TALOS-2024-1984
|
LevelOne WBR-6012 Web Application weak authentication vulnerability
|
2024-10-30
|
CVE-2024-33699
|
9.9
|
TALOS-2024-1986
|
LevelOne WBR-6012 Web Application information disclosure vulnerability
|
2024-10-30
|
CVE-2024-33626
|
5.3
|
TALOS-2024-1996
|
LevelOne WBR-6012 Web Application authentication bypass vulnerability
|
2024-10-30
|
CVE-2024-23309
|
9.0
|
TALOS-2024-1979
|
LevelOne WBR-6012 hard-coded password vulnerability
|
2024-10-30
|
CVE-2024-28875,CVE-2024-31151
|
8.1
|
TALOS-2024-2001
|
LevelOne WBR-6012 Web Application denial of service vulnerability
|
2024-10-30
|
CVE-2024-33623
|
3.7
|
TALOS-2024-1997
|
LevelOne WBR-6012 Web Application buffer overflow vulnerability
|
2024-10-30
|
CVE-2024-28052
|
5.3
|
TALOS-2024-1985
|
LevelOne WBR-6012 Web Application information disclosure vulnerability
|
2024-10-30
|
CVE-2024-33603
|
5.3
|
TALOS-2024-1982
|
LevelOne WBR-6012 Web Application improper resource allocation vulnerability
|
2024-10-30
|
CVE-2024-31152
|
5.3
|
TALOS-2024-1998
|
LevelOne WBR-6012 FTP improper input validation vulnerability
|
2024-10-30
|
CVE-2024-33700
|
7.5
|
TALOS-2024-1981
|
LevelOne WBR-6012 Web Application cross-site request forgery (CSRF) vulnerability
|
2024-10-30
|
CVE-2024-24777
|
8.8
|
TALOS-2024-1983
|
LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability
|
2024-10-30
|
CVE-2024-32946
|
5.9
|
TALOS-2024-2013
|
NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration
|
2024-10-23
|
CVE-2024-0118
|
7.8
|
TALOS-2024-2014
|
NVIDIA D3D10 Driver Shader Functionality STORE_STRUCTURED instruction out-of-bounds read vulnerability
|
2024-10-23
|
CVE-2024-0120
|
7.8
|
TALOS-2024-2015
|
NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability
|
2024-10-23
|
CVE-2024-0119
|
7.8
|
TALOS-2024-1955
|
NVIDIA D3D10 Driver Shader Functionality SAMPLE out-of-bounds read vulnerability
|
2024-10-23
|
CVE-2024-0121
|
7.8
|
TALOS-2024-2012
|
NVIDIA D3D10 Driver Shader Functionality LD instruction out-of-bounds read vulnerability
|
2024-10-23
|
CVE-2024-0117
|
7.8
|
TALOS-2024-2068
|
GNOME Project G Structured File Library (libgsf) Compound Document Binary File Directory integer overflow vulnerability
|
2024-10-03
|
CVE-2024-36474
|
8.4
|
TALOS-2024-2061
|
Veertu Anka Build registry log files directory traversal vulnerability
|
2024-10-03
|
CVE-2024-41922
|
7.5
|
TALOS-2024-2069
|
GNOME Project G Structured File Library (libgsf) Compound Document Binary File Sector Allocation Table integer overflow vulnerability
|
2024-10-03
|
CVE-2024-42415
|
8.4
|
TALOS-2024-2059
|
Veertu Anka Build registry archive files directory traversal vulnerability
|
2024-10-03
|
CVE-2024-41163
|
7.5
|
TALOS-2024-2060
|
Veertu Anka Build node agent update privilege escalation vulnerability
|
2024-10-03
|
CVE-2024-39755
|
7.8
|
TALOS-2024-1967
|
Foxit Reader checkbox Calculate use-after-free vulnerability
|
2024-10-02
|
CVE-2024-28888
|
8.8
|
TALOS-2024-2062
|
Microsoft Pragmatic General Multicast Server PgmCloseConnection stale memory dereference
|
2024-09-25
|
CVE-2024-38140
|
9.8
|
TALOS-2024-2004
|
OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP PCCC out-of-bounds read vulnerability
|
2024-09-18
|
CVE-2024-36981,CVE-2024-36980
|
7.5
|
TALOS-2024-2005
|
OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability
|
2024-09-18
|
CVE-2024-34026
|
9.0
|
TALOS-2024-2016
|
OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser invalid pointer dereference vulnerabilities
|
2024-09-18
|
CVE-2024-39590,CVE-2024-39589
|
7.5
|
TALOS-2024-2008
|
Microsoft High Definition Audio Bus Driver HDAudBus_DMA multiple irp complete requests vulnerability
|
2024-09-12
|
CVE-2024-45383
|
5.0
|
TALOS-2024-1980
|
Microsoft Windows 10 AllJoyn Router Service information disclosure vulnerability
|
2024-09-11
|
CVE-2024-38257
|
5.3
|
TALOS-2024-2011
|
Adobe Acrobat Reader Annotation Object Page Race Condition Vulnerability
|
2024-09-10
|
CVE-2024-39420
|
8.8
|
TALOS-2024-1974
|
Microsoft PowerPoint for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-39804
|
7.1
|
TALOS-2024-1976
|
Microsoft Excel for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-43106
|
7.1
|
TALOS-2024-1990
|
Microsoft Teams (work or school) for macOS WebView.app helper app library injection vulnerability
|
2024-08-19
|
CVE-2024-41145
|
7.1
|
TALOS-2024-1975
|
Microsoft OneNote for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-41159
|
7.1
|
TALOS-2024-1977
|
Microsoft Word for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-41165
|
7.1
|
TALOS-2024-1991
|
Microsoft Teams (work or school) for macos com.microsoft.teams2.modulehost.app helper app library injection vulnerability
|
2024-08-19
|
CVE-2024-41138
|
7.1
|
TALOS-2024-1972
|
Microsoft Outlook for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-42220
|
7.1
|
TALOS-2024-1973
|
Microsoft Teams (work or school) for macOS library injection vulnerability
|
2024-08-19
|
CVE-2024-42004
|
7.1
|
TALOS-2024-2009
|
Adobe Acrobat Reader AV3DVirtAnnot Object Format Event Use-After-Free Vulnerability
|
2024-08-13
|
CVE-2024-41830
|
8.8
|
TALOS-2024-1969
|
Microsoft Windows CLIPSP.SYS License Update Field Type 0x20 out-of-bounds read vulnerability
|
2024-08-13
|
CVE-2024-38187
|
6.8
|
TALOS-2024-1968
|
Microsoft Windows CLIPSP.SYS License Update Field Type 0xC9 out-of-bounds read vulnerability
|
2024-08-13
|
None,CVE-2024-38062
|
6.8
|
TALOS-2024-2002
|
Adobe Acrobat Reader Font gvar TupleVariation Data Out-Of-Bounds Read Vulnerability
|
2024-08-13
|
CVE-2024-41832
|
6.5
|
TALOS-2024-1970
|
Microsoft Windows CLIPSP.SYS License Update Field Type 0xD3 out-of-bounds read vulnerability
|
2024-08-13
|
None
|
6.8
|
TALOS-2024-2003
|
Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability
|
2024-08-13
|
CVE-2024-41835
|
6.5
|
TALOS-2024-1965
|
Microsoft CLIPSP.SYS License update out-of-bounds read vulnerability
|
2024-08-13
|
CVE-2024-38185
|
8.4
|
TALOS-2024-1988
|
Microsoft CLIPSP.SYS License Update out-of-bounds read vulnerability
|
2024-08-13
|
None
|
7.4
|
TALOS-2024-1964
|
Microsoft CLIPSP.SYS License update signature check bypass vulnerability
|
2024-08-13
|
CVE-2024-38184
|
6.2
|
TALOS-2024-1971
|
Microsoft Windows CLIPSP.SYS License Update Field Type 0xCC out-of-bounds read vulnerability
|
2024-08-13
|
None
|
6.8
|
TALOS-2024-1966
|
Microsoft CLIPSP.SYS License update privilege escalation vulnerability
|
2024-08-13
|
CVE-2024-38186
|
7.4
|
TALOS-2024-1956
|
NVIDIA GPU Compiler Driver Shader Functionality out-of-bounds read vulnerability
|
2024-07-23
|
CVE-2024-0107
|
7.8
|
TALOS-2024-1993
|
Ankitects Anki MPV script injection vulnerability
|
2024-07-22
|
CVE-2024-26020
|
9.6
|
TALOS-2024-1994
|
Ankitects Anki LaTeX Blocklist Bypass vulnerability
|
2024-07-22
|
CVE-2024-32152
|
3.1
|
TALOS-2024-1995
|
Ankitects Anki Flask Invalid Path Reflected Cross-Site Scripting (XSS) vulnerability
|
2024-07-22
|
CVE-2024-32484
|
7.4
|
TALOS-2024-1992
|
Ankitects Anki Latex Incomplete Blocklist Vulnerability
|
2024-07-22
|
CVE-2024-29073
|
5.3
|
TALOS-2023-1877
|
Realtek rtl819x Jungle SDK boa updateConfigIntoFlash integer overflow vulnerability
|
2024-07-08
|
CVE-2023-45742
|
7.2
|
TALOS-2023-1899
|
Realtek rtl819x Jungle SDK boa formWsc OS command injection vulnerabilities
|
2024-07-08
|
CVE-2023-50381,CVE-2023-50383,CVE-2023-50382
|
7.2
|
TALOS-2023-1872
|
Realtek rtl819x Jungle SDK boa CSRF protection cross-site request forgery (CSRF) vulnerability
|
2024-07-08
|
CVE-2023-47677
|
8.8
|
TALOS-2023-1874
|
Realtek rtl819x Jungle SDK boa formUpload firmware update vulnerability
|
2024-07-08
|
CVE-2023-34435
|
7.2
|
TALOS-2023-1871
|
LevelOne WBR-6013 telnetd hard-coded password vulnerability
|
2024-07-08
|
CVE-2023-46685
|
9.8
|
TALOS-2023-1873
|
LevelOne WBR-6013 boa formSysCmd leftover debug code vulnerability
|
2024-07-08
|
CVE-2023-49593
|
7.2
|
TALOS-2023-1893
|
Realtek rtl819x Jungle SDK boa set_RadvdInterfaceParam stack-based buffer overflow vulnerabilities
|
2024-07-08
|
CVE-2023-50239,CVE-2023-50240
|
7.2
|
TALOS-2023-1875
|
Realtek rtl819x Jungle SDK boa formFilter stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-49073
|
7.2
|
TALOS-2023-1891
|
Realtek rtl819x Jungle SDK boa setRepeaterSsid stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-45215
|
7.2
|
TALOS-2023-1892
|
Realtek rtl819x Jungle SDK boa set_RadvdPrefixParam stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-47856
|
7.2
|
TALOS-2023-1894
|
Realtek rtl819x Jungle SDK boa formRoute stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-41251
|
7.2
|
TALOS-2023-1895
|
Realtek rtl819x Jungle SDK boa formIpQoS stack-based buffer overflow vulnerabilities
|
2024-07-08
|
CVE-2023-50243,CVE-2023-50244
|
7.2
|
TALOS-2023-1903
|
Realtek rtl819x Jungle SDK boa getInfo stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-50330
|
7.2
|
TALOS-2023-1876
|
Realtek rtl819x Jungle SDK boa formDnsv6 stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-48270
|
7.2
|
TALOS-2023-1878
|
Realtek rtl819x Jungle SDK boa rollback_control_code stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-49595
|
7.2
|
TALOS-2023-1904
|
Realtek rtl819x Jungle SDK boa formWsc stack-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2023-49867
|
7.2
|
TALOS-2024-1911
|
Realtek rtl819x Jungle SDK configuration file mib_init_value_array heap-based buffer overflow vulnerability
|
2024-07-08
|
CVE-2024-21778
|
7.2
|
TALOS-2024-1978
|
Grandstream GXP2135 CWMP SelfDefinedTimeZone OS command injection vulnerability
|
2024-07-03
|
CVE-2024-32937
|
8.1
|
TALOS-2024-1934
|
Progress Software Corporation WhatsUp Gold TestController Chart denial of service vulnerability
|
2024-06-26
|
CVE-2024-5011
|
7.5
|
TALOS-2024-1932
|
Progress Software Corporation WhatsUp Gold AppProfileImport path traversal vulnerability
|
2024-06-26
|
CVE-2024-5017
|
6.5
|
TALOS-2024-1933
|
Progress Software Corporation WhatsUp Gold TestController multiple information disclosure vulnerabilities
|
2024-06-26
|
CVE-2024-5010
|
7.5
|
TALOS-2024-1947
|
Tp-Link ER7206 Omada Gigabit VPN Router cli_server debug leftover debug code vulnerability
|
2024-06-25
|
CVE-2024-21827
|
7.2
|
TALOS-2024-1930
|
libigl readNODE out-of-bounds write vulnerability
|
2024-05-28
|
CVE-2024-22181
|
7.8
|
TALOS-2024-1989
|
Foxit Reader Updater improper certificate validation privilege escalation vulnerability
|
2024-05-28
|
CVE-2024-29072
|
8.2
|
TALOS-2023-1784
|
libigl readOFF stack-based buffer overflow vulnerabilities
|
2024-05-28
|
CVE-2023-35950,CVE-2023-35953,CVE-2023-35952,CVE-2023-35951,CVE-2023-35949
|
7.8
|
TALOS-2024-1929
|
libigl readOFF stack-based buffer overflow vulnerability
|
2024-05-28
|
CVE-2024-24686,CVE-2024-24685,CVE-2024-24684
|
7.8
|
TALOS-2024-1938
|
AutomationDirect P3-550E Programming Software Connection FileSystem API out-of-bounds write vulnerabilities
