Cesanta Mongoose Websocket Protocol Fragmented Packet Code Execution Vulnerability 2017-10-31 CVE-2017-2922 9.8
TALOS-2017-0420 Circle with Disney libbluecoat.so SSL TLD MITM Vulnerability 2017-10-31 CVE-2017-2913 8.1
TALOS-2017-0423 Circle with Disney Configuration Restore Photos File Overwrite Vulnerability 2017-10-31 CVE-2017-2916 9.9
TALOS-2017-0446 Circle with Disney Startup WiFi Channel Parsing Command Injection Vulnerability 2017-10-31 CVE-2017-12094 7.4
TALOS-2017-0371 Circle with Disney Firmware Update Command Injection Vulnerability 2017-10-31 CVE-2017-2865 9.6
TALOS-2017-0372 Circle with Disney Backup API Command Injection Vulnerability 2017-10-31 CVE-2017-2866 9.9
TALOS-2017-0388 Circle with Disney check_torlist.sh Update Code Execution Vulnerability 2017-10-31 CVE-2017-2881 9.6
TALOS-2017-0370 Circle with Disney Weak Authentication Vulnerability 2017-10-31 CVE-2017-2864 8.1
TALOS-2017-0389 Circle with Disney check_circleservers Code Execution Vulnerability 2017-10-31 CVE-2017-2882 9.0
TALOS-2017-0435 Circle with Disney Apid Use-Between-Reallocs Information Disclosure Vulnerability 2017-10-31 CVE-2017-12083 5.8
TALOS-2017-0421 Circle with Disney Apid Strstr Authentication Bypass Vulnerability 2017-10-31 CVE-2017-2914 9.0
TALOS-2017-0416 Cesanta Mongoose DNS Query Compressed Name Pointer Denial Of Service 2017-10-31 CVE-2017-2909 7.5
TALOS-2017-0418 Circle with Disney Rclient SSL TLD MITM Vulnerability 2017-10-31 CVE-2017-2911 9.0
TALOS-2017-0459 Computerinsel Photoline PCX Parsing Code Execution Vulnerability 2017-10-30 CVE-2017-12107 8.8
TALOS-2017-0295 Apache OpenOffice DOC WW8Fonts Constructor Code Execution Vulnerability 2017-10-26 CVE-2017-9806 8.3
TALOS-2017-0301 Apache OpenOffice DOC ImportOldFormatStyles Code Execution Vulnerability 2017-10-26 CVE-2017-12608 8.3
TALOS-2017-0300 Apache OpenOffice PPT PPTStyleSheet nLevel Code Execution Vulnerability 2017-10-26 CVE-2017-12607 8.3
TALOS-2017-0432 Google PDFium TIFF Image Flate Decoder Code Execution Vulnerability 2017-10-19 CVE-2017-5133 7.5
TALOS-2017-0394 Simple DirectMedia Layer SDL_image XCF Property Handling Code Execution Vulnerability 2017-10-10 CVE-2017-2887 8.8
TALOS-2017-0395 Simple DirectMedia Layer Create RGB Surface Code Execution Vulnerability 2017-10-10 CVE-2017-2888 8.8
TALOS-2017-0458 Computerinsel Photoline TGA Parsing Code Execution Vulnerability 2017-10-04 CVE-2017-12106 8.8
TALOS-2017-0427 Computerinsel Photoline SVG Parsing Code Execution Vulnerability 2017-10-04 CVE-2017-2920 8.8
TALOS-2017-0387 Computerinsel Photoline GIF Parsing Code Execution Vulnerability 2017-10-04 CVE-2017-2880 8.8
TALOS-2017-0305 ansible-vault Yaml Load Code Execution Vulnerability 2017-09-14 CVE-2017-2809 7.5
TALOS-2017-0317 LibOFX Tag Parsing Code Execution Vulnerability 2017-09-13 CVE-2017-2816 8.8
TALOS-2017-0430 FreeXL read_biff_next_record Code Execution Vulnerability 2017-09-11 CVE-2017-2923 8.8
TALOS-2017-0431 FreeXL BIFF Dimension Marker Code Execution Vulnerability 2017-09-11 CVE-2017-2924 8.8
TALOS-2017-0306 Microsoft Edge Content Security Bypass Vulnerability 2017-09-06 -- 4.3
TALOS-2017-0303 Ledger CLI Tags Parsing Code Execution Vulnerability 2017-08-30 CVE-2017-2807 7.5
TALOS-2017-0366 Gdk-Pixbuf JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability 2017-08-30 CVE-2017-2862 8.8
TALOS-2017-0377 Gdk-Pixbuf TIFF tiff_image_parse Code Execution Vulnerability 2017-08-30 CVE-2017-2870 8.8
TALOS-2017-0304 Ledger CLI Account Directive Use-After-Free Vulnerability 2017-08-30 CVE-2017-2808 7.5
TALOS-2017-0273 National Instruments LabVIEW RSRC Arbitrary Null Write Code Execution Vulnerability 2017-08-29 CVE-2017-2779 7.5
TALOS-2017-0323 Lexmark LibISYSpdf Image Rendering DCTStream::getBlock() Code Execution Vulnerability 2017-08-28 CVE-2017-2822 7.5
TALOS-2017-0322 Lexmark Perceptive Document Filters PDF GfxFont Code Execution Vulnerability 2017-08-28 CVE-2017-2821 8.8
TALOS-2017-0392 GNOME libsoup HTTP Chunked Encoding Remote Code Execution Vulnerability 2017-08-10 CVE-2017-2885 9.8
TALOS-2017-0361 Adobe Acrobat Reader DC AcroForm PDFDocEncoding Remote Code Execution Vulnerability 2017-08-08 CVE-2017-11263 8.8
TALOS-2017-0308 Kakadu SDK JPEG 2000 Unknown Marker Code Execution Vulnerability 2017-08-04 CVE-2017-2811 8.8
TALOS-2017-0309 Kakadu SDK JPEG 2000 Contiguous Codestream Code Execution Vulnerability 2017-08-04 CVE-2017-2812 8.8
TALOS-2017-0342 EZB Systems UltraISO ISO Parsing Code Execution Vulnerability 2017-08-01 CVE-2017-2840 8.8
TALOS-2017-0337 FreeRDP Rdp Client Recv RDP Code Execution Vulnerability 2017-07-24 CVE-2017-2835 8.8
TALOS-2017-0336 FreeRDP Rdp Client License Recv Code Execution Vulnerability 2017-07-24 CVE-2017-2834 8.8
TALOS-2017-0338 FreeRDP Rdp Client Read Server Proprietary Certificate Denial of Service Vulnerability 2017-07-24 CVE-2017-2836 6.5
TALOS-2017-0339 FreeRDP Rdp Client GCC Read Server Security Data Denial of Service Vulnerability 2017-07-24 CVE-2017-2837 6.5
TALOS-2017-0340 FreeRDP Rdp Client License Read Product Info Denial of Service Vulnerability 2017-07-24 CVE-2017-2838 6.5
TALOS-2017-0341 FreeRDP Rdp Client License Read Challenge Packet Denial of Service Vulnerability 2017-07-24 CVE-2017-2839 6.5
TALOS-2016-0261 Corel CorelDRAW X8 EMF Parser Code Execution Vulnerability 2017-07-20 CVE-2016-9043 8.8