|
2024-05-28
|
CVE-2024-24956,CVE-2024-24957,CVE-2024-24959,CVE-2024-24958,CVE-2024-24955,CVE-2024-24954
|
8.2
|
TALOS-2024-1936
|
AutomationDirect P3-550E Programming Software Connection FiBurn heap-based buffer overflow vulnerability
|
2024-05-28
|
CVE-2024-24851
|
7.5
|
TALOS-2024-1939
|
AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability
|
2024-05-28
|
CVE-2024-24963,CVE-2024-24962
|
9.8
|
TALOS-2024-1940
|
AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability
|
2024-05-28
|
CVE-2024-22187
|
9.1
|
TALOS-2024-1942
|
AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability
|
2024-05-28
|
CVE-2024-21785
|
9.8
|
TALOS-2024-1943
|
AutomationDirect P3-550E Programming Software Connection scan_lib.bin library code injection vulnerability
|
2024-05-28
|
CVE-2024-23601
|
9.8
|
TALOS-2023-1879
|
libigl PlyFile ply_cast_ascii out-of-bounds write vulnerability
|
2024-05-28
|
CVE-2023-49600
|
8.1
|
TALOS-2024-1928
|
libigl readMSH out-of-bounds read vulnerability
|
2024-05-28
|
CVE-2024-24583,CVE-2024-24584
|
4.3
|
TALOS-2024-1941
|
AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Read-What-Where vulnerability
|
2024-05-28
|
CVE-2024-23315
|
7.5
|
TALOS-2024-1926
|
libigl readMSH improper array index validation vulnerability
|
2024-05-28
|
CVE-2024-23948,CVE-2024-23951,CVE-2024-23947,CVE-2024-23950,CVE-2024-23949
|
8.8
|
TALOS-2024-1937
|
AutomationDirect P3-550E Programming Software Connection CurrDir heap-based buffer overflow vulnerability
|
2024-05-28
|
CVE-2024-24947,CVE-2024-24946
|
8.2
|
TALOS-2024-1946
|
Adobe Acrobat Reader Font gvar GlyphVariationData out-of-bounds read vulnerability
|
2024-05-15
|
CVE-2024-30311
|
6.5
|
TALOS-2024-1952
|
Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
|
2024-05-15
|
CVE-2024-30312
|
6.5
|
TALOS-2023-1852
|
Milesight UR32L luci2-io file-import firmware update vulnerability
|
2024-05-01
|
CVE-2023-47166
|
8.8
|
TALOS-2023-1889
|
Tinyproxy HTTP Connection Headers use-after-free vulnerability
|
2024-05-01
|
CVE-2023-49606
|
9.8
|
TALOS-2023-1846
|
stb stb_vorbis.c comment heap-based buffer overflow vulnerability
|
2024-05-01
|
CVE-2023-47212
|
9.8
|
TALOS-2024-1959
|
Foxit Reader ComboBox widget Format event use-after-free vulnerability
|
2024-04-30
|
CVE-2024-25648
|
8.8
|
TALOS-2024-1963
|
Foxit Reader Lock object fields property type confusion vulnerability
|
2024-04-30
|
CVE-2024-25575
|
8.8
|
TALOS-2024-1958
|
Foxit Reader Barcode widget Calculate event use-after-free vulnerability
|
2024-04-30
|
CVE-2024-25938
|
8.8
|
TALOS-2024-1924
|
Grassroot DICOM LookupTable::SetLUT out-of-bounds write vulnerability
|
2024-04-25
|
CVE-2024-22391
|
7.7
|
TALOS-2024-1935
|
Grassroot DICOM JPEG2000Codec::DecodeByStreamsCommon out-of-bounds write vulnerability
|
2024-04-25
|
CVE-2024-22373
|
8.1
|
TALOS-2024-1944
|
Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability
|
2024-04-25
|
CVE-2024-25569
|
6.5
|
TALOS-2024-1957
|
OFFIS DCMTK DVPSSoftcopyVOI_PList::createFromImage incorrect type conversion vulnerability
|
2024-04-23
|
CVE-2024-28130
|
7.5
|
TALOS-2024-1945
|
Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability
|
2024-04-18
|
CVE-2023-51391
|
7.5
|
TALOS-2023-1868
|
Peplink Smart Reader /bin/login privilege escalation vulnerability
|
2024-04-17
|
CVE-2023-40146
|
6.8
|
TALOS-2023-1865
|
Peplink Smart Reader web interface /cgi-bin/download_config.cgi information disclosure vulnerability
|
2024-04-17
|
CVE-2023-45209
|
5.3
|
TALOS-2023-1867
|
Peplink Smart Reader web interface mac2name OS command injection vulnerability
|
2024-04-17
|
CVE-2023-39367
|
9.1
|
TALOS-2023-1863
|
Peplink Smart Reader web interface /cgi-bin/debug_dump.cgi information disclosure vulnerability
|
2024-04-17
|
CVE-2023-43491
|
5.3
|
TALOS-2023-1866
|
Peplink Smart Reader web interface /cgi-bin/upload_config.cgi data integrity vulnerability
|
2024-04-17
|
CVE-2023-45744
|
8.3
|
TALOS-2023-1848
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality arbitrary write vulnerability
|
2024-04-10
|
CVE-2024-21972
|
5.3
|
TALOS-2023-1847
|
AMD Radeon DirectX 11 Driver atidxx64.dll Shader Functionality arbitrary write vulnerability
|
2024-04-10
|
CVE-2024-21979
|
5.3
|
TALOS-2023-1862
|
tddpd enable_test_mode command execution vulnerability
|
2024-04-09
|
CVE-2023-49133,CVE-2023-49134
|
8.1
|
TALOS-2023-1861
|
Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) TDDP denial of service vulnerability
|
2024-04-09
|
CVE-2023-49074
|
7.4
|
TALOS-2023-1888
|
Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) web interface Radio Scheduling stack-based buffer overflow vulnerability
|
2024-04-09
|
CVE-2023-49907,CVE-2023-49910,CVE-2023-49911,CVE-2023-49908,CVE-2023-49912,CVE-2023-49909,CVE-2023-49906,CVE-2023-49913
|
7.2
|
TALOS-2023-1864
|
Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) web interface memory corruption vulnerability
|
2024-04-09
|
CVE-2023-48724
|
7.5
|
TALOS-2024-1948
|
Open Automation Software OAS Platform OAS Engine File Data Source Configuration denial of service vulnerability
|
2024-04-03
|
CVE-2024-24976
|
4.9
|
TALOS-2024-1951
|
Open Automation Software OAS Platform OAS Engine Save Security Configuration file write vulnerability
|
2024-04-03
|
CVE-2024-22178
|
4.9
|
TALOS-2024-1950
|
Open Automation Software OAS Platform OAS Engine Tags Configuration file write vulnerability
|
2024-04-03
|
CVE-2024-21870
|
4.9
|
TALOS-2024-1949
|
Open Automation Software OAS Platform OAS Engine User Configuration improper input validation vulnerability
|
2024-04-03
|
CVE-2024-27201
|
4.9
|
TALOS-2023-1887
|
Netgear RAX30 JSON Parsing getblockschedule() stack-based buffer overflow vulnerability
|
2024-03-07
|
CVE-2023-48725
|
7.2
|
TALOS-2023-1849
|
NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability
|
2024-02-29
|
CVE-2024-0071
|
7.8
|
TALOS-2023-1870
|
Google Chrome Video Encoder Metrics denial of service vulnerability
|
2024-02-28
|
None
|
4.6
|
TALOS-2024-1914
|
llama.cpp GGUF library info->ne heap-based buffer overflow vulnerability
|
2024-02-26
|
CVE-2024-21802
|
8.8
|
TALOS-2024-1912
|
llama.cpp GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing heap-based buffer overflow vulnerability
|
2024-02-26
|
CVE-2024-21825
|
8.8
|
TALOS-2024-1915
|
llama.cpp GGUF library header.n_tensors heap-based buffer overflow vulnerability
|
2024-02-26
|
CVE-2024-21836
|
8.8
|
TALOS-2024-1913
|
llama.cpp GGUF library gguf_fread_str heap-based buffer overflow vulnerability
|
2024-02-26
|
CVE-2024-23496
|
8.8
|
TALOS-2024-1916
|
llama.cpp GGUF library header.n_kv heap-based buffer overflow vulnerability
|
2024-02-26
|
CVE-2024-23605
|
8.8
|
TALOS-2023-1828
|
Weston Embedded uC-TCP-IP ICMP/ICMPv6 parsing denial of service vulnerabilities
|
2024-02-20
|
CVE-2023-39540,CVE-2023-39541
|
5.9
|
TALOS-2024-1917
|
The Biosig Project libbiosig BrainVision Header Parsing double-free vulnerability
|
2024-02-20
|
CVE-2024-22097
|
9.8
|
TALOS-2024-1918
|
The Biosig Project libbiosig BrainVisionMarker Parsing Out-of-bounds Write vulnerability
|
2024-02-20
|
CVE-2024-23305
|
9.8
|
TALOS-2024-1919
|
The Biosig Project libbiosig BrainVision ASCII Header Parsing double-free vulnerability
|
2024-02-20
|
CVE-2024-23809
|
9.8
|
TALOS-2024-1920
|
The Biosig Project libbiosig .egi parsing heap-based buffer overflow vulnerability
|
2024-02-20
|
CVE-2024-21795
|
9.8
|
TALOS-2024-1921
|
The Biosig Project libbiosig sopen_FAMOS_read integer overflow to out-of-bounds write vulnerability
|
2024-02-20
|
CVE-2024-21812
|
9.8
|
TALOS-2024-1922
|
The Biosig Project libbiosig sopen_FAMOS_read integer underflow to out-of-bounds write vulnerability
|
2024-02-20
|
CVE-2024-23313
|
9.8
|
TALOS-2023-1843
|
Weston Embedded uC-HTTP HTTP Server heap-based buffer overflow vulnerability
|
2024-02-20
|
CVE-2023-45318
|
10.0
|
TALOS-2024-1923
|
The Biosig Project libbiosig sopen_FAMOS_read use-after-free vulnerability
|
2024-02-20
|
CVE-2024-23310
|
9.8
|
TALOS-2024-1925
|
The Biosig Project libbiosig sopen_FAMOS_read NULL calloc out-of-bounds write vulnerability
|
2024-02-20
|
CVE-2024-23606
|
9.8
|
TALOS-2023-1829
|
Weston Embedded uC-TCP-IP IP header loopback parsing double-free vulnerability
|
2024-02-20
|
CVE-2023-38562
|
8.7
|
TALOS-2024-1931
|
Imaging Data Commons libdicom DICOM File Meta Information Parsing Use-After-Free vulnerabilities
|
2024-02-20
|
CVE-2024-24793,CVE-2024-24794
|
8.1
|
TALOS-2023-1909
|
Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
|
2024-02-15
|
CVE-2024-20748
|
6.5
|
TALOS-2023-1901
|
Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability
|
2024-02-15
|
CVE-2024-20731
|
8.8
|
TALOS-2023-1905
|
Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
|
2024-02-15
|
CVE-2024-20735
|
6.5
|
TALOS-2023-1906
|
Adobe Acrobat Reader Font CPAL integer overflow vulnerability
|
2024-02-15
|
CVE-2024-20730
|
8.8
|
TALOS-2023-1908
|
Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
|
2024-02-15
|
CVE-2024-20747
|
6.5
|
TALOS-2023-1910
|
Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability
|
2024-02-15
|
CVE-2024-20749
|
6.5
|
TALOS-2023-1890
|
Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability
|
2024-02-15
|
CVE-2024-20729
|
8.8
|
TALOS-2023-1850
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability
|
2024-02-06
|
CVE-2023-43482
|
7.2
|
TALOS-2023-1855
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd GRE command injection vulnerability
|
2024-02-06
|
CVE-2023-47167
|
7.2
|
TALOS-2023-1856
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP global config Command injection Vulnerability
|
2024-02-06
|
CVE-2023-42664
|
7.2
|
TALOS-2023-1858
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd web group command injection vulnerability
|
2024-02-06
|
CVE-2023-47617
|
7.2
|
TALOS-2023-1857
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd Wireguard VPN command injection vulnerability
|
2024-02-06
|
CVE-2023-46683
|
7.2
|
TALOS-2023-1854
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd ipsec command injection vulnerability
|
2024-02-06
|
CVE-2023-47209
|
7.2
|
TALOS-2023-1859
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd web filtering Command injection Vulnerability
|
2024-02-06
|
CVE-2023-47618
|
7.2
|
TALOS-2023-1853
|
TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP client Command injection Vulnerability
|
2024-02-06
|
CVE-2023-36498
|
7.2
|
TALOS-2023-1896
|
WWBN AVideo userRecoverPass.php recoverPass generation insufficient entropy vulnerability
|
2024-01-10
|
CVE-2023-49589
|
8.8
|
TALOS-2023-1880
|
WWBN AVideo aVideoEncoderReceiveImage.json.php image upload information disclosure vulnerability
|
2024-01-10
|
CVE-2023-49864,CVE-2023-49863,CVE-2023-49862
|
6.5
|
TALOS-2023-1869
|
WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability
|