TALOS-2016-0244 Corel PHOTO-PAINT X8 GIF Filter Code Execution Vulnerability 2017-07-20 CVE-2016-8730 8.8
TALOS-2017-0298 Corel PHOTO-PAINT X8 TIFF Filter Code Execution Vulnerability 2017-07-20 CVE-2017-2804 8.8
TALOS-2017-0297 Corel PHOTO-PAINT X8 64-bit TIFF Filter Code Execution Vulnerability 2017-07-20 CVE-2017-2803 8.8
TALOS-2017-0313 ProcessMaker Enterprise Core Multiple SQL Injection Vulnerabilities 2017-07-19 CVE-2016-9048 7.4
TALOS-2017-0316 Open Fire User Import Export Plugin XML External Entity Injection 2017-07-19 CVE-2017-2815 8.1
TALOS-2017-0315 Information Builders WebFOCUS Business Intelligence Portal Command Execution Vulnerability 2017-07-19 CVE-2016-9044 8.8
TALOS-2017-0314 ProcessMaker Enterprise Core Code Execution Vulnerability 2017-07-19 CVE-2016-9045 8.8
TALOS-2017-0367 Iceni Infix PDF parsing SetSize Code Execution Vulnerability 2017-07-11 CVE-2017-2863 8.8
TALOS-2017-0311 Poppler PDF Image Display DCTStream::readScan() Code Execution Vulnerability 2017-07-07 CVE-2017-2814 7.5
TALOS-2017-0321 Poppler PDF library JPEG 2000 levels Code Execution Vulnerability 2017-07-07 CVE-2017-2820 8.8
TALOS-2017-0319 Poppler PDF Image Display DCTStream::readProgressiveSOF() Code Execution Vulnerability 2017-07-07 CVE-2017-2818 7.5
TALOS-2017-0289 Nitro Pro 11 PDF Handling Code Execution Vulnerability 2017-07-06 CVE-2016-2796 8.8
TALOS-2016-0246 Invincea Dell Protected Workspace Protection Bypass 2017-06-30 CVE-2016-8732 7.8
TALOS-2016-0247 Dell Precision Optimizer Local Privilege Escalation Vulnerability 2017-06-30 CVE-2017-2802 7.1
TALOS-2016-0256 Invincea-X SboxDrv.sys Version Number Query Local Privilege Escalation Vulnerability 2017-06-30 CVE-2016-9038 8.1
TALOS-2017-0278 InsideSecure MatrixSSL x509 certificate General Names Information Disclosure Vulnerability 2017-06-22 CVE-2017-2782 6.5
TALOS-2017-0277 InsideSecure MatrixSSL x509 certificate IssuerDomainPolicy Remote Code Execution Vulnerability 2017-06-22 CVE-2017-2781 8.1
TALOS-2017-0276 InsideSecure MatrixSSL x509 certificate SubjectDomainPolicy Remote Code Execution Vulnerability 2017-06-22 CVE-2017-2780 8.1
TALOS-2017-0299 Foscam IP Video Camera WebService CGI Parameter Code Execution Vulnerability 2017-06-19 CVE-2017-2805 9.8
TALOS-2017-0352 Foscam IP Video Camera CGIProxy.fcgi Change Username pureftpd.passwd Injection Vulnerability 2017-06-19 CVE-2017-2850 8.8
TALOS-2017-0351 Foscam IP Video Camera CGIProxy.fcgi NTP Server Configuration Command Injection Vulnerability 2017-06-19 CVE-2017-2849 8.8
TALOS-2017-0353 Foscam IP Video Camera CGIProxy.fcgi Wifi Settings Code Execution Vulnerability 2017-06-19 CVE-2017-2851 7.5
TALOS-2017-0331 Foscam IP Video Camera CGIProxy.fcgi Message 0x3001 Multi-part Form Boundary Code Execution Vulnerability 2017-06-19 CVE-2017-2830 8.8
TALOS-2017-0332 Foscam IP Video Camera CGIProxy.fcgi Query Append Buffer Overflow Vulnerability 2017-06-19 CVE-2017-2831 9.8
TALOS-2017-0347 Foscam IP Video Camera CGIProxy.fcgi SMTP Test Command Injection Vulnerability 2017-06-19 CVE-2017-2845 8.8
TALOS-2017-0334 Foscam IP Video Camera CGIProxy.fcgi FTP Startup Configuration Command Injection Vulnerability 2017-06-19 CVE-2017-2833 8.8
TALOS-2017-0346 Foscam IP Video Camera CGIProxy.fcgi SMTP Test Sender Parameter Configuration Command Injection Vulnerability 2017-06-19 CVE-2017-2844 8.8
TALOS-2017-0335 Foscam IP Video Camera CGIProxy.fcgi Account Deletion Command Injection Vulnerability 2017-06-19 CVE-2017-2832 8.8
TALOS-2017-0349 Foscam IP Video Camera CGIProxy.fcgi DNS1 Address Configuration Command Injection Vulnerability 2017-06-19 CVE-2017-2847 8.8
TALOS-2017-0329 Foscam IP Video Camera CGIProxy.fcgi Account Password Command Injection Vulnerability 2017-06-19 CVE-2017-2828 8.8
TALOS-2017-0343 Foscam IP Video Camera CGIProxy.fcgi SMTP Test Host Parameter Configuration Command Injection Vulnerability 2017-06-19 CVE-2017-2841 8.8
TALOS-2017-0344 Foscam IP Video Camera CGIProxy.fcgi SMTP Test User Parameter Configuration Command Injection Vulnerability 2017-06-19 CVE-2017-2842 8.8
TALOS-2017-0345 Foscam IP Video Camera CGIProxy.fcgi SMTP Test Password Parameter Configuration Command Injection Vulnerability 2017-06-19 CVE-2017-2843 8.8
TALOS-2017-0330 Foscam IP Video Camera CGIProxy.fcgi Message 0x3001 Directory Traversal Vulnerability 2017-06-19 CVE-2017-2829 7.7
TALOS-2017-0348 Foscam IP Video Camera CGIProxy.fcgi Gateway Address Configuration Command Injection Vulnerability 2017-06-19 CVE-2017-2846 8.8
TALOS-2017-0350 Foscam IP Video Camera CGIProxy.fcgi DNS2 Address Configuration Command Injection Vulnerability 2017-06-19 CVE-2017-2848 8.8
TALOS-2016-0245 Foscam C1 Webcam FTP Hard Coded Password Vulnerability 2017-06-19 CVE-2016-8731 9.8
TALOS-2017-0328 Foscam IP Video Camera CGIProxy.fcgi Account Creation Command Injection Vulnerability 2017-06-19 CVE-2017-2827 8.8
TALOS-2017-0307 Tablib Yaml Load Code Execution Vulnerability 2017-06-13 CVE-2017-2810 7.5
TALOS-2016-0242 MuPDF Fitz library font glyph scaling Code Execution Vulnerability 2017-05-15 CVE-2016-8728 8.6
TALOS-2016-0243 Artifex MuPDf JBIG2 Parser Code Execution Vulnerability 2017-05-15 CVE-2016-8729 7.5
TALOS-2017-0320 Hancom Thinkfree NEO Hangul Word Processor HWPTAG_TAB_DEF Tab Count Code Execution Vulnerability 2017-05-12 CVE-2017-2819 8.8
TALOS-2017-0318 PowerIso Parsing Code Execution Vulnerability 2017-05-05 CVE-2017-2817 8.8
TALOS-2017-0324 PowerISO ISO Parsing Use After Free 2017-05-05 CVE-2017-2823 8.8
TALOS-2016-0208 AntennaHouse DMC HTMLFilter Doc_GetFontTable Code Execution Vulnerability 2017-05-04 CVE-2016-8383 8.3
TALOS-2016-0207 AntennaHouse DMC HTMLFilter Doc_SetSummary Code Execution Vulnerability 2017-05-04 CVE-2016-8382 8.3
TALOS-2017-0285 AntennaHouse DMC HTMLFilter UnCompressUnicode Code Execution Vulnerability 2017-05-04 CVE-2017-2793 8.3
TALOS-2017-0288 AntennaHouse DMC HTMLFilter Txo Code Execution Vulnerability 2017-05-04 CVE-2017-2795 8.3
TALOS-2017-0292 AntennaHouse DMC HTMLFilter AddSst Code Execution Vulnerability 2017-05-04 CVE-2017-2799 8.3
TALOS-2017-0291 AntennaHouse DMC HTMLFilter GetIndexArray Code Execution Vulnerability 2017-05-04 CVE-2017-2798 8.3
TALOS-2017-0286 AntennaHouse DMC HTMLFilter PPT DHFSummary Code Execution Vulnerability 2017-05-04 CVE-2017-2794 8.3
TALOS-2017-0284 AntennaHouse DMC HTMLFilter iBldDirInfo Code Execution Vulnerability 2017-05-04 CVE-2017-2792 8.3
TALOS-2017-0279 AntennaHouse DMC HTMLFilter FillRowFormat Code Execution Vulnerability 2017-05-04 CVE-2017-2783 8.3
TALOS-2016-0209 AntennaHouse DMC HTMLFilter DHFSummary Code Execution Vulnerability 2017-05-04 CVE-2016-8384 8.3
TALOS-2017-0293 WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability 2017-05-04 CVE-2017-2800 8.1
TALOS-2017-0290 AntennaHouse DMC HTMLFilter PPT ParseEnvironment Code Execution Vulnerability 2017-05-04 CVE-2017-2797 8.3
TALOS-2017-0294 Randombit Botan Library X509 Certificate Validation Bypass Vulnerability 2017-04-28 CVE-2017-2801 6.5
TALOS-2017-0325 Zabbix Server Active Proxy Trapper Remote Code Execution Vulnerability 2017-04-27 CVE-2017-2824 9.0
TALOS-2017-0326 Zabbix Proxy Server SQL Database Write Vulnerability 2017-04-27 CVE-2017-2825 7.0
TALOS-2017-0310 IrfanView JPEG 2000 Reference Tile Width Arbitrary Code Execution Vulnerability 2017-04-26 CVE-2017-2813 8.8
TALOS-2016-0231 Moxa AWK-3131A Hard-coded Administrator Credentials Vulnerability 2017-04-21 CVE-2016-8717 10.0
TALOS-2017-0274 ARM Mbedtls x509 ECDSA invalid public key Remote Code Execution Vulnerability 2017-04-19 CVE-2017-2784 8.1
TALOS-2016-0235 Moxa AWK-3131A Web Application Ping Command Injection Vulnerability 2017-04-18 CVE-2016-8721 9.1
TALOS-2017-0302 Lexmark Perceptive Document Filters XLS ShapeHLink Information Disclosure Vulnerability 2017-04-18 CVE-2017-2806 4.3
TALOS-2016-0237 Moxa AWK-3131A HTTP GET Denial of Service Vulnerability 2017-04-10 CVE-2016-8723 7.5
TALOS-2016-0230 Moxa AWK-3131A Web Application Cleartext Transmission of Password Vulnerability 2017-04-10 CVE-2016-8716 7.5
TALOS-2016-0233 Moxa AWK-3131A Web Application Multiple Reflected Cross-Site Scripting Vulnerabilities 2017-04-10 CVE-2016-8719 7.5
TALOS-2016-0238 Moxa AWK-3131A serviceAgent Information Disclosure Vulnerability 2017-04-10 CVE-2016-8724 5.3
TALOS-2016-0240 Moxa AWK-3131A web_runScript Header Manipulation Denial of Service Vulnerability 2017-04-10 CVE-2016-8726 7.5
TALOS-2016-0232 Moxa AWK-3131A Web Application Cross-Site Request Forgery Vulnerability 2017-04-10 CVE-2016-8718 7.5
TALOS-2016-0234 Moxa AWK-3131A Web Application bkpath HTTP Header Injection Vulnerability 2017-04-10 CVE-2016-8720 3.1
TALOS-2016-0239 Moxa AWK-3131A Web Application systemlog.log Information Disclosure Vulnerability 2017-04-10 CVE-2016-8725 5.3
TALOS-2016-0225 Moxa AWK-3131A Web Application Nonce Reuse Vulnerability 2017-04-10 CVE-2016-8712 5.9
TALOS-2016-0241 Moxa AWK-3131A Web Application onekey Information Disclosure Vulnerability 2017-04-10 CVE-2016-0241 7.5
TALOS-2016-0236 Moxa AWK-3131A Web Application asqc.asp Information Disclosure Vulnerability 2017-04-10 CVE-2016-8722 5.3
TALOS-2016-0260 Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability 2017-03-29 CVE-2016-9042 3.7
TALOS-2017-0269 National Instruments LabVIEW LvVarientUnflatten Code Execution Vulnerability 2017-03-22 CVE-2017-2775 7.5
TALOS-2016-0227 R PDF LoadEncoding Code Execution Vulnerability 2017-03-09 CVE-2016-8714 7.5
TALOS-2017-0296 Apple OS X and iOS x509 certificate parsing Name Constraints Remote Code Execution Vulnerability 2017-03-09 CVE-2017-2485 8.8
TALOS-2017-0281 Pharos PopUp Printer Client DecodeString Code Execution Vulnerability 2017-03-07 CVE-2017-2786 5.3
TALOS-2017-0283 Pharos PopUp Printer Client DecodeBinary Code Execution Vulnerability 2017-03-07 CVE-2017-2788 10.0
TALOS-2017-0280 Pharos PopUp Printer Client DecodeString Code Execution Vulnerability 2017-03-07 CVE-2017-2785 10.0
TALOS-2017-0282 Pharos PopUp Printer Client memcpy Code Execution Vulnerability 2017-03-07 CVE-2017-2787 9.0
TALOS-2017-0271 Iceni Argus ipStringCreate Code Execution Vulnerability 2017-02-27 CVE-2017-2777 8.8
TALOS-2016-0228 Iceni Argus icnChainAlloc Signed Comparison Code Execution Vulnerability 2017-02-27 CVE-2016-8715 8.8
TALOS-2016-0211 Iceni Argus TrueType Font File Cmap Table Code Execution Vulnerability 2017-02-27 CVE-2016-8386 8.8
TALOS-2016-0214 Iceni Argus PDF TextToPolys Rasterization Code Execution Vulnerability 2017-02-27 CVE-2016-8389 8.8
TALOS-2016-0213 Iceni Argus PDF Font-Encoding GlyphMap Adjustment Code Execution Vulnerability 2017-02-27 CVE-2016-8388 8.8
TALOS-2016-0212 Iceni Argus PDF Inflate+LZW Decompression Heap-Based Buffer Overflow Vulnerability 2017-02-27 CVE-2016-8387 8.8