2024-01-10
|
CVE-2023-47171
|
6.5
|
TALOS-2023-1900
|
WWBN AVideo salt generation insufficient entropy vulnerability
|
2024-01-10
|
CVE-2023-49599
|
9.8
|
TALOS-2023-1884
|
WWBN AVideo channelBody.php user name cross-site scripting (XSS) vulnerability
|
2024-01-10
|
CVE-2023-47861
|
9.0
|
TALOS-2023-1898
|
WWBN AVideo checkLoginAttempts login attempt restriction bypass vulnerability
|
2024-01-10
|
CVE-2023-49810
|
7.3
|
TALOS-2023-1897
|
WWBN AVideo userRecoverPass.php captcha validation recovery notification bypass vulnerability
|
2024-01-10
|
CVE-2023-50172
|
5.3
|
TALOS-2023-1885
|
WWBN AVideo import.json.php temporary copy unrestricted php file upload vulnerability
|
2024-01-10
|
CVE-2023-49715
|
4.3
|
TALOS-2023-1883
|
WWBN AVideo functiongetOpenGraph videoName cross-site scripting (XSS) vulnerability
|
2024-01-10
|
CVE-2023-48728
|
9.6
|
TALOS-2023-1886
|
WWBN AVideo getLanguageFromBrowser local file inclusion vulnerability
|
2024-01-10
|
CVE-2023-47862
|
9.8
|
TALOS-2023-1882
|
WWBN AVideo navbarMenuAndLogo.php user name cross-site scripting (XSS) vulnerability
|
2024-01-10
|
CVE-2023-48730
|
8.5
|
TALOS-2023-1881
|
WWBN AVideo image404Raw.php information disclosure vulnerability
|
2024-01-10
|
CVE-2023-49738
|
7.5
|
TALOS-2023-1814
|
GTKWave VZT vzt_rd_block_vch_decode times parsing integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-38651,CVE-2023-38650
|
7.0
|
TALOS-2023-1792
|
GTKWave FST fstReaderIterBlocks2 time_table tsec_nitems integer overflow vulnerability
|
2024-01-08
|
CVE-2023-35128
|
7.0
|
TALOS-2023-1789
|
GTKWave FST fstReaderIterBlocks2 chain_table parsing heap-based buffer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-35969,CVE-2023-35970
|
7.8
|
TALOS-2023-1785
|
GTKWave FST fstReaderIterBlocks2 VCDATA parsing heap-based buffer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-35956,CVE-2023-35957,CVE-2023-35958,CVE-2023-35955
|
7.8
|
TALOS-2023-1826
|
GTKWave LXT2 lxt2_rd_get_facname decompression out-of-bounds write vulnerabilities
|
2024-01-08
|
CVE-2023-39443,CVE-2023-39444
|
7.8
|
TALOS-2023-1783
|
GTKWave FST LEB128 varint stack-based buffer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-35704,CVE-2023-35703,CVE-2023-35702
|
7.8
|
TALOS-2023-1777
|
GTKWave FST FST_BL_GEOM parsing maxhandle integer overflow vulnerability
|
2024-01-08
|
CVE-2023-32650
|
7.0
|
TALOS-2023-1793
|
GTKWave FST fstReaderIterBlocks2 fstWritex len heap-based buffer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-36747,CVE-2023-36746
|
7.0
|
TALOS-2023-1798
|
GTKWave FST fstReaderIterBlocks2 chain_table allocation integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-36915,CVE-2023-36916
|
7.8
|
TALOS-2023-1805
|
GTKWave VCD var definition section out-of-bounds read vulnerabilities
|
2024-01-08
|
CVE-2023-37447,CVE-2023-37446,CVE-2023-37445,CVE-2023-37444,CVE-2023-37442,CVE-2023-37443
|
7.8
|
TALOS-2023-1786
|
GTKWave decompression OS command injection vulnerabilities
|
2024-01-08
|
CVE-2023-35963,CVE-2023-35960,CVE-2023-35964,CVE-2023-35959,CVE-2023-35961,CVE-2023-35962
|
7.8
|
TALOS-2023-1827
|
GTKWave LXT2 lxt2_rd_expand_integer_to_bits stack-based buffer overflow vulnerability
|
2024-01-08
|
CVE-2023-38583
|
7.8
|
TALOS-2023-1824
|
GTKWave LXT2 lxt2_rd_iter_radix shift operation integer underflow vulnerabilities
|
2024-01-08
|
CVE-2023-39413,CVE-2023-39414
|
7.0
|
TALOS-2023-1822
|
GTKWave LXT2 zlib block allocation integer overflow vulnerability
|
2024-01-08
|
CVE-2023-35989
|
7.8
|
TALOS-2023-1819
|
GTKWave LXT2 num_time_table_entries out-of-bounds write vulnerability
|
2024-01-08
|
CVE-2023-34436
|
7.8
|
TALOS-2023-1806
|
GTKWave VCD get_vartoken realloc use-after-free vulnerabilities
|
2024-01-08
|
CVE-2023-37576,CVE-2023-37577,CVE-2023-37573,CVE-2023-37578,CVE-2023-37575,CVE-2023-37574
|
7.8
|
TALOS-2023-1804
|
GTKWave VCD parse_valuechange portdump out-of-bounds write vulnerabilities
|
2024-01-08
|
CVE-2023-37416,CVE-2023-37419,CVE-2023-37420,CVE-2023-37418,CVE-2023-37417
|
7.8
|
TALOS-2023-1791
|
GTKWave FST fstReaderIterBlocks2 tdelta improper array index validation vulnerabilities
|
2024-01-08
|
CVE-2023-35994,CVE-2023-35996,CVE-2023-35997,CVE-2023-35995
|
7.8
|
TALOS-2023-1790
|
GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability
|
2024-01-08
|
CVE-2023-35992
|
7.0
|
TALOS-2023-1803
|
GTKWave EVCD var len parsing improper array index validation vulnerability
|
2024-01-08
|
CVE-2023-34087
|
7.8
|
TALOS-2023-1817
|
GTKWave VZT vzt_rd_process_block autosort out-of-bounds write vulnerabilities
|
2024-01-08
|
CVE-2023-39235,CVE-2023-39234
|
7.8
|
TALOS-2023-1811
|
GTKWave VZT LZMA_read_varint out-of-bounds write vulnerability
|
2024-01-08
|
CVE-2023-36861
|
7.8
|
TALOS-2023-1807
|
GTKWave VCD sorted bsearch arbitrary write vulnerabilities
|
2024-01-08
|
CVE-2023-37921,CVE-2023-37923,CVE-2023-37922
|
7.8
|
TALOS-2023-1818
|
GTKWave LXT2 facgeometry parsing integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-39273,CVE-2023-39271,CVE-2023-39274,CVE-2023-39275,CVE-2023-39272,CVE-2023-39270
|
7.8
|
TALOS-2023-1812
|
GTKWave VZT facgeometry parsing integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-38618,CVE-2023-38621,CVE-2023-38620,CVE-2023-38619,CVE-2023-38623,CVE-2023-38622
|
7.8
|
TALOS-2023-1810
|
GTKWave VZT LZMA_Read dmem extraction out-of-bounds write vulnerability
|
2024-01-08
|
CVE-2023-37282
|
7.8
|
TALOS-2023-1813
|
GTKWave VZT vzt_rd_get_facname decompression out-of-bounds write vulnerabilities
|
2024-01-08
|
CVE-2023-38649,CVE-2023-38648
|
7.8
|
TALOS-2023-1820
|
GTKWave LXT2 num_dict_entries integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-39316,CVE-2023-39317
|
7.8
|
TALOS-2023-1821
|
GTKWave LXT2 lxt2_rd_trace value elements allocation integer overflow vulnerability
|
2024-01-08
|
CVE-2023-35057
|
7.8
|
TALOS-2023-1823
|
GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability
|
2024-01-08
|
CVE-2023-38657
|
7.8
|
TALOS-2023-1851
|
ManageEngine OpManager uploadMib directory traversal vulnerability
|
2024-01-08
|
CVE-2023-47211
|
9.1
|
TALOS-2023-1815
|
GTKWave VZT vzt_rd_block_vch_decode dict parsing integer overflow vulnerabilities
|
2024-01-08
|
CVE-2023-38653,CVE-2023-38652
|
7.0
|
TALOS-2023-1816
|
GTKWave VZT longest_len value allocation integer overflow vulnerability
|
2024-01-08
|
CVE-2023-35004
|
7.8
|
TALOS-2023-1797
|
GTKWave FST fstReaderIterBlocks2 temp_signal_value_buf allocation integer overflow vulnerability
|
2024-01-08
|
CVE-2023-36864
|
7.8
|
TALOS-2023-1907
|
instipod DuoUniversalKeycloakAuthenticator challenge information disclosure vulnerability
|
2023-12-23
|
CVE-2023-49594
|
4.5
|
TALOS-2023-1845
|
Buildroot BR_NO_CHECK_HASH_FOR data integrity vulnerability
|
2023-12-05
|
CVE-2023-43608
|
8.1
|
TALOS-2023-1844
|
Buildroot package hash checking data integrity vulnerabilities
|
2023-12-05
|
CVE-2023-45841,CVE-2023-45842,CVE-2023-45838,CVE-2023-45839,CVE-2023-45840
|
8.1
|
TALOS-2023-1860
|
GPSd NTRIP Stream Parsing access violation vulnerability
|
2023-12-05
|
CVE-2023-43628
|
5.9
|
TALOS-2023-1838
|
Foxit Reader field value property type confusion vulnerability
|
2023-11-27
|
CVE-2023-41257
|
8.8
|
TALOS-2023-1833
|
Foxit Reader Javascript exportDataObject arbitrary file creation vulnerability
|
2023-11-27
|
CVE-2023-40194
|
8.8
|
TALOS-2023-1839
|
Foxit Reader signature field OnBlur event use-after-free vulnerability
|
2023-11-27
|
CVE-2023-38573
|
8.8
|
TALOS-2023-1748
|
WPS Office ET Data use of uninitialized pointer vulnerability
|
2023-11-27
|
CVE-2023-31275
|
8.8
|
TALOS-2023-1832
|
Foxit Reader Javascript saveAs arbitrary file creation vulnerability
|
2023-11-27
|
CVE-2023-39542
|
8.8
|
TALOS-2023-1834
|
Foxit Reader Javascript exportDataObject HTA file creation vulnerability
|
2023-11-27
|
CVE-2023-35985
|
8.8
|
TALOS-2023-1837
|
Foxit Reader 3D Annot use-after-free vulnerability
|
2023-11-27
|
CVE-2023-32616
|
8.8
|
TALOS-2023-1794
|
Adobe Acrobat Reader Thermometer use-after-free vulnerability
|
2023-11-15
|
CVE-2023-44336
|
8.8
|
TALOS-2023-1842
|
Adobe Acrobat Reader U3D page event use-after-free vulnerability
|
2023-11-15
|
CVE-2023-44372
|
8.8
|
TALOS-2023-1835
|
Microsoft Office Professional Plus 2019 FCommitHtmlPivotCacheElement use-after-free vulnerability
|
2023-11-15
|
CVE-2023-36041
|
7.8
|
TALOS-2023-1738
|
Weston Embedded uC-HTTP HTTP Server form boundary memory corruption vulnerability
|
2023-11-14
|
CVE-2023-28379
|
9.0
|
TALOS-2023-1746
|
Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability
|
2023-11-14
|
CVE-2023-31247
|
9.0
|
TALOS-2023-1725
|
Weston Embedded uC-HTTP HTTP Server out-of-bounds write vulnerability
|
2023-11-14
|
CVE-2023-24585
|
7.7
|
TALOS-2023-1726
|
Weston Embedded uC-HTTP HTTP Server buffer overflow vulnerability
|
2023-11-14
|
CVE-2023-25181
|
9.0
|
TALOS-2023-1732
|
Weston Embedded uC-HTTP HTTP Server memory corruption vulnerability
|
2023-11-14
|
CVE-2023-28391
|
9.0
|
TALOS-2023-1733
|
Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability
|
2023-11-14
|
CVE-2023-27882
|
9.0
|
TALOS-2023-1809
|
JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser out-of-bounds write vulnerability
|
2023-10-19
|
CVE-2023-38128
|
7.8
|
TALOS-2023-1808
|
JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser integer overflow vulnerability
|
2023-10-19
|
CVE-2023-38127
|
7.8
|
TALOS-2023-1825
|
JustSystems Corporation Ichitaro 2023 DocumentViewStyles and DocumentEditStyles stream relative write vulnerabilities
|
2023-10-19
|
CVE-2023-35126
|
7.8
|
TALOS-2023-1758
|
JustSystems Corporation Ichitaro "Figure" stream use-after-free vulnerability
|
2023-10-19
|
CVE-2023-34366
|
7.8
|
TALOS-2023-1735
|
SoftEther VPN vpnserver WpcParsePacket() heap-based buffer overflow vulnerability
|
2023-10-12
|
CVE-2023-27395
|
9.0
|
TALOS-2023-1737
|
SoftEther VPN vpnserver OvsProcessData denial of service vulnerability
|
2023-10-12
|
CVE-2023-22308
|
7.5
|
TALOS-2023-1743
|
SoftEther VPN vpnserver ConnectionAccept() denial-of-service vulnerability
|
2023-10-12
|
CVE-2023-25774
|
7.5
|
TALOS-2023-1768
|
SoftEther VPN ClientConnect() information disclosure vulnerability
|
2023-10-12
|
CVE-2023-31192
|
5.3
|
TALOS-2023-1736
|
SoftEther VPN DCRegister DDNS_RPC_MAX_RECV_SIZE denial of service vulnerability
|
2023-10-12
|
CVE-2023-22325
|
5.9
|
TALOS-2023-1741
|
SoftEther VPN vpnserver EnSafeHttpHeaderValueStr denial of service vulnerability
|
2023-10-12
|
CVE-2023-23581
|
7.5
|
TALOS-2023-1755
|
SoftEther VPN CiRpcServerThread() MitM authentication bypass vulnerability
|
2023-10-12
|
CVE-2023-32634
|
7.8
|
TALOS-2023-1753
|
SoftEther VPN CtEnumCa() information disclosure vulnerability
|
2023-10-12
|
CVE-2023-32275
|
5.5
|
TALOS-2023-1754
|
SoftEther VPN CiRpcAccepted() authentication bypass vulnerability
|
2023-10-12
|
CVE-2023-27516
|