TALOS-2016-0197 Ichitaro Office Excel File Code Execution Vulnerability 2017-02-27 CVE-2017-2790 8.8
TALOS-2016-0210 Iceni Argus PDF Uninitialized WordStyle Color Length Code Execution Vulnerability 2017-02-27 CVE-2016-8385 8.8
TALOS-2016-0199 Ichitaro Word Processor PersistDirectory Code Execution Vulnerability 2017-02-24 CVE-2017-2791 7.5
TALOS-2016-0196 Ichitaro Office JTD Figure handling Code Execution Vulnerability 2017-02-24 CVE-2017-2789 8.8
TALOS-2016-0263 Aerospike Database Server Fabric-Worker Socket-Loop Denial-of-Service Vulnerability 2017-02-21 CVE-2016-9049 7.5
TALOS-2016-0265 Aerospike Database Server Client Batch Request Code Execution Vulnerability 2017-02-21 CVE-2016-9051 9.8
TALOS-2016-0267 Aerospike Database Server RW Fabric Message Particle Type Code Execution Vulnerability 2017-02-21 CVE-2016-9053 9.8
TALOS-2017-0275 Apple GarageBand Out of Bounds Write Code Execution Vulnerability 2017-02-14 CVE-2017-2374 8.8
TALOS-2017-0262 Apple GarageBand Out of Bounds Write Code Execution Vulnerability 2017-02-14 CVE-2017-2372 8.8
TALOS-2016-0224 Nitro Pro 10 PDF Handling Code Execution Vulnerability 2017-02-03 CVE-2016-8711 9.3
TALOS-2016-0226 Nitro Pro 10 PDF Handling Code Execution Vulnerability 2017-02-03 CVE-2016-8713 8.8
TALOS-2016-0218 Nitro Pro PDF Handling Code Execution Vulnerability 2017-02-03 CVE-2016-8709 8.8
TALOS-2016-0229 McAfee ePolicy Orchestrator DataChannel Blind SQL Injection Vulnerability 2017-02-01 CVE-2016-8027 8.2
TALOS-2016-0223 Libbpg BGP image decoding Code Execution Vulnerability 2017-01-23 CVE-2016-8710 7.5
TALOS-2016-0259 Adobe Acrobat Reader DC jpeg decoder Remote Code Execution Vulnerability 2017-01-20 CVE-2017-2971 8.8
TALOS-2016-0198 Oracle Outside In Technology PDF parser confusion Code Execution Vulnerability 2017-01-17 CVE-2017-3271 7.5
TALOS-2016-0215 Oracle Outside In Technology RTF Parsing Code Execution Vulnerability 2017-01-17 CVE-2017-3293 8.1
TALOS-2016-0264 Aerospike Database Server Client Message Memory Disclosure Vulnerability 2017-01-09 CVE-2016-9050 8.2
TALOS-2016-0266 Aerospike Database Server Index Name Code Execution Vulnerability 2017-01-09 CVE-2016-9052 9.8
TALOS-2016-0268 Aerospike Database Server Set Name Code Execution Vulnerability 2017-01-09 CVE-2016-9054 9.8
TALOS-2016-0255 Tarantool Key-type Denial Of Service Vulnerability 2016-12-16 CVE-2016-9037 7.5
TALOS-2016-0257 Joyent SmartOS Hyprlofs FS IOCTL Add Entries Native File System Denial of Service Vulnerability 2016-12-16 CVE-2016-9039 6.2
TALOS-2016-0254 Tarantool Msgpuck mp_check Denial Of Service Vulnerability 2016-12-16 CVE-2016-9036 7.5
TALOS-2016-0217 Nvidia Windows Kernel Mode Driver Denial Of Service 2016-12-14 CVE-2016-8823 5.5
TALOS-2016-0250 Joyent SmartOS Hyprlofs FS IOCTL Native File System name Buffer Overflow Privilege Escalation Vulnerability 2016-12-12 CVE-2016-9032 7.0
TALOS-2016-0258 Joyent SmartOS Hyprlofs FS IOCTL Add Entries 32-bit File System Denial of Service Vulnerability 2016-12-12 CVE-2016-9040 6.2
TALOS-2016-0248 Joyent SmartOS Hyprlofs FS IOCTL Native File System Integer Overflow Privilege Escalation Vulnerability 2016-12-12 CVE-2016-8733 7.8
TALOS-2016-0249 Joyent SmartOS Hyprlofs FS IOCTL 32-bit File System Integer Overflow Privilege Escalation Vulnerability 2016-12-12 CVE-2016-9031 7.8
TALOS-2016-0253 Joyent SmartOS Hyprlofs FS IOCTL 32-bit File System path Buffer Overflow Privilege Escalation Vulnerability 2016-12-12 CVE-2016-9035 7.0
TALOS-2016-0252 Joyent SmartOS Hyprlofs FS IOCTL 32-bit File System name Buffer Overflow Privilege Escalation Vulnerability 2016-12-12 CVE-2016-9034 7.0
TALOS-2016-0251 Joyent SmartOS Hyprlofs FS IOCTL Native File System path Buffer Overflow Privilege Escalation Vulnerability 2016-12-12 CVE-2016-9033 7.0
TALOS-2016-0216 ImageMagick Convert Tiff Adobe Deflate Code Execution Vulnerability 2016-12-03 CVE-2016-8707 7.5
TALOS-2016-0131 Network Time Protocol Broadcast Mode Replay Prevention Denial of Service Vulnerability 2016-11-21 CVE-2016-7427 5.0, 5.3
TALOS-2016-0203 Network Time Protocol Control Mode Unauthenticated Trap Information Disclosure and DDoS Amplification Vulnerability 2016-11-21 CVE-2016-9310 6.5
TALOS-2016-0204 Network Time Protocol Trap Crash Denial of Service Vulnerability 2016-11-21 CVE-2016-9311 5.9
TALOS-2016-0130 Network Time Protocol Broadcast Mode Poll Interval Enforcement Denial of Service Vulnerability 2016-11-21 CVE-2016-7428 5.3
TALOS-2016-0176 HDF5 Group libhdf5 H5T_ARRAY Code Execution Vulnerability 2016-11-17 CVE-2016-4330 8.6
TALOS-2016-0179 HDF5 Group libhdf5 H5T_COMPOUND Code Execution Vulnerability 2016-11-17 CVE-2016-4333 8.6
TALOS-2016-0177 HDF5 Group libhdf5 H5Z_NBIT Code Execution Vulnerability 2016-11-17 CVE-2016-4331 8.6
TALOS-2016-0178 HDF5 Group libhdf5 Shareable Message Type Code Execution Vulnerability 2016-11-17 CVE-2016-4332 8.6
TALOS-2016-0127 GMER Path Length Code Execution Vulnerability 2016-11-03 CVE-2016-4289 3.0
TALOS-2016-0220 Memcached Server Update Remote Code Execution Vulnerability 2016-10-31 CVE-2016-8705 9.8
TALOS-2016-0219 Memcached Server Append/Prepend Remote Code Execution Vulnerability 2016-10-31 CVE-2016-8704 9.8
TALOS-2016-0221 Memcached Server SASL Autentication Remote Code Execution Vulnerability 2016-10-31 CVE-2016-8706 8.1
TALOS-2016-0200 Iceni Argus ipfSetColourStroke Code Execution Vulnerability 2016-10-26 CVE-2016-8333 8.8