7.3
|
TALOS-2023-1782
|
peplink Surf SOHO HW1 api.cgi cmd.mvpn.x509.write OS command injection vulnerability
|
2023-10-11
|
CVE-2023-35194,CVE-2023-35193
|
7.2
|
TALOS-2023-1766
|
Yifan YF325 httpd manage_request stack-based buffer overflow vulnerability
|
2023-10-11
|
CVE-2023-34426
|
9.8
|
TALOS-2023-1761
|
Yifan YF325 httpd next_page buffer overflow vulnerability
|
2023-10-11
|
CVE-2023-35055,CVE-2023-35056
|
8.8
|
TALOS-2023-1762
|
Yifan YF325 httpd nvram.cgi authentication bypass vulnerability
|
2023-10-11
|
CVE-2023-24479
|
9.8
|
TALOS-2023-1765
|
Yifan YF325 httpd do_wds stack-based buffer overflow vulnerability
|
2023-10-11
|
CVE-2023-31272
|
8.8
|
TALOS-2023-1767
|
Yifan YF325 validate.so diag_ping_start command execution vulnerability
|
2023-10-11
|
CVE-2023-32632
|
8.8
|
TALOS-2023-1787
|
Yifan YF325 httpd manage_post stack-based buffer overflow vulnerabilities
|
2023-10-11
|
CVE-2023-35965,CVE-2023-35966
|
9.8
|
TALOS-2023-1788
|
Yifan YF325 gwcfg_cgi_set_manage_post_data stack-based buffer overflow vulnerabilities
|
2023-10-11
|
CVE-2023-35967,CVE-2023-35968
|
9.8
|
TALOS-2023-1752
|
Yifan YF325 httpd debug credentials leftover debug code vulnerability
|
2023-10-11
|
CVE-2023-32645
|
9.8
|
TALOS-2023-1763
|
Yifan YF325 libutils.so nvram_restore stack-based buffer overflow vulnerability
|
2023-10-11
|
CVE-2023-34365
|
9.8
|
TALOS-2023-1764
|
Yifan YF325 httpd gwcfg.cgi get stack-based buffer overflow vulnerability
|
2023-10-11
|
CVE-2023-34346
|
9.8
|
TALOS-2023-1779
|
peplink Surf SOHO HW1 admin.cgi MVPN_trial_init OS command injection vulnerability
|
2023-10-11
|
CVE-2023-28381
|
7.2
|
TALOS-2023-1778
|
peplink Surf SOHO HW1 data.cgi xfer_dns OS command injection vulnerability
|
2023-10-11
|
CVE-2023-34356
|
7.2
|
TALOS-2023-1781
|
peplink Surf SOHO HW1 upload_brand.cgi cross-site scripting (XSS) vulnerability
|
2023-10-11
|
CVE-2023-34354
|
3.4
|
TALOS-2023-1780
|
peplink Surf SOHO HW1 admin.cgi USSD_send OS command injection vulnerability
|
2023-10-11
|
CVE-2023-27380
|
7.2
|
TALOS-2023-1831
|
Webkit MediaRecorder API stopRecording use-after-free vulnerability
|
2023-10-06
|
CVE-2023-39928
|
8.8
|
TALOS-2023-1759
|
Hancom Office 2020 HWord footerr use-after-free vulnerability
|
2023-09-26
|
CVE-2023-32541
|
8.8
|
TALOS-2023-1830
|
Accusoft ImageGear tif_parse_sub_IFD use-after-free vulnerability
|
2023-09-25
|
CVE-2023-39453
|
9.8
|
TALOS-2023-1760
|
Accusoft ImageGear pictwread heap-based buffer overflow vulnerability
|
2023-09-25
|
CVE-2023-35002
|
9.8
|
TALOS-2023-1751
|
Google Chrome VideoEncoder av1_svc_check_reset_layer_rc_flag use-after-free vulnerability
|
2023-09-25
|
CVE-2023-3421
|
8.3
|
TALOS-2023-1802
|
Accusoft ImageGear dcm_pixel_data_decode out-of-bounds write vulnerability
|
2023-09-25
|
CVE-2023-32653
|
9.8
|
TALOS-2023-1742
|
Accusoft ImageGear tif_processing_dng_channel_count stack-based buffer overflow vulnerability
|
2023-09-25
|
CVE-2023-28393
|
5.6
|
TALOS-2023-1749
|
Accusoft ImageGear create_png_object heap-based buffer overflow vulnerability
|
2023-09-25
|
CVE-2023-32614
|
7.0
|
TALOS-2023-1729
|
Accusoft ImageGear CreateDIBfromPict out-of-bounds write vulnerability
|
2023-09-25
|
CVE-2023-23567
|
8.1
|
TALOS-2023-1750
|
Accusoft ImageGear tiff_planar_adobe out-of-bounds write vulnerability
|
2023-09-25
|
CVE-2023-32284
|
8.1
|
TALOS-2023-1836
|
Accusoft ImageGear allocate_buffer_for_jpeg_decoding out-of-bounds write vulnerability
|
2023-09-25
|
CVE-2023-40163
|
9.8
|
TALOS-2023-1770
|
Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability
|
2023-09-05
|
CVE-2023-34998
|
8.1
|
TALOS-2023-1771
|
Open Automation Software OAS Platform OAS Engine configuration file write vulnerability
|
2023-09-05
|
CVE-2023-32615
|
6.5
|
TALOS-2023-1774
|
Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability
|
2023-09-05
|
CVE-2023-32271
|
6.5
|
TALOS-2023-1775
|
Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability
|
2023-09-05
|
CVE-2023-35124
|
3.1
|
TALOS-2023-1776
|
Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability
|
2023-09-05
|
CVE-2023-34353
|
7.5
|
TALOS-2023-1772
|
Open Automation Software OAS Platform OAS Engine User Creation improper input validation vulnerability
|
2023-09-05
|
CVE-2023-34317
|
6.5
|
TALOS-2023-1773
|
Open Automation Software OAS Platform OAS Engine configuration management improper resource allocation vulnerability
|
2023-09-05
|
CVE-2023-34994
|
3.1
|
TALOS-2023-1769
|
Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability
|
2023-09-05
|
CVE-2023-31242
|
8.1
|
TALOS-2023-1719
|
NVIDIA D3D10 Driver Shader Functionality undeclared dcl_output memory corruption vulnerability
|
2023-08-10
|
CVE-2022-34671
|
8.5
|
TALOS-2023-1720
|
NVIDIA D3D10 Driver Shader Functionality dcl_input index memory corruption vulnerability
|
2023-08-10
|
CVE-2022-34671
|
8.5
|
TALOS-2023-1721
|
NVIDIA D3D10 Driver Shader Functionality dcl_resource_structured index memory corruption vulnerability
|
2023-08-10
|
CVE-2022-34671
|
8.5
|
TALOS-2022-1666
|
Open Babel translationVectors parsing out-of-bounds write vulnerabilities
|
2023-07-21
|
CVE-2022-46292,CVE-2022-46295,CVE-2022-46294,CVE-2022-46293,CVE-2022-46291
|
9.8
|
TALOS-2022-1671
|
Open Babel PQS format coord_file out-of-bounds write vulnerability
|
2023-07-21
|
CVE-2022-43467
|
9.8
|
TALOS-2022-1670
|
Open Babel PQS format pFormat uninitialized pointer dereference vulnerability
|
2023-07-21
|
CVE-2022-46280
|
9.8
|
TALOS-2022-1669
|
Open Babel MSI format atom uninitialized pointer dereference vulnerability
|
2023-07-21
|
CVE-2022-44451
|
9.8
|
TALOS-2022-1668
|
Open Babel GRO format res uninitialized pointer dereference vulnerability
|
2023-07-21
|
CVE-2022-42885
|
9.8
|
TALOS-2022-1665
|
Open Babel ORCA format nAtoms out-of-bounds write vulnerabilities
|
2023-07-21
|
CVE-2022-46289,CVE-2022-46290
|
9.8
|
TALOS-2022-1667
|
Open Babel CSR format title out-of-bounds write vulnerability
|
2023-07-21
|
CVE-2022-41793
|
9.8
|
TALOS-2022-1664
|
Open Babel MOL2 format attribute and value out-of-bounds write vulnerability
|
2023-07-21
|
CVE-2022-43607
|
8.1
|
TALOS-2022-1672
|
Open Babel Gaussian format orientation out-of-bounds write vulnerability
|
2023-07-21
|
CVE-2022-37331
|
7.3
|
TALOS-2023-1757
|
Foxit Reader Field OnBlur event use-after-free vulnerability
|
2023-07-19
|
CVE-2023-33866
|
8.8
|
TALOS-2023-1796
|
Foxit Reader Javascript annotation destruction use-after-free vulnerability
|
2023-07-19
|
CVE-2023-33876
|
8.8
|
TALOS-2023-1795
|
Foxit Reader checkThisBox type confusion vulnerability
|
2023-07-19
|
CVE-2023-32664
|
8.8
|
TALOS-2023-1756
|
Foxit Reader Field Calculate event use-after-free vulnerability
|
2023-07-19
|
CVE-2023-27379
|
8.8
|
TALOS-2023-1739
|
Foxit Reader Choice Field use-after-free vulnerability
|
2023-07-19
|
CVE-2023-28744
|
8.8
|
TALOS-2023-1747
|
Microsoft Edge MSDCPDF Javascript addIcon type confusion vulnerability
|
2023-07-17
|
CVE-2023-36887
|
8.1
|
TALOS-2022-1688
|
Apple DCERPC array marshaling uninitialized memory disclosure vulnerability
|
2023-07-13
|
CVE-2023-27953
|
5.3
|
TALOS-2022-1675
|
Apple DCERPC allocation hint uninitialized memory disclosure vulnerability
|
2023-07-13
|
None
|
5.3
|
TALOS-2022-1660
|
Apple DCERPC packet stats buffer overflow vulnerability
|
2023-07-13
|
CVE-2023-23513
|
8.1
|
TALOS-2022-1676
|
Apple DCERPC association groups heap overflow
|
2023-07-13
|
CVE-2023-27935
|
7.5
|
TALOS-2022-1659
|
Apple DCERPC presentation result list out of bounds memory access
|
2023-07-13
|
CVE-2023-23539
|
5.9
|
TALOS-2022-1679
|
Apple DCERPC zero length BIND packet infinite loop
|
2023-07-13
|
None
|
5.3
|
TALOS-2022-1678
|
Apple DCERPC alter context response use-after-free vulnerability
|
2023-07-13
|
CVE-2023-28180
|
7.5
|
TALOS-2022-1677
|
Apple DCERPC call request uninitialized memory heap overflow vulnerability
|
2023-07-13
|
CVE-2023-27934
|
7.5
|
TALOS-2023-1800
|
VMWare vCenter Server DCERPC presentation result list out of bounds memory access
|
2023-07-13
|
CVE-2023-20896
|
5.9
|
TALOS-2023-1799
|
VMWare vCenter Server DCERPC association groups use-after-free vulnerability
|
2023-07-13
|
CVE-2023-20893
|
7.5
|
TALOS-2023-1740
|
VMware vCenter Server DCERPC save_sec_fragment out-of-bounds pointer vulnerability
|
2023-07-13
|
CVE-2023-20895
|
8.1
|
TALOS-2023-1801
|
VMware DCERPC call request uninitialized memory heap overflow vulnerability
|
2023-07-13
|
CVE-2023-20892
|
7.5
|
TALOS-2022-1658
|
VMware vCenter DCERPC Improper calculation of authentication trailer pointer
|
2023-07-13
|
CVE-2023-20894
|
8.1
|
TALOS-2022-1689
|
Apple DCERPC fixed array use after free vulnerability
|
2023-07-13
|
CVE-2023-27958
|
7.5
|
TALOS-2023-1717
|
Apple DCERPC association groups use-after-free vulnerability
|
2023-07-13
|
CVE-2023-32387
|
7.5
|
TALOS-2023-1700
|
Milesight MilesightVPN requestHandlers.js verifyToken authentication bypass vulnerability
|
2023-07-06
|
CVE-2023-22844
|
7.3
|
TALOS-2023-1723
|
Milesight UR32L zebra vlan_name OS command injection vulnerabilities
|
2023-07-06
|
CVE-2023-25582,CVE-2023-25583
|
7.2
|
TALOS-2023-1716
|
Milesight UR32L vtysh_ubus sprintf pattern buffer overflow vulnerabilities
|
2023-07-06
|
CVE-2023-25091,CVE-2023-25107,CVE-2023-25113,CVE-2023-25120,CVE-2023-25122,CVE-2023-25082,CVE-2023-25095,CVE-2023-25117,CVE-2023-25121,CVE-2023-25115,CVE-2023-25118,CVE-2023-25124,CVE-2023-25101,CVE-2023-25123,CVE-2023-25102,CVE-2023-25084,CVE-2023-25093,CVE-2023-25097,CVE-2023-25103,CVE-2023-25096,CVE-2023-25090,CVE-2023-25085,CVE-2023-25106,CVE-2023-25104,CVE-2023-25086,CVE-2023-25088,CVE-2023-25105,CVE-2023-25112,CVE-2023-25089,CVE-2023-25098,CVE-2023-25081,CVE-2023-25094,CVE-2023-25100,CVE-2023-25110,CVE-2023-25109,CVE-2023-25099,CVE-2023-25119,CVE-2023-25083,CVE-2023-25087,CVE-2023-25116,CVE-2023-25092,CVE-2023-25108,CVE-2023-25111,CVE-2023-25114
|
7.2
|
TALOS-2023-1704
|
Milesight MilesightVPN requestHandlers.js detail_device cross-site scripting (XSS) vulnerabilities
|
2023-07-06
|
CVE-2023-24497,CVE-2023-24496
|
4.7
|
TALOS-2023-1706
|
Milesight UR32L vtysh_ubus toolsh_excute.constprop.1 OS command injection vulnerabilities
|
2023-07-06
|
CVE-2023-24519,CVE-2023-24520
|
8.8
|
TALOS-2023-1697
|
Milesight UR32L uhttpd login buffer overflow vulnerability
|
2023-07-06
|
CVE-2023-23902
|
9.8
|
TALOS-2023-1698
|
Milesight UR32L libzebra.so bridge_group OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22306
|
7.2
|
TALOS-2023-1699
|
Milesight UR32L libzebra.so change_hostname OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22659
|
7.2
|
TALOS-2023-1702
|
Milesight MilesightVPN server.js start directory traversal vulnerability
|
2023-07-06
|
CVE-2023-23907
|
7.5
|
TALOS-2023-1703
|
Milesight MilesightVPN liburvpn.so create_private_key OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22371
|
8.1
|
TALOS-2023-1705
|
Milesight UR32L urvpn_client Certificate Validation vulnerability
|
2023-07-06
|
CVE-2023-23546
|
4.2
|
TALOS-2023-1718
|
Milesight UR32L urvpn_client http_connection_readcb stack-based buffer overflow vulnerability
|
2023-07-06
|
CVE-2023-24019
|
8.1
|
TALOS-2023-1711
|
Milesight UR32L ys_thirdparty check_system_user OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22365
|
7.2
|
TALOS-2023-1712
|
Milesight UR32L vtysh_ubus _get_fw_logs OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22299
|
8.8
|
TALOS-2023-1713
|
Milesight UR32L ys_thirdparty system_user_script OS command injection vulnerability
|
2023-07-06
|
CVE-2023-24595
|
7.2
|
TALOS-2023-1715
|
Milesight UR32L libzebra.so security_decrypt_password buffer overflow vulnerability
|
2023-07-06
|
CVE-2023-24018
|
8.8
|
TALOS-2023-1696
|
Milesight UR32L eventcore access violation vulnerability
|
2023-07-06
|
CVE-2023-23571
|
7.5
|
TALOS-2023-1694
|
Milesight UR32L ys_thirdparty user_delete OS command injection vulnerability
|
2023-07-06
|
CVE-2023-23550
|
7.2
|
TALOS-2023-1695
|
Milesight UR32L luci2-io file-export mib directory traversal vulnerability
|
2023-07-06
|
CVE-2023-23547
|
6.5
|
TALOS-2023-1710
|
Milesight UR32L urvpn_client cmd_name_action OS command injection vulnerabilities
|
2023-07-06
|
CVE-2023-24583,CVE-2023-24582
|
8.8
|
TALOS-2023-1714
|
Milesight UR32L vtysh_ubus tcpdump_start_cb OS command injection vulnerability
|
2023-07-06
|
CVE-2023-22653
|
8.8
|
TALOS-2023-1701
|
Milesight MilesightVPN requestHandlers.js LoginAuth SQL injection vulnerability
|
2023-07-06
|
CVE-2023-22319
|
7.3
|
TALOS-2023-1744
|
Diagon Sequence::DrawText heap-based buffer overflow vulnerability
|
2023-07-05
|
CVE-2023-27390
|
7.8
|
TALOS-2023-1745
|
Diagon GraphPlanar::Write improper array index validation vulnerability
|
2023-07-05
|
CVE-2023-31194
|
5.3
|
TALOS-2023-1724
|
Google Chrome WebGL rx::Image11::disassociateStorage use-after-free vulnerability
|
2023-06-26
|
CVE-2023-1531
|
8.3
|
TALOS-2023-1734
|
Microsoft Office Excel WebCharts out-of-bounds write vulnerability
|
2023-06-13
|
CVE-2023-33133
|
7.8
|
TALOS-2023-1730
|
Microsoft Office Excel FreePhisxdb arbitrary free vulnerability
|
2023-06-13
|
CVE-2023-32029
|
7.8
|
TALOS-2023-1727
|
Mitsubishi Electric Corporation MELSEC iQ-F FX5U MELSOFT Direct memory corruption vulnerability
|
2023-05-26
|
CVE-2023-1424
|
10.0
|
TALOS-2022-1680
|
Weston Embedded uC-FTPs Authentication authentication bypass vulnerability
|
2023-05-10
|
CVE-2022-41985
|
8.6
|
TALOS-2022-1681
|
Weston Embedded uC-FTPs PORT command parameter extraction out-of-bounds read vulnerability
|
2023-05-10
|
CVE-2022-46377,CVE-2022-46378
|
6.5
|
TALOS-2023-1693
|
Google Chrome WebRTC RTCStatsCollector out of bounds memory access vulnerability
|
2023-05-04
|
CVE-2023-0698
|
8.3
|
TALOS-2023-1690
|
IBM Corporation AIX errlog() Log Injection Vulnerability
|
2023-04-24
|
None,CVE-2023-26286
|
5.5
|
TALOS-2023-1691
|
IBM Corporation AIX invscout SetUID Binary OS Command Injection Vulnerability
|
2023-04-24
|
CVE-2023-28528
|
5.5
|
TALOS-2022-1593
|
Slic3r libslic3r TriangleMesh clone heap-based buffer overflow vulnerability
|
2023-04-20
|
CVE-2022-36788
|
8.1
|
TALOS-2023-1692
|
Lenovo Group Ltd. Smart Clock Essential SSH hard-coded password vulnerability
|
2023-04-13
|
CVE-2023-0896
|
9.8
|
TALOS-2022-1673
|
Justsystem Ichitaro Protected Attribute Identifier Use-After-Free Vulnerablity
|
2023-04-05
|
CVE-2022-43664
|
7.8
|
TALOS-2022-1684
|
JustSystems Corporation Ichitaro Attribute Arena buffer overflow vulnerability
|
2023-04-05
|
CVE-2022-45115
|
7.8
|
TALOS-2022-1687
|
JustSystems Corporation Ichitaro Frame stream parser invalid free vulnerability
|
2023-04-05
|
CVE-2023-22291
|
7.0
|
TALOS-2023-1722
|
JustSystems Corporation Ichitaro "LayoutBox" stream heap-based buffer overflow vulnerability
|
2023-04-05
|
CVE-2023-22660
|
7.0
|
TALOS-2022-1594
|
ADMesh stl_fix_normal_directions improper array index validation vulnerability
|
2023-04-03
|
CVE-2022-38072
|
6.5
|
TALOS-2023-1731
|
SNIProxy wildcard backend hosts buffer overflow vulnerability
|
2023-03-30
|
CVE-2023-25076
|
9.8
|
TALOS-2022-1685
|
ManageEngine OpManager Add UCS Device blind XXE vulnerability
|
2023-03-30
|
CVE-2022-43473
|
5.8
|
TALOS-2023-1708
|
OpenImageIO Project OpenImageIO TGAInput::decode_pixel() out-of-bounds read vulnerability
|
2023-03-30
|
CVE-2023-22845
|
7.5
|
TALOS-2023-1709
|
OpenImageIO Project OpenImageIO FitsOutput::close() denial of service vulnerability
|
2023-03-30
|
CVE-2023-24472
|
7.5
|
TALOS-2023-1707
|
OpenImageIO Project OpenImageIO TGAInput::read_tga2_header information disclosure vulnerability
|
2023-03-30
|
CVE-2023-24473
|
5.3
|
TALOS-2022-1598
|
Netgear Orbi Router RBR750 Remote Management cleartext transmission vulnerability
|
2023-03-21
|
CVE-2022-38458
|
6.5
|
TALOS-2022-1597
|
Netgear Orbi Satellite RBS750 ubus backend communications command execution vulnerability
|
2023-03-21
|
CVE-2022-36429
|
7.2
|
TALOS-2022-1596
|
Netgear Orbi Router RBR750 access control command execution vulnerability
|
2023-03-21
|
CVE-2022-37337
|
9.1
|
TALOS-2022-1595
|
Netgear Orbi Router RBR750 hidden telnet service command execution vulnerability
|
2023-03-21
|
CVE-2022-38452
|
7.2
|
TALOS-2022-1674
|
WellinTech KingHistorian SORBAx64.dll RecvPacket integer conversion vulnerability
|
2023-03-20
|
CVE-2022-43663
|
8.1
|
TALOS-2022-1683
|
WellinTech KingHistorian User authentication information disclosure vulnerability
|
2023-03-20
|
CVE-2022-45124
|
7.5
|
TALOS-2022-1645
|
Ghost Foundation node-sqlite3 code execution vulnerability
|
2023-03-16
|
CVE-2022-43441
|
8.1
|
TALOS-2022-1663
|
EIP Stack Group OpENer Forward Open connection_management_entry use of uninitialized pointer vulnerability
|
2023-02-23
|
CVE-2022-43606
|
7.5
|
TALOS-2022-1662
|
EIP Stack Group OpENer SetAttributeList attribute_count_request out-of-bounds write vulnerability
|
2023-02-23
|
CVE-2022-43605
|
10.0
|
TALOS-2022-1661
|
EIP Stack Group OpENer GetAttributeList attribute_count_request out-of-bounds write vulnerability
|
2023-02-23
|
CVE-2022-43604
|
10.0
|
TALOS-2022-1616
|
Moxa SDS-3008 Series Industrial Ethernet Switch web application cleartext transmission vulnerability
|
2023-02-02
|
CVE-2022-40693
|
5.9
|
TALOS-2022-1682
|
ESTsoft Alyac NT header out of bounds read
|
2023-02-02
|
CVE-2022-43665
|
5.0
|
TALOS-2022-1618
|
Moxa SDS-3008 Series Industrial Ethernet Switch web server denial of service vulnerability
|
2023-02-02
|
CVE-2022-40224
|
5.3
|
TALOS-2022-1621
|
Moxa SDS-3008 Series Industrial Ethernet Switch web application information disclosure vulnerability
|
2023-02-02
|
CVE-2022-40691
|
5.3
|
TALOS-2022-1619
|
Moxa SDS-3008 Series Industrial Ethernet Switch web application stored cross-site scripting vulnerability
|
2023-02-02
|
CVE-2022-41313,CVE-2022-41311,CVE-2022-41312
|
4.3
|
TALOS-2022-1610
|
Siretta QUARTZ-GOLD httpd shell.cgi leftover debug code vulnerability
|
2023-01-26
|
CVE-2022-38715
|
7.2
|
TALOS-2022-1637
|
Siretta QUARTZ-GOLD m2m DELETE_FILE cmd directory traversal vulnerability
|
2023-01-26
|
CVE-2022-41154
|
8.2
|
TALOS-2022-1641
|
FreshTomato httpd logs/view.cgi OS command injection vulnerability
|
2023-01-26
|
CVE-2022-42484
|
9.1
|
TALOS-2022-1615
|
Siretta QUARTZ-GOLD httpd SNMP OS command injection vulnerability
|
2023-01-26
|
CVE-2022-38066
|
7.2
|
TALOS-2022-1608
|
Siretta QUARTZ-GOLD httpd downfile.cgi stack-based buffer overflow vulnerability
|
2023-01-26
|
CVE-2022-38459
|
7.2
|
TALOS-2022-1638
|
Siretta QUARTZ-GOLD m2m DELETE_FILE cmd OS command injection vulnerability
|
2023-01-26
|
CVE-2022-40222
|
9.8
|
TALOS-2022-1611
|
Siretta QUARTZ-GOLD httpd upload.cgi file write vulnerability
|
2023-01-26
|
CVE-2022-39045
|
7.2
|
TALOS-2022-1642
|
FreshTomato httpd update.cgi directory traversal vulnerability
|
2023-01-26
|
CVE-2022-38451
|
6.8
|
TALOS-2022-1613
|
Siretta QUARTZ-GOLD DetranCLI command parsing stack-based buffer overflow vulnerabilities
|
2023-01-26
|
CVE-2022-40992,CVE-2022-41018,CVE-2022-41005,CVE-2022-41028,CVE-2022-40990,CVE-2022-40985,CVE-2022-40989,CVE-2022-40991,CVE-2022-40994,CVE-2022-41002,CVE-2022-41012,CVE-2022-41019,CVE-2022-41030,CVE-2022-41011,CVE-2022-41027,CVE-2022-40986,CVE-2022-41007,CVE-2022-41022,CVE-2022-41020,CVE-2022-40995,CVE-2022-40998,CVE-2022-41001,CVE-2022-41006,CVE-2022-41014,CVE-2022-41029,CVE-2022-41010,CVE-2022-40997,CVE-2022-40996,CVE-2022-41016,CVE-2022-40988,CVE-2022-41017,CVE-2022-41004,CVE-2022-41013,CVE-2022-41000,CVE-2022-40999,CVE-2022-41025,CVE-2022-41008,CVE-2022-41015,CVE-2022-41026,CVE-2022-41024,CVE-2022-41009,CVE-2022-41003,CVE-2022-40993,CVE-2022-41021,CVE-2022-40987,CVE-2022-41023
|
7.2
|
TALOS-2022-1605
|
Siretta QUARTZ-GOLD httpd delfile.cgi stack-based buffer overflow vulnerability
|
2023-01-26
|
CVE-2022-36279
|
7.2
|
TALOS-2022-1639
|
Siretta QUARTZ-GOLD m2m DELETE_FILE cmd heap-based buffer overflow vulnerability
|
2023-01-26
|
CVE-2022-41991
|
9.8
|
TALOS-2022-1609
|
Siretta QUARTZ-GOLD httpd downfile.cgi directory traversal vulnerability
|
2023-01-26
|
CVE-2022-38088
|
4.9
|
TALOS-2022-1606
|
Siretta QUARTZ-GOLD httpd delfile.cgi directory traversal vulnerability
|
2023-01-26
|
CVE-2022-40701
|
6.5
|
TALOS-2022-1640
|
Siretta QUARTZ-GOLD m2m m2m_parse_router_config cmd OS command injection vulnerabilities
|
2023-01-26
|
CVE-2022-42492,CVE-2022-42491,CVE-2022-42493,CVE-2022-42490
|
9.8
|
TALOS-2022-1607
|
Siretta QUARTZ-GOLD httpd delfile.cgi OS command injection vulnerability
|
2023-01-26
|
CVE-2022-40969
|
7.2
|
TALOS-2022-1612
|
Siretta QUARTZ-GOLD httpd txt/restore.cgi OS command injection vulnerability
|
2023-01-26
|
CVE-2022-40220
|
7.2
|
TALOS-2022-1686
|
Ghost Foundation Ghost Post Creation insecure default installation vulnerability
|
2023-01-19
|
CVE-2022-47197,CVE-2022-47195,CVE-2022-47194,CVE-2022-47196
|
9.0
|
TALOS-2022-1646
|
Mitsubishi Electric Corporation MELSEC iQ-FX5U webserver session identifier generation authentication bypass vulnerability
|
2023-01-18
|
CVE-2022-40267
|
7.1
|
TALOS-2022-1617
|
Qt Project Qt QML QtScript Reflect API integer overflow vulnerability
|
2023-01-12
|
CVE-2022-40983
|
8.8
|
TALOS-2022-1650
|
Qt Project Qt QML QtScript Javascript spreading buffer overflow vulnerability
|
2023-01-12
|
CVE-2022-43591
|
8.8
|
TALOS-2022-1586
|
Asus RT-AX82U get_IFTTTTtoken.cgi authentication bypass vulnerability
|
2023-01-10
|
CVE-2022-35401
|
9.0
|
TALOS-2022-1592
|
Asus RT-AX82U cfg_server cm_processConnDiagPktList denial of service vulnerability
|
2023-01-10
|
CVE-2022-38393
|
7.5
|
TALOS-2022-1590
|
Asus RT-AX82U cfg_server cm_processREQ_NC information disclosure vulnerability
|
2023-01-10
|
CVE-2022-38105
|
7.5
|
TALOS-2022-1630
|
OpenImageIO RLE encoded BMP image out-of-bounds write vulnerability