TALOS-2016-0202 Iceni Argus ipNameAdd Code Execution Vulnerability 2016-10-26 CVE-2016-8335 8.8
TALOS-2016-0187 LibTIFF TIFF2PDF TIFFTAG_JPEGTABLES Remote Code Execution Vulnerability 2016-10-25 CVE-2016-5652 6.4
TALOS-2016-0190 LibTIFF Tag Extension Remote Code Execution Vulnerability 2016-10-25 CVE-2016-8331 8.1
TALOS-2016-0205 LibTIFF PixarLogDecode Remote Code Execution Vulnerability 2016-10-25 CVE-2016-5875 8.8
TALOS-2016-0201 Foxit PDF Reader JBIG2 Parser Information Disclosure Vulnerability 2016-10-18 CVE-2016-8334 6.8
TALOS-2016-0222 Hopper Disassembler ELF Section Header Size Code Execution Vulnerability 2016-10-18 CVE-2016-8390 7.5
TALOS-2016-0189 FreeImage Library XMP Image Handling Code Execution Vulnerability 2016-10-03 CVE-2016-5684 8.8
TALOS-2016-0206 Redis CONFIG SET client-output-buffer-limit command Code Execution Vulnerability 2016-09-30 CVE-2016-8339 6.6
TALOS-2016-0193 OpenJPEG JPEG2000 mcc record Code Execution Vulnerability 2016-09-29 CVE-2016-8332 7.5
TALOS-2016-0191 Microsoft Windows10 AHCACHE.SYS Remote Denial Of Service 2016-09-13 CVE-2016-3369 6.8
TALOS-2016-0175 Kaspersky Anti-Virus Unhandled Windows Messages Denial of Service Vulnerability 2016-09-05 CVE-2016-4329 5.5
TALOS-2016-0167 Kaspersky Internet Security KLIF Driver NtAdjustTokenPrivileges_HANDLER Denial of Service 2016-08-26 CVE-2016-4305 5.5
TALOS-2016-0169 Kaspersky Internet Security KL1 Driver Signal Handler Denial of Service 2016-08-26 CVE-2016-4307 5.5
TALOS-2016-0166 Kaspersky Internet Security KLIF Driver NtUserCreateWindowEx_HANDLER Denial of Service 2016-08-26 CVE-2016-4304 5.5
TALOS-2016-0168 Kaspersky Internet Security KLDISK Driver Multiple Kernel Memory Disclosure Vulnerabilities 2016-08-26 CVE-2016-4306 5.5
TALOS-2016-0184 AB Rockwell Automation MicroLogix 1400 Code Execution Vulnerability 2016-08-11 CVE-2016-5645 7.3
TALOS-2016-0170 Microsoft Windows PDF API Jpeg2000 csiz Remote Code Execution Vulnerability 2016-08-09 CVE-2016-3319 7.5
TALOS-2016-0185 Lexmark Perceptive Document Filters CBFF Code Execution Vulnerability 2016-08-06 CVE-2016-5646 7.8
TALOS-2016-0172 LexMark Perceptive Document Filters XLS Convert Code Execution Vulnerability 2016-08-06 CVE-2016-4335 10.0
TALOS-2016-0173 LexMark Perceptive Document Filters Bzip2 Convert Out of Bounds Write Vulnerability 2016-08-06 CVE-2016-4336 7.3
TALOS-2016-0148 Hancom Hangul HCell Workbook Table and Pivot Style Code Execution Vulnerability 2016-08-04 CVE-2016-4293 8.6
TALOS-2016-0145 Hancom Hangul Office HShow!NXDeleteLineObj+0x6960c Code Execution Vulnerability 2016-08-04 CVE-2016-4290 8.6
TALOS-2016-0146 Hancom Hangul Office HShow!NXDeleteLineObj+0x53692 Code Execution Vulnerability 2016-08-04 CVE-2016-4291 8.6
TALOS-2016-0151 Hancom Hangul HCell CSSValFormat::CheckUnderbar Code Execution Vulnerability 2016-08-04 CVE-2016-4296 8.6
TALOS-2016-0147 Hancom Hangul Office HShow!NXDeleteLineObj+0x47269 Code Execution Vulnerability 2016-08-04 CVE-2016-4292 8.6
TALOS-2016-0144 Hancom Hangul Office HShow!NXDeleteLineObj+0x560cb Code Execution Vulnerability 2016-08-04 CVE-2016-4298 8.6
TALOS-2016-0124 BlueStacks App Player Privilege Escalation Vulnerability 2016-08-04 CVE-2016-4288 --
TALOS-2016-0150 Hancom Hangul HCell HncChart CFormulaTokenSizeModifier Code Execution Vulnerability 2016-08-04 CVE-2016-4295 8.6
TALOS-2016-0149 Hancom Hangul HCell OfficeArt Record pConnectionSites and pVertices Code Execution Vulnerability 2016-08-04 CVE-2016-4294 8.6
TALOS-2016-0051 OpenOffice Impress MetaActions Arbitrary Read Write Vulnerability 2016-07-21 CVE-2016-1513 9.3
TALOS-2016-0160 Oracle OIT ImageExport libvs_bmp BMP BI_RLE8 Width Code Execution Vulnerability 2016-07-19 -- --
TALOS-2016-0098 Oracle OIT IX SDK libvs_pdf Tj Operator Denial of Service Vulnerability 2016-07-19 CVE-2016-3576 6.5
TALOS-2016-0097 Oracle OIT IX SDK libvs_pdf Size Integer Overflow Vulnerability 2016-07-19 CVE-2016-3575 7.5
TALOS-2016-0102 Oracle OIT IX SDK libvs_pdf Xref Offset Denial of Service Vulnerability 2016-07-19 CVE-2016-3580 6.5
TALOS-2016-0161 Oracle OIT libim_psi2 psiparse Code Execution Vulnerability 2016-07-19 CVE-2016-3594 7.5
TALOS-2016-0163 Oracle OIT ImageExport libvs_bmp BMP BI_RLE8 Width Code Execution Vulnerability 2016-07-19 CVE-2016-3596 7.5
TALOS-2016-0105 Oracle OIT IX SDK GIF ImageWidth Code Execution Vulnerabiity 2016-07-19 CVE-2016-3583 --
TALOS-2016-0096 Oracle OIT IX SDK libvs_pdf Kids List Information Leak 2016-07-19 CVE-2016-3574 7.1
TALOS-2016-0158 Oracle OIT ContentAccess libvs_word+63AC Code Execution Vulnerability 2016-07-19 CVE-2016-3592 7.5
TALOS-2016-0162 Oracle OIT libim_gem2 Gem_Text Code Execution Vulnerability 2016-07-19 CVE-2016-3595 7.5
TALOS-2016-0157 Oracle OIT ContentAccess libvs_mwkd VwStreamReadRecord Memory Corruption Vulnerability 2016-07-19 CVE-2016-3591 7.5
TALOS-2016-0104 Oracle OIT IX SDK TIFF file parsing heap buffer overflow 2016-07-19 CVE-2016-3582 7.5
TALOS-2016-0099 Oracle OIT IX SDK libvs_pdf Root xref Denial of Service Vulnerabiity 2016-07-19 CVE-2016-3577 6.5
TALOS-2016-0101 Oracle OIT IX SDK libvs_pdf arbitrary pointer access 2016-07-19 CVE-2016-3579 --
TALOS-2016-0100 Oracle OIT IX SDK libvs_pdf FlateDecode Colors Denial of Service Vulnerabiity 2016-07-19 CVE-2016-3578 6.5
TALOS-2016-0159 Oracle OIT ContentAccess libvs_mwkd VwStreamSection Code Execution Vulnerability 2016-07-19 CVE-2016-3593 7.5
TALOS-2016-0103 Oracle OIT IX SDK TIFF ExtraSamples Code Execution Vulnerabiity 2016-07-19 CVE-2016-3581 7.5
TALOS-2016-0156 Oracle OIT ContentAccess libvs_word Denial of Service Vulnerability 2016-07-19 CVE-2016-3590 6.5
TALOS-2016-0186 Apple Core Graphics BMP Framework img_decode_read Remote Code Execution Vulnerability 2016-07-18 CVE-2016-4637 6.3
TALOS-2016-0183 Apple OS X Scene Kit DAE XML Code Execution Vulnerability 2016-07-18 CVE-2016-1850 7.4
TALOS-2016-0171 Apple Image I/O API Tiled TIFF Remote Code Execution Vulnerability 2016-07-18 CVE-2016-4631 8.1
TALOS-2016-0180 Apple Image I/O EXR Color Component Remote Code Execution Vulnerability 2016-07-18 CVE-2016-4629 6.4
TALOS-2016-0181 Apple Image I/O EXR Compression Remote Code Execution Vulnerability 2016-07-18 CVE-2016-4630 7.1
TALOS-2016-0087 Intel HD Graphics Windows Kernel Driver (igdkmd64) Code Execution Vulnerability 2016-07-11 CVE-2016-5647 8.4
TALOS-2016-0182 Symantec Norton Security IDSvix86 PE Remote System Denial of Service Vulnerability 2016-07-07 CVE-2016-5308 7.5
TALOS-2016-0126 The Document Foundation LibreOffice RTF Stylesheet Code Execution Vulnerability 2016-06-27 CVE-2016-4324 6.3
TALOS-2016-0140 Pidgin MXIT File Transfer Length Memory Disclosure Vulnerability 2016-06-21 CVE-2016-2372 5.9
TALOS-2016-0143 Pidgin MXIT Suggested Contacts Memory Disclosure Vulnerability 2016-06-21 CVE-2016-2375 5.3
TALOS-2016-0141 Pidgin MXIT Contact Mood Denial of Service Vulnerability 2016-06-21 CVE-2016-2373 5.9
TALOS-2016-0123 Pidgin MXIT mxit_convert_markup_tx Information Leak Vulnerability 2016-06-21 CVE-2016-2380 3.1
TALOS-2016-0119 Pidgin MXIT HTTP Content-Length Buffer Overflow Vulnerability 2016-06-21 CVE-2016-2377 8.1
TALOS-2016-0120 Pidgin MXIT get_utf8_string Code Execution Vulnerability 2016-06-21 CVE-2016-2378 8.1
TALOS-2016-0142 Pidgin MXIT MultiMX Message Code Execution Vulnerability 2016-06-21 CVE-2016-2374 8.1
TALOS-2016-0118 Pidgin MXIT read stage 0x3 Code Execution Vulnerability 2016-06-21 CVE-2016-2376 8.1
TALOS-2016-0139 Pidgin MXIT Extended Profiles Code Execution Vulnerability 2016-06-21 CVE-2016-2371 8.1
TALOS-2016-0138 Pidgin MXIT Custom Resource Denial of Service Vulnerability 2016-06-21 CVE-2016-2370 5.9
TALOS-2016-0137 Pidgin MXIT CP_SOCK_REC_TERM Denial of Service Vulnerability 2016-06-21 CVE-2016-2369 5.9
TALOS-2016-0135 Pidgin MXIT Avatar Length Memory Disclosure Vulnerability 2016-06-21 CVE-2016-2367 5.9
TALOS-2016-0134 Pidgin MXIT Table Command Denial of Service Vulnerability 2016-06-21 CVE-2016-2366 5.9
TALOS-2016-0133 Pidgin MXIT Markup Command Denial of Service Vulnerability 2016-06-21 CVE-2016-2365 5.9
TALOS-2016-0136 Pidgin MXIT g_snprintf Multiple Buffer Overflow Vulnerabilities 2016-06-21 CVE-2016-2368 7.5
TALOS-2016-0128 Pidgin MXIT Splash Image Arbitrary File Overwrite Vulnerability 2016-06-21 CVE-2016-4323 4.8
TALOS-2016-0154 Libarchive Rar RestartModel Code Execution Vulnerability 2016-06-19 CVE-2016-4302 7.8
TALOS-2016-0153 Libarchive mtree parse_device Code Execution Vulnerability 2016-06-19 CVE-2016-4301 7.8
TALOS-2016-0152 Libarchive 7zip read_SubStreamsInfo Code Execution Vulnerability 2016-06-19 CVE-2016-4300 7.8
TALOS-2016-0031 Ruby TclTkIp ip_cancel_eval Type Confusion Vulnerabilities 2016-06-14 CVE-2016-2337 --
TALOS-2016-0032 Ruby Psych::Emitter start_document Heap Overflow Vulnerability 2016-06-14 CVE-2016-2338 --
TALOS-2016-0165 Adobe Flash Player Infinite Recursion Arbitrary Read Access Violation 2016-06-14 CVE-2016-4132 5.3
TALOS-2016-0033 Ruby pack_pack Use After Free Vulnerability 2016-06-14 CVE-2016-2338 --
TALOS-2016-0034 Ruby Fiddle::Function.new Heap Overflow Vulnerability 2016-06-14 CVE-2016-2339 --
TALOS-2016-0029 Ruby WIN32OLE ole_invoke and ole_query_interface Type Confusion Vulnerabilities 2016-06-14 CVE-2016-2336 --
TALOS-2016-0089 IBM Domino KeyView PDF Filter Encrypted Stream Code Execution Vulnerability 2016-06-08 CVE-2016-0277 8.8
TALOS-2016-0164 ESnet iPerf3 JSON parse_string UTF Code Execution Vulnerability 2016-06-08 CVE-2016-4303 9.8
TALOS-2016-0174 Google Chrome PDFium jpeg2000 SIZ Code Execution Vulnerability 2016-06-08 CVE-2016-1681 6.3
TALOS-2016-0091 IBM Domino KeyView PDF Filter BaseFont Code Execution Vulnerability 2016-06-08 CVE-2016-0279 8.8
TALOS-2016-0090 IBM Domino KeyView PDF Filter Stream Length Code Execution Vulnerability 2016-06-08 CVE-2016-0278 8.8
TALOS-2016-0092 IBM Domino KeyView PDF Filter Trailer ID Code Execution Vulnerability 2016-06-08 CVE-2016-0301 8.8
TALOS-2016-0093 7zip HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability 2016-05-10 CVE-2016-2334 8.8
TALOS-2016-0094 7zip UDF CInArchive::ReadFileItem Code Execution Vulnerability 2016-05-10 CVE-2016-2335 8.8
TALOS-2016-0155 Libarchive zip zip_read_mac_metadata Code Execution Vulnerability 2016-05-01 CVE-2016-1541 7.8
TALOS-2016-0132 Network Time Protocol ntpd Reference Clock Impersonation Vulnerability 2016-04-26 CVE-2016-1551 3.7
TALOS-2016-0083 Network Time Protocol Ephemeral Association Time Spoofing Vulnerability 2016-04-26 CVE-2016-1549 5.3
TALOS-2016-0081 Network Time Protocol Crypto-NAK Preemptible Association Denial of Service Vulnerability 2016-04-26 CVE-2016-1547 3.7
TALOS-2016-0082 Network Time Protocol Forced Interleaved Time Spoofing Vulnerability 2016-04-26 CVE-2016-1548 7.2