|
2022-12-22
|
CVE-2022-38143
|
9.8
|
TALOS-2022-1655
|
OpenImageIO Project OpenImageIO IFFOutput alignment padding memory corruption vulnerability
|
2022-12-22
|
CVE-2022-43598,CVE-2022-43597
|
8.1
|
TALOS-2022-1657
|
OpenImageIO Project OpenImageIO ZfileOutput::close() denial of service vulnerability
|
2022-12-22
|
CVE-2022-43603
|
5.9
|
TALOS-2022-1634
|
OpenImageIO DDS scanline parsing code execution vulnerability
|
2022-12-22
|
CVE-2022-41838
|
9.8
|
TALOS-2022-1633
|
OpenImageIO TIFF tile pels decoding heap-based buffer overflow
|
2022-12-22
|
CVE-2022-41639
|
9.8
|
TALOS-2022-1632
|
OpenImageIO PSD format image file directory denial of service vulnerability
|
2022-12-22
|
CVE-2022-41684
|
7.5
|
TALOS-2022-1631
|
OpenImageIO TIFF file IPTC data information disclosure vulnerability
|
2022-12-22
|
CVE-2022-41649
|
7.5
|
TALOS-2022-1629
|
OpenImageIO RLA format rle span out-of-bounds read vulnerability
|
2022-12-22
|
CVE-2022-36354
|
5.3
|
TALOS-2022-1628
|
OpenImageIO TGA Format Stack Buffer Overflow Vulnerability
|
2022-12-22
|
CVE-2022-41981
|
8.1
|
TALOS-2022-1653
|
OpenImageIO Project OpenImageIO Image Output Close denial of service vulnerability
|
2022-12-22
|
CVE-2022-43594,CVE-2022-43595
|
5.9
|
TALOS-2022-1656
|
OpenImageIO Project OpenImageIO IFFOutput wild write vulnerability
|
2022-12-22
|
CVE-2022-43601,CVE-2022-43600,CVE-2022-43599,CVE-2022-43602
|
8.1
|
TALOS-2022-1654
|
OpenImageIO Project OpenImageIO IFFOutput channel interleaving information disclosure vulnerability
|
2022-12-22
|
CVE-2022-43596
|
5.9
|
TALOS-2022-1626
|
OpenImageIO PSD thumbnail resource code execution vulnerability
|
2022-12-22
|
CVE-2022-41794
|
9.8
|
TALOS-2022-1652
|
OpenImageIO Project OpenImageIO DPXOutput::close() denial of service vulnerability
|
2022-12-22
|
CVE-2022-43593
|
5.9
|
TALOS-2022-1627
|
OpenImageIO TIFF file string field information disclosure vulnerability
|
2022-12-22
|
CVE-2022-41977
|
5.3
|
TALOS-2022-1651
|
OpenImageIO Project OpenImageIO DPXOutput::close() information disclosure vulnerability
|
2022-12-22
|
CVE-2022-43592
|
5.9
|
TALOS-2022-1643
|
OpenImageIO TIFF IPTC decoding information disclosure vulnerability
|
2022-12-22
|
CVE-2022-41988
|
5.3
|
TALOS-2022-1636
|
OpenImageIO Exif out-of-bounds write vulnerability
|
2022-12-22
|
CVE-2022-41837
|
9.8
|
TALOS-2022-1635
|
OpenImageIO DDS native tile reading denial of service vulnerability
|
2022-12-22
|
CVE-2022-41999
|
7.5
|
TALOS-2022-1625
|
Ghost user enumeration vulnerablity
|
2022-12-21
|
CVE-2022-41697
|
5.3
|
TALOS-2022-1624
|
Ghost unauthorized newsletter modification vulnerability
|
2022-12-21
|
CVE-2022-41654
|
9.6
|
TALOS-2022-1589
|
OpenStack Kolla sudo privilege escalation vulnerability
|
2022-12-20
|
CVE-2022-38060
|
8.8
|
TALOS-2022-1599
|
OpenStack oslo.privsep privilege escalation vulnerability
|
2022-12-20
|
CVE-2022-38065
|
8.8
|
TALOS-2022-1588
|
VMware vCenter Server Content Library denial of service vulnerability
|
2022-12-13
|
CVE-2022-31698
|
8.6
|
TALOS-2022-1644
|
PowerISO VHD File Format parsing CXSPARSE record memory corruption vulnerability
|
2022-12-07
|
CVE-2022-41992
|
7.8
|
TALOS-2022-1603
|
NVIDIA D3D10 Driver Shader Functionality MOV instruction memory corruption vulnerability
|
2022-12-06
|
CVE-2022-34671
|
8.5
|
TALOS-2022-1604
|
NVIDIA D3D10 Driver Shader Functionality DCL_INDEXRANGE instruction memory corruption vulnerability
|
2022-12-06
|
CVE-2022-34671
|
8.5
|
TALOS-2022-1529
|
Lansweeper lansweeper HelpdeskActions.aspx edittemplate directory traversal vulnerability
|
2022-12-01
|
CVE-2022-29517
|
9.9
|
TALOS-2022-1531
|
Lansweeper lansweeper TicketTemplateActions.aspx GetTemplateAttachment directory traversal vulnerability
|
2022-12-01
|
CVE-2022-27498
|
9.1
|
TALOS-2022-1532
|
Lansweeper lansweeper HdConfigActions.aspx altertextlanguages stored cross-site scripting vulnerability
|
2022-12-01
|
CVE-2022-28703
|
9.1
|
TALOS-2022-1541
|
Lansweeper lansweeper SanitizeHtml cross-site scripting (XSS) vulnerability
|
2022-12-01
|
CVE-2022-32763
|
9.1
|
TALOS-2022-1530
|
Lansweeper lansweeper KnowledgebasePageActions.aspx ImportArticles directory traversal vulnerability
|
2022-12-01
|
CVE-2022-29511
|
9.1
|
TALOS-2022-1528
|
Lansweeper lansweeper AssetActions.aspx directory traversal vulnerability
|
2022-12-01
|
CVE-2022-32573
|
9.9
|
TALOS-2022-1648
|
Callback technologies CBFS Filter handle_ioctl_8314C null pointer dereference vulnerability
|
2022-11-22
|
CVE-2022-43589
|
6.2
|
TALOS-2022-1647
|
Callback technologies CBFS Filter handle_ioctl_83150 null pointer dereference vulnerability
|
2022-11-22
|
CVE-2022-43588
|
6.2
|
TALOS-2022-1649
|
Callback technologies CBFS Filter handle_ioctl_0x830a0_systembuffer null pointer dereference vulnerability
|
2022-11-22
|
CVE-2022-43590
|
6.2
|
TALOS-2022-1591
|
Microsoft Office class attribute double-free vulnerability
|
2022-11-15
|
CVE-2022-41106
|
7.8
|
TALOS-2022-1614
|
Foxit Reader Optional Content Group use-after-free vulnerability
|
2022-11-10
|
CVE-2022-40129
|
8.8
|
TALOS-2022-1601
|
Foxit Reader annotation destroy use-after-free vulnerability
|
2022-11-10
|
CVE-2022-38097
|
8.8
|
TALOS-2022-1600
|
Foxit Reader deletePages Field Calculate use-after-free vulnerability
|
2022-11-10
|
CVE-2022-32774
|
8.8
|
TALOS-2022-1602
|
Foxit Reader openPlayer use-after-free vulnerability
|
2022-11-10
|
CVE-2022-37332
|
8.8
|
TALOS-2022-1522
|
InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability
|
2022-10-27
|
CVE-2022-29888
|
6.5
|
TALOS-2022-1519
|
InHand Networks InRouter302 console infct leftover debug code vulnerability
|
2022-10-27
|
CVE-2022-30543
|
4.3
|
TALOS-2022-1544
|
Accusoft ImageGear PICT parsing pctwread_14841 out-of-bounds write vulnerability
|
2022-10-27
|
CVE-2022-32588
|
9.8
|
TALOS-2022-1523
|
InHand Networks InRouter302 Incorrect fixes privilege escalation vulnerability
|
2022-10-27
|
CVE-2022-25932
|
7.4
|
TALOS-2022-1521
|
InHand Networks InRouter302 console support leftover debug code vulnerability
|
2022-10-27
|
CVE-2022-28689
|
6.5
|
TALOS-2022-1518
|
InHand Networks InRouter302 console nvram leftover debug code vulnerability
|
2022-10-27
|
CVE-2022-29481
|
4.9
|
TALOS-2022-1520
|
InHand Networks InRouter302 console verify leftover debug code vulnerability
|
2022-10-27
|
CVE-2022-26023
|
6.5
|
TALOS-2022-1562
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/iperf OS command injection vulnerability
|
2022-10-20
|
CVE-2022-30603
|
10.0
|
TALOS-2022-1556
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug OS Command Injection vulnerability
|
2022-10-20
|
CVE-2022-32773
|
10.0
|
TALOS-2022-1563
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost OS command injection vulnerability
|
2022-10-20
|
CVE-2022-32586
|
8.0
|
TALOS-2022-1553
|
Abode Systems, Inc. iota All-In-One Security Kit XFINDER information disclosure vulnerability
|
2022-10-20
|
CVE-2022-29475
|
4.7
|
TALOS-2022-1554
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/factory* authentication bypass vulnerability
|
2022-10-20
|
CVE-2022-29477
|
8.6
|
TALOS-2022-1567
|
Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_abode_code OS command injection vulnerability
|
2022-10-20
|
CVE-2022-27804
|
8.0
|
TALOS-2022-1561
|
Abode Systems, Inc. iota All-In-One Security Kit console_main_loop :sys OS command injection vulnerability
|
2022-10-20
|
CVE-2022-29520
|
8.1
|
TALOS-2022-1566
|
Abode Systems, Inc. iota All-In-One Security Kit web interface util_set_serial_mac OS command injection vulnerability
|
2022-10-20
|
CVE-2022-29472
|
10.0
|
TALOS-2022-1568
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect OS command injection vulnerabilities
|
2022-10-20
|
CVE-2022-33205,CVE-2022-33204,CVE-2022-33206,CVE-2022-33207
|
10.0
|
TALOS-2022-1584
|
Abode Systems, Inc. iota All-In-One Security Kit ghome_process_control_packet format string injection vulnerability
|
2022-10-20
|
CVE-2022-33938
|
8.2
|
TALOS-2022-1583
|
Abode Systems, Inc. iota All-In-One Security Kit UPnP logging format string injection vulnerabilities
|
2022-10-20
|
CVE-2022-35879,CVE-2022-35878,CVE-2022-35881,CVE-2022-35880
|
7.1
|
TALOS-2022-1557
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD setUPnP OS command injection vulnerability
|
2022-10-20
|
CVE-2022-30541
|
10.0
|
TALOS-2022-1564
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamRecordPost integer overflow vulnerability
|
2022-10-20
|
CVE-2022-32775
|
9.0
|
TALOS-2022-1555
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug denial of service vulnerability
|
2022-10-20
|
CVE-2022-32760
|
8.6
|
TALOS-2022-1565
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/ipcamSetParamPost double-free vulnerability
|
2022-10-20
|
CVE-2022-32574
|
7.5
|
TALOS-2022-1585
|
Abode Systems, Inc. iota All-In-One Security Kit web interface /action/wirelessConnect format string injection vulnerabilities
|
2022-10-20
|
CVE-2022-35885,CVE-2022-35886,CVE-2022-35884,CVE-2022-35887
|
8.2
|
TALOS-2022-1569
|
Abode Systems, Inc. iota All-In-One Security Kit telnet hard-coded password vulnerability
|
2022-10-20
|
CVE-2022-29889
|
9.8
|
TALOS-2022-1581
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP format string injection vulnerabilities
|
2022-10-20
|
CVE-2022-35877,CVE-2022-35874,CVE-2022-35875,CVE-2022-35876
|
8.2
|
TALOS-2022-1582
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD getVarHA memory corruption vulnerability
|
2022-10-20
|
CVE-2022-35244
|
9.8
|
TALOS-2022-1552
|
Abode Systems, Inc. iota All-In-One Security Kit GHOME control authentication bypass vulnerability
|
2022-10-20
|
CVE-2022-27805
|
9.8
|
TALOS-2022-1558
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability
|
2022-10-20
|
CVE-2022-33189
|
10.0
|
TALOS-2022-1559
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD testWifiAP OS command injection vulnerabilities
|
2022-10-20
|
CVE-2022-33194,CVE-2022-33195,CVE-2022-33193,CVE-2022-33192
|
10.0
|
TALOS-2022-1560
|
Abode Systems, Inc. iota All-In-One Security Kit XCMD setIPCam stack-based buffer overflow vulnerability
|
2022-10-20
|
CVE-2022-32454
|
10.0
|
TALOS-2022-1580
|
Robustel R1510 sysupgrade firmware update vulnerability
|
2022-10-14
|
CVE-2022-34845
|
6.7
|
TALOS-2022-1578
|
Robustel R1510 web_server /action/import_authorized_keys/ OS command injection vulnerability
|
2022-10-14
|
CVE-2022-34850
|
9.1
|
TALOS-2022-1579
|
Robustel R1510 web_server /ajax/remove/ directory traversal vulnerability
|
2022-10-14
|
CVE-2022-33897
|
4.9
|
TALOS-2022-1575
|
Robustel R1510 web_server hashFirst denial of service vulnerability
|
2022-10-14
|
CVE-2022-35266,CVE-2022-35265,CVE-2022-35267,CVE-2022-35262,CVE-2022-35261,CVE-2022-35264,CVE-2022-35263,CVE-2022-35271,CVE-2022-35270,CVE-2022-35269,CVE-2022-35268
|
4.9
|
TALOS-2022-1576
|
Robustel R1510 sysupgrade command injection OS command injection vulnerability
|
2022-10-14
|
CVE-2022-32765
|
9.1
|
TALOS-2022-1577
|
Robustel R1510 js_package install OS command injection vulnerability
|
2022-10-14
|
CVE-2022-33150
|
9.1
|
TALOS-2022-1587
|
VMware vCenter Server Platform Services Controller Unsafe Deserialization vulnerability
|
2022-10-10
|
CVE-2022-31680
|
8.7
|
TALOS-2022-1574
|
Hancom Office 2020 Hword Docx XML parsing heap underflow vulnerability
|
2022-10-04
|
CVE-2022-33896
|
7.8
|
TALOS-2022-1517
|
uClibC and uClibC-ng libpthread linuxthreads memory corruption vulnerabilities
|
2022-09-22
|
CVE-2022-29503
|
8.1
|
TALOS-2022-1497
|
Microsoft Azure Sphere /proc/fdt mmap operation out-of-bounds read vulnerability
|
2022-08-17
|
CVE-2022-35821
|
4.4
|
TALOS-2022-1537
|
WWBN AVideo charts tab selection cross-site scripting (XSS) vulnerability
|
2022-08-16
|
CVE-2022-26842
|
9.6
|
TALOS-2022-1549
|
WWBN AVideo aVideoEncoderReceiveImage information disclosure vulnerability
|
2022-08-16
|
CVE-2022-32761
|
6.5
|
TALOS-2022-1550
|
WWBN AVideo chunkFile information disclosure vulnerability
|
2022-08-16
|
CVE-2022-28710
|
6.5
|
TALOS-2022-1486
|
HDF5 Group libhdf5 gif2h5 out-of-bounds read vulnerability
|
2022-08-16
|
CVE-2022-25942
|
7.8
|
TALOS-2022-1535
|
WWBN AVideo session id privilege escalation vulnerability
|
2022-08-16
|
CVE-2022-30605
|
8.8
|
TALOS-2022-1540
|
WWBN AVideo videoAddNew cross-site scripting (XSS) vulnerability
|
2022-08-16
|
CVE-2022-28712
|
9.0
|
TALOS-2022-1538
|
WWBN AVideo footer alerts cross-site scripting (XSS) vulnerability
|
2022-08-16
|
CVE-2022-32770,CVE-2022-32772,CVE-2022-32771
|
9.6
|
TALOS-2022-1542
|
WWBN AVideo cookie information disclosure vulnerability
|
2022-08-16
|
CVE-2022-32777,CVE-2022-32778
|
7.5
|
TALOS-2022-1547
|
WWBN AVideo aVideoEncoder unzipDirectory directory traversal vulnerability
|
2022-08-16
|
CVE-2022-30547
|
9.9
|
TALOS-2022-1487
|
HDF5 Group libhdf5 gif2h5 heap-based buffer overflow vulnerability
|
2022-08-16
|
CVE-2022-26061
|
7.8
|
TALOS-2022-1515
|
Microsoft DirectComposition GetWeakReferenceBase null pointer dereference vulnerability
|
2022-08-16
|
CVE-2022-40733
|
5.0
|
TALOS-2022-1551
|
WWBN AVideo ObjectYPT SQL injection vulnerability
|
2022-08-16
|
CVE-2022-33147,CVE-2022-34652,CVE-2022-33149,CVE-2022-33148
|
8.3
|
TALOS-2022-1545
|
WWBN AVideo password hash improper authentication vulnerability
|
2022-08-16
|
CVE-2022-32282
|
7.2
|
TALOS-2022-1548
|
WWBN AVideo aVideoEncoder wget OS command injection vulnerability
|
2022-08-16
|
CVE-2022-32572
|
9.9
|
TALOS-2022-1534
|
WWBN AVideo all cross-site request forgery (csrf) vulnerability
|
2022-08-16
|
CVE-2022-29468
|
8.8
|
TALOS-2022-1536
|
WWBN AVideo objects id handling authentication bypass vulnerability
|
2022-08-16
|
CVE-2022-32768,CVE-2022-32769
|
4.8
|
TALOS-2022-1514
|
Microsoft DirectComposition CCompositionSurfaceBitmapMarshaler null pointer dereference vulnerability
|
2022-08-16
|
CVE-2022-40732
|
5.0
|
TALOS-2022-1546
|
WWBN AVideo aVideoEncoder chunkfile OS command injection vulnerability
|
2022-08-16
|
CVE-2022-30534
|
9.9
|
TALOS-2022-1539
|
WWBN AVideo image403 cross-site scripting (XSS) vulnerability
|
2022-08-16
|
CVE-2022-30690
|
9.6
|
TALOS-2022-1485
|
HDF5 Group libhdf5 gif2h5 out-of-bounds write vulnerability
|
2022-08-16
|
CVE-2022-25972
|
7.8
|
TALOS-2022-1527
|
ESTsoft Alyac OLE header parsing integer overflow
|
2022-08-03
|
CVE-2022-32543
|
7.3
|
TALOS-2022-1533
|
ESTsoft Alyac OLE header Mini FAT sectors integer overflow
|
2022-08-03
|
CVE-2022-29886
|
7.3
|
TALOS-2022-1463
|
TCL LinkHub Mesh Wifi GetValue buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-24021,CVE-2022-24011,CVE-2022-24028,CVE-2022-24023,CVE-2022-24026,CVE-2022-24016,CVE-2022-24005,CVE-2022-24019,CVE-2022-24029,CVE-2022-24007,CVE-2022-24017,CVE-2022-24008,CVE-2022-24006,CVE-2022-24013,CVE-2022-24009,CVE-2022-24010,CVE-2022-24020,CVE-2022-24015,CVE-2022-24012,CVE-2022-24022,CVE-2022-24014,CVE-2022-24027,CVE-2022-24025,CVE-2022-24018,CVE-2022-24024
|
9.6
|
TALOS-2022-1459
|
TCL LinkHub Mesh Wifi libcommonprod.so prod_change_root_passwd hard-coded password vulnerability
|
2022-08-01
|
CVE-2022-22144
|
7.5
|
TALOS-2022-1484
|
TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-26342
|
8.8
|
TALOS-2022-1462
|
TCL LinkHub Mesh Wi-Fi confsrv confctl_set_app_language stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-23103
|
8.8
|
TALOS-2022-1507
|
TCL LinkHub Mesh Wifi ucloud_del_node denial of service vulnerability
|
2022-08-01
|
CVE-2022-26346
|
9.6
|
TALOS-2022-1502
|
TCL LinkHub Mesh Wifi confctl_set_guest_wlan denial of service vulnerability
|
2022-08-01
|
CVE-2022-27660
|
9.3
|
TALOS-2022-1455
|
TCL LinkHub Mesh Wifi confsrv set_mf_rule stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-23919,CVE-2022-23918
|
8.8
|
TALOS-2022-1458
|
TCL LinkHub Mesh Wifi confsrv ucloud_add_node OS command injection vulnerability
|
2022-08-01
|
CVE-2022-22140
|
9.6
|
TALOS-2022-1483
|
TCL LinkHub Mesh Wi-Fi confsrv ucloud_set_node_location stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-26009
|
8.8
|
TALOS-2022-1504
|
TCL LinkHub Mesh Wifi confctl_get_master_wlan information disclosure vulnerability
|
2022-08-01
|
CVE-2022-27630
|
6.5
|
TALOS-2022-1456
|
TCL LinkHub Mesh Wifi confers ucloud_add_node_new stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-21201
|
8.8
|
TALOS-2022-1482
|
TCL LinkHub Mesh Wi-Fi confsrv addTimeGroup stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-25996
|
8.8
|
TALOS-2022-1457
|
TCL LinkHub Mesh Wifi confsrv ucloud_add_node_new OS command injection vulnerability
|
2022-08-01
|
CVE-2022-21178
|
9.6
|
TALOS-2022-1503
|
TCL LinkHub Mesh Wifi confctl_get_guest_wlan information disclosure vulnerability
|
2022-08-01
|
CVE-2022-27633
|
6.5
|
TALOS-2022-1454
|
TCL LinkHub Mesh Wifi confsrv set_port_fwd_rule stack-based buffer overflow vulnerability
|
2022-08-01
|
CVE-2022-23399
|
8.8
|
TALOS-2022-1506
|
TCL LinkHub Mesh Wi-Fi confctl_set_wan_cfg denial of service vulnerability
|
2022-08-01
|
CVE-2022-27178
|
9.6
|
TALOS-2022-1505
|
TCL LinkHub Mesh Wifi confctl_set_master_wlan denial of service vulnerability
|
2022-08-01
|
CVE-2022-27185
|
9.3
|
TALOS-2022-1511
|
Asuswrt and Asuswrt-Merlin New Gen httpd unescape memory corruption vulnerability
|
2022-07-27
|
CVE-2022-26376
|
5.3
|
TALOS-2022-1510
|
DD-WRT httpd unescape memory corruption vulnerability
|
2022-07-27
|
CVE-2022-27631
|
5.3
|
TALOS-2022-1509
|
FreshTomato httpd unescape memory corruption vulnerability
|
2022-07-27
|
CVE-2022-28665,CVE-2022-28664
|
5.3
|
TALOS-2022-1526
|
Accusoft ImageGear PSD Header processing memory allocation out-of-bounds write vulnerability
|
2022-07-18
|
CVE-2022-29465
|
8.1
|
TALOS-2022-1508
|
Google Chrome WebGPU DoBufferDestroy kDirect allocation use-after-free vulnerability
|
2022-07-14
|
CVE-2022-2399
|
8.3
|
TALOS-2022-1525
|
Adobe Acrobat Reader DC event value use-after-free
|
2022-07-13
|
CVE-2022-34230
|
8.8
|
TALOS-2022-1516
|
Adobe Acrobat Reader DC overlapping annotations type confusion vulnerability
|
2022-07-13
|
CVE-2022-34221
|
8.8
|
TALOS-2022-1570
|
Robustel R1510 clish art2 command execution vulnerability
|
2022-06-30
|
CVE-2022-32585
|
9.1
|
TALOS-2022-1572
|
Robustel R1510 web_server action endpoints OS command injection vulnerabilities
|
2022-06-30
|
CVE-2022-33312,CVE-2022-33313,CVE-2022-33314
|
9.1
|
TALOS-2022-1571
|
Robustel R1510 web_server /action/remove/ API data removal vulnerability
|
2022-06-30
|
CVE-2022-28127
|
8.7
|
TALOS-2022-1573
|
Robustel R1510 web_server ajax endpoints OS command injection vulnerabilities
|
2022-06-30
|
CVE-2022-33326,CVE-2022-33329,CVE-2022-33327,CVE-2022-33325,CVE-2022-33328
|
9.1
|
TALOS-2022-1440
|
Anker Eufy Homebase 2 mips_collector appsrv_server use-after-free vulnerability
|
2022-06-15
|
CVE-2022-21806
|
10.0
|
TALOS-2022-1524
|
Blynk Blynk-Library BlynkConsole.h runCommand stack-based buffer overflow vulnerability
|
2022-06-15
|
CVE-2022-29496
|
9.0
|
TALOS-2022-1461
|
Bachmann Visutec GmbH Atvise License registration information disclosure vulnerability
|
2022-06-15
|
CVE-2022-21184
|
5.9
|
TALOS-2022-1493
|
Open Automation Software Platform Engine SecureTransferFiles file write vulnerability
|
2022-05-25
|
CVE-2022-26082
|
9.1
|
TALOS-2022-1494
|
Open Automation Software Platform Engine SecureBrowseFile information disclosure vulnerability
|
2022-05-25
|
CVE-2022-27169
|
7.5
|
TALOS-2022-1488
|
Open Automation Software Platform Engine SecureAddUser External config control vulnerability
|
2022-05-25
|
CVE-2022-26303
|
7.5
|
TALOS-2022-1491
|
Open Automation Software Platform Engine SecureConfigValues denial of service vulnerability
|
2022-05-25
|
CVE-2022-26026
|
7.5
|
TALOS-2022-1489
|
Open Automation Software Platform Engine SecureAddSecurity external config control vulnerability
|
2022-05-25
|
CVE-2022-26043
|
7.5
|
TALOS-2022-1490
|
Open Automation Software Platform Engine cleartext transmission of sensitive information vulnerability
|
2022-05-25
|
CVE-2022-26077
|
7.5
|
TALOS-2022-1513
|
Open Automation Software OAS Platform REST API unauthenticated vulnerability
|
2022-05-25
|
CVE-2022-26833
|
9.4
|
TALOS-2022-1492
|
Open Automation Software Platform Engine SecureTransferFiles information disclosure vulnerability
|
2022-05-25
|
CVE-2022-26067
|
4.9
|
TALOS-2021-1438
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_RESOURCE_STRUCTURED memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28182
|
8.5
|
TALOS-2021-1436
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXRANGE memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28182
|
8.5
|
TALOS-2021-1435
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_INDEXABLE memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28181
|
8.5
|
TALOS-2021-1437
|
NVIDIA nvwgf2umx_cfg.dll shader DCL_UNORDERED_ACCESS_VIEW_STRUCTURED memory corruption vulnerability
|
2022-05-17
|
CVE-2022-28182
|
8.5
|
TALOS-2022-1478
|
InHand Networks InRouter302 daretools binary OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26042
|
9.9
|
TALOS-2022-1501
|
InHand Networks InRouter302 console infactory_net command injection vulnerability
|
2022-05-10
|
CVE-2022-26518
|
9.9
|
TALOS-2022-1475
|
InHand Networks InRouter302 console factory OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26007
|
9.1
|
TALOS-2022-1469
|
InHand Networks InRouter302 info.jsp cross-site scripting (XSS) vulnerability
|
2022-05-10
|
CVE-2022-21238
|
5.4
|
TALOS-2022-1481
|
InHand Networks InRouter302 libnvram.so nvram_import improper input validation vulnerabilities
|
2022-05-10
|
CVE-2022-26780,CVE-2022-26781,CVE-2022-26782
|
9.9
|
TALOS-2022-1476
|
InHand Networks InRouter302 console factory stack-based buffer overflow vulnerability
|
2022-05-10
|
CVE-2022-26002
|
9.1
|