TALOS-2016-0084 Network Time Protocol libntp Message Digest Disclosure Vulnerability 2016-04-26 CVE-2016-1550 4.8
TALOS-2016-0086 Oracle IOT IX SDK libvs_pdf XRef Index Code Execution Vulnerability 2016-04-19 CVE-2016-3455 7.5
TALOS-2016-0095 Lhasa lha decode_level3_header Heap Corruption Vulnerability 2016-03-31 CVE-2016-2347 --
TALOS-2016-0088 Apple OS X Gen6Accelerator IOGen575Shared::new_texture Local Privilege Escalation Vulnerability 2016-03-22 CVE-2016-1743 8.8
TALOS-2016-0026 Trane Comfortlink II DSS Service Request Handling Remote Code Execution Vulnerability 2016-02-08 CVE-2015-2868 --
TALOS-2016-0027 Trane Comfortlink II DSS Service REG Handling Remote Code Execution Vulnerability 2016-02-08 CVE-2015-2868 --
TALOS-2016-0028 Trane ComfortLink II SCC Service Hardcoded Credentials Vulnerability 2016-02-08 CVE-2015-2867 --
TALOS-2016-0061 Libgraphite LocaLookup Denial of Service Vulnerability 2016-02-05 CVE-2016-1521 --
TALOS-2016-0058 Libgraphite directrun Opcode Handling Code Execution Vulnerability 2016-02-05 CVE-2016-1521 --
TALOS-2016-0060 Libgraphite Bidirectional Font mFeatureMap Denial of Service Vulnerability 2016-02-05 CVE-2016-1522 --
TALOS-2016-0057 Libgraphite Bidirectional Font BracketPairStack Code Execution Vulnerability 2016-02-05 CVE-2016-1522 --
TALOS-2016-0059 Libgraphite Context Item Code Execution Vulnerability 2016-02-05 CVE-2016-1523 --
TALOS-2016-0037 Matroska Media Container libmatroska Multiple ElementList Double Free Vulnerabilities 2016-01-28 CVE-2016-1515 --
TALOS-2016-0036 Matroska libebml EbmlUnicodeString Heap Information Leak 2016-01-28 CVE-2015-8790 --
TALOS-2016-0071 Network Time Protocol Skeleton Key: Symmetric Authentication Impersonation Vulnerability 2016-01-19 CVE-2015-7974, CVE-2016-1567 --
TALOS-2016-0080 Network Time Protocol ntpq and ntpdc Infinite Loop Vulnerability 2016-01-19 CVE-2015-8158 --
TALOS-2016-0079 Network Time Protocol ntpq Control Protocol Replay Vulnerability 2016-01-19 CVE-2015-8140 --
TALOS-2016-0072 Network Time Protocol ntpq Buffer Overflow Vulnerability 2016-01-19 CVE-2015-7975 --
TALOS-2016-0078 Network Time Protocol ntpq and ntpdc Origin Timestamp Disclosure Vulnerability 2016-01-19 CVE-2015-8139 --
TALOS-2016-0074 Network Time Protocol Private Mode 'reslist' NULL Pointer Dereference Vulnerability 2016-01-19 CVE-2015-7977 --
TALOS-2016-0077 Network Time Protocol Origin Timestamp Check Impersonation Vulnerability 2016-01-19 CVE-2015-8138 --
TALOS-2016-0076 Network Time Protocol Authenticated Preemptable Modes Denial-of-Service Vulnerability 2016-01-19 CVE-2015-7979 --
TALOS-2016-0075 Network Time Protocol Private Mode 'reslist' Stack Memory Exhaustion Vulnerability 2016-01-19 CVE-2015-7978 --
TALOS-2016-0073 Network Time Protocol ntpq Special Character Filtering Vulnerability 2016-01-19 CVE-2015-7976 --
TALOS-2016-0070 Network Time Protocol Deja Vu: Broadcast Mode Replay Vulnerability 2016-01-19 CVE-2015-7973 --
TALOS-2016-0022 Apple Quicktime Invalid alis Atom Size Denial of Service Vulnerability 2016-01-08 CVE-2015-7117 --
TALOS-2016-0019 Apple Quicktime Invalid samr Atom Size Denial of Service Vulnerability 2016-01-08 CVE-2015-7087 --
TALOS-2016-0021 Apple Quicktime mdat Corruption Denial of Service Vulnerability 2016-01-08 CVE-2015-7089 --
TALOS-2016-0020 Apple Quicktime mdat Corruption Denial of Service Vulnerability 2016-01-08 CVE-2015-7088 --
TALOS-2016-0023 Apple Quicktime dref Atom Null Data Reference Entry Denial of Service Vulnerability 2016-01-08 CVE-2015-7090 --
TALOS-2016-0066 RTMPDump librtmp AMF3 MemberName Denial of Service Vulnerability 2016-01-07 CVE-2015-8270 --
TALOS-2016-0067 RTMPDump librtmp AMF3 Class Member Count Remote Code Execution Vulnerability 2016-01-07 CVE-2015-8271 --
TALOS-2016-0068 RTMPDump rtmpsrv PlayPath Null Pointer Dereference 2016-01-07 CVE-2015-8272 --
TALOS-2015-0129 Microsoft .NET Manifest Resource Information Disclosure Vulnerability 2015-12-08 CVE-2015-6114 --
TALOS-2015-0069 NAK to the Future: NTP Symmetric Association Authentication Bypass Vulnerability 2015-10-21 CVE-2015-7871 --
TALOS-2015-0055 Network Time Protocol Remote Configuration Denial of Service Vulnerability 2015-10-21 CVE-2015-7850 --
TALOS-2015-0065 Network Time Protocol Password Length Memory Corruption Vulnerability 2015-10-21 CVE-2015-7854 --
TALOS-2015-0063 Network Time Protocol ntpq atoascii Memory Corruption Vulnerability 2015-10-21 CVE-2015-7852 --
TALOS-2015-0052 Network Time Protocol ntpd multiple integer overflow read access violations 2015-10-21 CVE-2015-7848 --
TALOS-2015-0064 Network Time Protocol Reference Clock Memory Corruption Vulnerability 2015-10-21 CVE-2015-7853 --
TALOS-2015-0054 Network Time Protocol Trusted Keys Memory Corruption Vulnerability 2015-10-21 CVE-2015-7849 --
TALOS-2015-0062 Network Time Protocol ntpd saveconfig Directory Traversal Vulnerability 2015-10-21 CVE-2015-7851 --
TALOS-2015-0035 MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow 2015-09-15 CVE-2015-6031 --
TALOS-2015-0007 Microsoft Windows CDD Font Parsing Kernel Memory Corruption 2015-09-15 CVE-2015-2506 --
TALOS-2015-0012 Apple Quicktime Invalid URL Atom Size Denial of Service Vulnerability 2015-08-13 CVE-2015-3788 --
TALOS-2015-0017 Apple Quicktime mdat Corruption Denial of Service Vulnerability 2015-08-13 CVE-2015-3792 --
TALOS-2015-0015 Apple Quicktime esds Atom Descriptor Type Length Mismatch Denial of Service Vulnerability 2015-08-13 CVE-2015-3791 --
TALOS-2015-0013 Apple Quicktime Invalid 3GPP stsd Sample Description Entry Size Denial of Service Vulnerability 2015-08-13 CVE-2015-3789 --
TALOS-2015-0014 Apple Quicktime Invalid mvhd Atom Size Denial of Service Vulnerability 2015-08-13 CVE-2015-3790 --
TALOS-2015-0016 Apple Quicktime tkhd Atom Matrix Corruption Denial of Service Vulnerability 2015-07-20 CVE-2015-5786 --
TALOS-2015-0024 Total Commander FileInfo Plugin Multiple Denial of Service Vulnerabilities 2015-07-16 CVE-2015-2869 --
TALOS-2015-0018 Apple Quicktime Corrupt stbl Atom Remote Code Execution Vulnerability 2015-06-30 CVE-2015-3667 --
VRT-2014-0202 Pidgin libpurple STUN Response Length NULL Write Vulnerability 2015-05-11 -- --
VRT-2014-0201 Pidgin libpurple MSN Message Parsing NULL Dereference Denial of Service Vulnerability 2015-05-11 -- --
VRT-2014-0205 Pidgin Theme/Smiley Untar Arbitrary File Write Vulnerability 2014-11-06 CVE-2014-3697 --
VRT-2014-0203 Pidgin libpurple Mxit Emoticon ASN Length Denial of Service Vulnerability 2014-11-06 CVE-2014-3695 --
VRT-2014-0204 Pidgin libpurple Novell Protocol Multiple Denial of Service Vulnerabilities 2014-11-06 CVE-2014-3696 --
VRT-2014-0301 Microsoft Windows FastFAT NumberOfFATs Buffer Overflow Vulnerability 2014-03-07 CVE-2014-4115 --
VRT-2013-1004 Pidgin libpurple SIP/SIMPLE Content-Length Integer Overflow Vulnerability 2014-01-26 CVE-2013-6490 --
VRT-2013-1001 Pidgin libpurple Gadu Gadu HTTP Content-Length Integer Overflow Vulnerability 2014-01-26 CVE-2013-6487 --
VRT-2013-1003 Pidgin for Windows URL Handling Remote Code Execution Vulnerability 2014-01-26 CVE-2013-6486 --
VRT-2013-1002 Pidgin libpurple Mxit Emoticon Name Length Integer Overflow Vulnerability 2014-01-26 CVE-2013-6489 --
Report ID Software Vendor Report Date
TALOS-2024-2126 Parallels 2024-12-18
TALOS-2024-2130 Dell 2024-12-18
TALOS-2024-2127 Dell 2024-12-18
TALOS-2024-2124 Parallels 2024-12-18
TALOS-2024-2129 Dell 2024-12-18
TALOS-2024-2123 Parallels 2024-12-18
TALOS-2024-2122 OFFIS 2024-12-16
TALOS-2024-2121 OFFIS 2024-12-16
TALOS-2024-2125 OFFIS 2024-12-16
TALOS-2024-2120 Apple 2024-11-30
TALOS-2024-2114 Apple 2024-11-25
TALOS-2024-2112 ClearML 2024-11-25
TALOS-2024-2111 ClearML 2024-11-25
TALOS-2024-2110 ClearML 2024-11-25
TALOS-2024-2113 NVIDIA 2024-11-21
TALOS-2024-2089 Progress Software Corporation 2024-11-13
TALOS-2024-2103 STMicroelectronics 2024-11-04
TALOS-2024-2097 STMicroelectronics 2024-11-04
TALOS-2024-2096 STMicroelectronics 2024-11-04
TALOS-2024-2102 STMicroelectronics 2024-11-04
TALOS-2024-2108 NVIDIA 2024-11-01
TALOS-2024-2088 Eclipse Foundation 2024-10-31
TALOS-2024-2105 Eclipse Foundation 2024-10-31
TALOS-2024-2104 Eclipse Foundation 2024-10-31
TALOS-2024-2098 Eclipse Foundation 2024-10-31
TALOS-2024-2107 Apple 2024-10-26
TALOS-2024-2106 Apple 2024-10-26
TALOS-2024-2100 Apple 2024-10-25
TALOS-2024-2099 Apple 2024-10-25
TALOS-2024-2101 Apple 2024-10-25
TALOS-2024-2095 NVIDIA 2024-10-24
TALOS-2024-2092 Observium 2024-10-23
TALOS-2024-2090 Observium 2024-10-23
TALOS-2024-2091 Observium 2024-10-23
TALOS-2024-2080 NVIDIA 2024-10-08
TALOS-2024-2087 Apple 2024-10-03
TALOS-2024-2086 Apple 2024-10-03
TALOS-2024-2085 Apple 2024-10-01
TALOS-2024-2081 Apple 2024-10-01
TALOS-2024-2082 Apple 2024-10-01
TALOS-2024-2083 Apple 2024-10-01
TALOS-2024-2084 Apple 2024-10-01
TALOS-2024-2079 Apple 2024-09-16
TALOS-2024-2071 OpenPrinting 2024-09-12
TALOS-2024-2075 Apple 2024-09-05
TALOS-2024-2074 Apple 2024-09-05
TALOS-2024-2072 Apple 2024-09-05
TALOS-2024-2073 Apple 2024-09-05
TALOS-2024-2063 Miniaudio 2024-09-04
TALOS-2024-2066 Apple 2024-08-23
TALOS-2024-2067 Apple 2024-08-23
TALOS-2024-2065 Apple 2024-08-23
TALOS-2024-2043 Wavlink 2024-07-30
TALOS-2024-2042 Wavlink 2024-07-30
TALOS-2024-2032 Wavlink 2024-07-30
TALOS-2024-2031 Wavlink 2024-07-30
TALOS-2024-2029 Wavlink 2024-07-30
TALOS-2024-2027 Wavlink 2024-07-30
TALOS-2024-2021 Wavlink 2024-07-30
TALOS-2024-2019 Wavlink 2024-07-30
TALOS-2024-2017 Wavlink 2024-07-30
TALOS-2024-2036 Wavlink 2024-07-30
TALOS-2024-2035 Wavlink 2024-07-30
TALOS-2024-2030 Wavlink 2024-07-30
TALOS-2024-2028 Wavlink 2024-07-30
TALOS-2024-2026 Wavlink 2024-07-30
TALOS-2024-2025 Wavlink 2024-07-30
TALOS-2024-2024 Wavlink 2024-07-30
TALOS-2024-2023 Wavlink 2024-07-30
TALOS-2024-1999 Wavlink 2024-07-30
TALOS-2024-2020 Wavlink 2024-07-30
TALOS-2024-2018 Wavlink 2024-07-30
TALOS-2024-2034 Wavlink 2024-07-30
TALOS-2024-2037 Wavlink 2024-07-30
TALOS-2024-2041 Wavlink 2024-07-30
TALOS-2024-2022 Wavlink 2024-07-30
TALOS-2024-2000 Wavlink 2024-07-30
TALOS-2024-2033 Wavlink 2024-07-30
TALOS-2024-2040 Wavlink 2024-07-30
TALOS-2024-2039 Wavlink 2024-07-30
TALOS-2024-2038 Wavlink 2024-07-30
TALOS-2024-2058 Wavlink 2024-07-30
TALOS-2024-2057 Wavlink 2024-07-30
TALOS-2024-2056 Wavlink 2024-07-30
TALOS-2024-2055 Wavlink 2024-07-30
TALOS-2024-2054 Wavlink 2024-07-30
TALOS-2024-2053 Wavlink 2024-07-30
TALOS-2024-2052 Wavlink 2024-07-30
TALOS-2024-2051 Wavlink 2024-07-30
TALOS-2024-2050 Wavlink 2024-07-30
TALOS-2024-2049 Wavlink 2024-07-30
TALOS-2024-2048 Wavlink 2024-07-30
TALOS-2024-2047 Wavlink 2024-07-30
TALOS-2024-2046 Wavlink 2024-07-30
TALOS-2024-2045 Wavlink 2024-07-30
TALOS-2024-2044 Wavlink 2024-07-30
TALOS-2024-2006 Apple 2024-06-07
TALOS-2024-2007 Apple 2024-06-07