TALOS-2022-1472
|
InHand Networks InRouter302 router configuration import privilege escalation vulnerability
|
2022-05-10
|
CVE-2022-21182
|
7.4
|
TALOS-2022-1452
|
ESTsoft Alyac PE section headers out of bounds read
|
2022-05-10
|
CVE-2022-21147
|
5.0
|
TALOS-2022-1468
|
InHand Networks InRouter302 httpd upload.cgi file write vulnerability
|
2022-05-10
|
CVE-2022-21809
|
9.9
|
TALOS-2022-1499
|
InHand Networks InRouter302 console infactory_port OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26420
|
9.9
|
TALOS-2022-1473
|
InHand Networks InRouter302 httpd wlscan_ASP OS command injection vulnerability
|
2022-05-10
|
CVE-2022-26085
|
9.9
|
TALOS-2022-1474
|
InHand Networks InRouter302 router configuration export information disclosure vulnerability
|
2022-05-10
|
CVE-2022-26020
|
6.3
|
TALOS-2022-1477
|
InHand Networks InRouter302 console inhand command execution vulnerability
|
2022-05-10
|
CVE-2022-25995
|
9.9
|
TALOS-2022-1470
|
InHand Networks InRouter302 web interface session cookie information disclosure vulnerability
|
2022-05-10
|
CVE-2022-25172
|
7.5
|
TALOS-2022-1495
|
InHand Networks InRouter302 iburn firmware checks firmware update vulnerability
|
2022-05-10
|
CVE-2022-26510
|
9.9
|
TALOS-2022-1471
|
InHand Networks InRouter302 httpd parse_ping_result API buffer overflow vulnerability
|
2022-05-10
|
CVE-2022-24910
|
8.2
|
TALOS-2022-1500
|
InHand Networks InRouter302 console infactory_wlan command injection vulnerability
|
2022-05-10
|
CVE-2022-26075
|
9.9
|
TALOS-2022-1496
|
InHand Networks InRouter302 console infactory hard-coded password vulnerability
|
2022-05-10
|
CVE-2022-27172
|
4.3
|
TALOS-2021-1412
|
WPS Office HtmTableAlt use-after-free vulnerability
|
2022-05-09
|
CVE-2021-40399
|
8.8
|
TALOS-2022-1480
|
Anker Eufy Homebase 2 libxm_av.so DemuxCmdInBuffer buffer overflow vulnerability
|
2022-05-05
|
CVE-2022-26073
|
7.4
|
TALOS-2022-1479
|
Anker Eufy Homebase 2 libxm_av.so getpeermac() authentication bypass vulnerability
|
2022-05-05
|
CVE-2022-25989
|
7.1
|
TALOS-2022-1449
|
Accusoft ImageGear ioca_mys_rgb_allocate memory corruption vulnerability
|
2022-05-02
|
CVE-2022-22137
|
9.8
|
TALOS-2022-1465
|
Accusoft ImageGear IGXMPXMLParser::parseDelimiter stack-based buffer overflow vulnerability
|
2022-05-02
|
CVE-2022-23400
|
7.1
|
TALOS-2022-1512
|
ArduPilot APWeb cgi.c unescape memory corruption vulnerability
|
2022-04-14
|
CVE-2022-28711
|
5.3
|
TALOS-2021-1411
|
Accusoft ImageGear parse_raster_data out-of-bounds write vulnerability
|
2022-03-31
|
CVE-2021-40398
|
8.1
|
TALOS-2021-1434
|
Sound Exchange libsox sphere.c start_read() heap-based buffer overflow vulnerability
|
2022-03-23
|
CVE-2021-40426
|
10.0
|
TALOS-2022-1464
|
Leadtools fltSaveCMP integer overflow vulnerability
|
2022-03-15
|
CVE-2022-21154
|
8.8
|
TALOS-2021-1433
|
Webroot Secure Anywhere IOCTL GetProcessCommand and B_03 out-of-bounds read vulnerability
|
2022-03-15
|
CVE-2021-40425,CVE-2021-40424
|
7.1
|
TALOS-2022-1441
|
Lansweeper lansweeper HelpdeskSetupActions SQL injection vulnerability
|
2022-02-28
|
CVE-2022-22149
|
9.1
|
TALOS-2021-1416
|
Gerbv RS-274X aperture macro multiple outline primitives out-of-bounds read vulnerability
|
2022-02-28
|
CVE-2021-40402
|
9.3
|
TALOS-2021-1431
|
Swift Sensors Gateway device password generation authentication bypass vulnerability
|
2022-02-28
|
CVE-2021-40422
|
10.0
|
TALOS-2022-1443
|
Lansweeper lansweeper EchoAssets.aspx SQL injection vulnerability
|
2022-02-28
|
CVE-2022-21234
|
9.1
|
TALOS-2021-1413
|
Gerbv RS-274X aperture macro outline primitive out-of-bounds read vulnerability
|
2022-02-28
|
CVE-2021-40400
|
9.3
|
TALOS-2022-1467
|
MZ Automation GmbH libiec61850 parseNormalModeParameters denial of service vulnerability
|
2022-02-28
|
CVE-2022-21159
|
7.5
|
TALOS-2022-1444
|
Lansweeper lansweeper AssetActions.aspx SQL injection vulnerability
|
2022-02-28
|
CVE-2022-21210
|
6.6
|
TALOS-2022-1442
|
Lansweeper WebUserActions.aspx Stored XSS vulnerability
|
2022-02-28
|
CVE-2022-21145
|
9.1
|
TALOS-2021-1373
|
Accusoft ImageGear XWD parser::xwdread_pixmapformat_0_or_1 heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21943
|
9.8
|
TALOS-2021-1362
|
Accusoft ImageGear DecoderStream::Append heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21914
|
9.8
|
TALOS-2021-1371
|
Accusoft ImageGear TIFF YCbCr image parser out-of-bounds write vulnerability
|
2022-02-23
|
CVE-2021-21942
|
9.8
|
TALOS-2021-1368
|
Accusoft ImageGear XWD parser heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21939
|
9.8
|
TALOS-2021-1367
|
Accusoft ImageGear Palette box parser heap-based buffer overflow vulnerability
|
2022-02-23
|
CVE-2021-21938
|
9.8
|
TALOS-2021-1375
|
Accusoft ImageGear JPEG-JFIF lossless Huffman parser heap-based buffer overflow vulnerabilities
|
2022-02-23
|
CVE-2021-21947,CVE-2021-21946
|
9.8
|
TALOS-2021-1374
|
Accusoft ImageGear TIFF parser heap-based buffer overflow vulnerabilities
|
2022-02-23
|
CVE-2021-21945,CVE-2021-21944
|
9.8
|
TALOS-2021-1377
|
Accusoft ImageGear JPEG-JFIF Scan header parser out-of-bounds write vulnerability
|
2022-02-23
|
CVE-2021-21949
|
9.8
|
TALOS-2022-1453
|
KiCad EDA Gerber Viewer gerber and excellon coordinates parsing stack-based buffer overflow vulnerability
|
2022-02-16
|
CVE-2022-23804,CVE-2022-23803
|
7.8
|
TALOS-2022-1460
|
KiCad EDA Gerber Viewer gerber and excellon GCode/Dcode parsing stack-based buffer overflow vulnerability
|
2022-02-16
|
CVE-2022-23947,CVE-2022-23946
|
7.8
|
TALOS-2021-1393
|
Texas Instruments CC3200 SimpleLink Solution HTTP Server /ping.html information disclosure vulnerability
|
2022-02-15
|
CVE-2021-21966
|
5.3
|
TALOS-2021-1386
|
Hancom Office 2020 Hword HwordApp.dll SectorLoc heap-based buffer overflow
|
2022-02-15
|
CVE-2021-21958
|
7.8
|
TALOS-2021-1401
|
Moxa MXView Series Web Application authentication bypass vulnerability
|
2022-02-11
|
CVE-2021-40390
|
10.0
|
TALOS-2021-1403
|
Moxa MXView Series Web Application information disclosure vulnerability
|
2022-02-11
|
CVE-2021-40392
|
5.3
|
TALOS-2021-1396
|
Sealevel Systems, Inc. SeaConnect 370W HandleSeaCloudMessage out-of-bounds write vulnerabilities
|
2022-02-01
|
CVE-2021-21970,CVE-2021-21969
|
3.7
|
TALOS-2021-1397
|
Sealevel Systems, Inc. SeaConnect 370W URL_decode out-of-bounds write vulnerability
|
2022-02-01
|
CVE-2021-21971
|
3.7
|
TALOS-2021-1389
|
Sealevel Systems, Inc. SeaConnect 370W LLMNR/NBNS stack-based buffer overflow vulnerabilities
|
2022-02-01
|
CVE-2021-21960,CVE-2021-21961
|
10.0
|
TALOS-2021-1395
|
Sealevel Systems, Inc. SeaConnect 370W OTA update task file overwrite vulnerability
|
2022-02-01
|
CVE-2021-21968
|
8.1
|
TALOS-2021-1391
|
Sealevel Systems, Inc. SeaConnect 370W Web Server information disclosure vulnerability
|
2022-02-01
|
CVE-2021-21963
|
7.4
|
TALOS-2021-1390
|
Sealevel Systems, Inc. SeaConnect 370W OTA Update "u-download" heap-based buffer overflow vulnerability
|
2022-02-01
|
CVE-2021-21962
|
9.0
|
TALOS-2021-1406
|
Eclipse Foundation Paho MQTTClient-C library readPacket out-of-bounds write vulnerability
|
2022-02-01
|
CVE-2021-41036
|
9.8
|
TALOS-2021-1394
|
Sealevel Systems, Inc. SeaConnect 370W OTA update task out-of-bounds write vulnerability
|
2022-02-01
|
CVE-2021-21967
|
6.5
|
TALOS-2021-1392
|
Sealevel Systems, Inc. SeaConnect 370W Modbus/SeaMAX Remote Configuration denial of service vulnerabilities
|
2022-02-01
|
CVE-2021-21965,CVE-2021-21964
|
8.6
|
TALOS-2021-1388
|
Sealevel Systems, Inc. SeaConnect 370W MQTTS Certificate Validation vulnerability
|
2022-02-01
|
CVE-2021-21959
|
7.7
|
TALOS-2021-1417
|
Gerbv pick-and-place rotation parsing use of uninitialized variable vulnerability
|
2022-01-31
|
CVE-2021-40403
|
5.8
|
TALOS-2022-1439
|
Foxit Reader getPageNthWordQuads mishandled exception vulnerability
|
2022-01-31
|
CVE-2022-22150
|
8.8
|
TALOS-2021-1429
|
Foxit Reader deletePages use-after-free vulnerability
|
2022-01-31
|
CVE-2021-40420
|
8.8
|
TALOS-2021-1415
|
Gerbv RS-274X aperture definition tokenization use-after-free vulnerability
|
2022-01-31
|
CVE-2021-40401
|
10.0
|
TALOS-2021-1398
|
Google Chrome MediaStreamTrackGenerator use after free vulnerability
|
2022-01-27
|
CVE-2021-38008
|
8.3
|
TALOS-2021-1425
|
Reolink RLC-410W cgiserver.cgi cgi_check_ability improper access control vulnerabilities
|
2022-01-26
|
CVE-2021-40413, CVE-2021-40414, CVE-2021-40415,CVE-2021-40416
|
7.1
|
TALOS-2022-1451
|
Reolink RLC-410W netserver parse_command_list memory corruption vulnerability
|
2022-01-26
|
CVE-2022-21796
|
9.3
|
TALOS-2022-1446
|
Reolink RLC-410W web server misconfiguration information disclosure vulnerability
|
2022-01-26
|
CVE-2022-21236
|
8.1
|
TALOS-2021-1422
|
Reolink RLC-410W cgiserver.cgi Upgrade API denial of service vulnerability
|
2022-01-26
|
CVE-2021-40405
|
7.7
|
TALOS-2022-1445
|
Reolink RLC-410W device TestEmail out-of-bounds write vulnerability
|
2022-01-26
|
CVE-2022-21217
|
9.1
|
TALOS-2022-1447
|
Reolink RLC-410W "update" firmware checks firmware update vulnerability
|
2022-01-26
|
CVE-2022-21134
|
8.3
|
TALOS-2021-1424
|
Reolink RLC-410W device network settings OS command injection vulnerabilities
|
2022-01-26
|
CVE-2021-40407,CVE-2021-40408, CVE-2021-40409, CVE-2021-40410,CVE-2021-40411,CVE-2021-40412
|
9.1
|
TALOS-2021-1420
|
Reolink RLC-410W cgiserver.cgi Login authentication bypass vulnerability
|
2022-01-26
|
CVE-2021-40404
|
5.3
|
TALOS-2021-1432
|
Reolink RLC-410W cgiserver.cgi command parser denial of service vulnerability
|
2022-01-26
|
CVE-2021-40423
|
7.5
|
TALOS-2022-1450
|
Reolink RLC-410W netserver recv_command denial of service vulnerability
|
2022-01-26
|
CVE-2022-21801
|
8.6
|
TALOS-2021-1428
|
Reolink RLC-410W "factory" binary firmware update vulnerability
|
2022-01-26
|
CVE-2021-40419
|
10.0
|
TALOS-2022-1448
|
Reolink RLC-410W hardcoded TLS key information disclosure vulnerability
|
2022-01-26
|
CVE-2022-21199
|
7.5
|
TALOS-2021-1421
|
Reolink RLC-410W cgiserver.cgi JSON command parser denial of service vulnerabilities
|
2022-01-26
|
CVE-2021-44354,CVE-2021-44355, CVE-2021-44356, CVE-2021-44357, CVE-2021-44358, CVE-2021-44359, CVE-2021-44360, CVE-2021-44361, CVE-2021-44362, CVE-2021-44363, CVE-2021-44364, CVE-2021-44365, CVE-2021-44366, CVE-2021-44367, CVE-2021-44368, CVE-2021-44369, CVE-2021-44370, CVE-2021-44371, CVE-2021-44372, CVE-2021-44373, CVE-2021-44374, CVE-2021-44375, CVE-2021-44376, CVE-2021-44377, CVE-2021-44378, CVE-2021-44379, CVE-2021-44380, CVE-2021-44381, CVE-2021-44382, CVE-2021-44383, CVE-2021-44384, CVE-2021-44385, CVE-2021-44386, CVE-2021-44387, CVE-2021-44388, CVE-2021-44389, CVE-2021-44390, CVE-2021-44391, CVE-2021-44392, CVE-2021-44393, CVE-2021-44394, CVE-2021-44395, CVE-2021-44396, CVE-2021-44397, CVE-2021-44398, CVE-2021-44399, CVE-2021-44400,CVE-2021-44401, CVE-2021-44402,CVE-2021-44403,CVE-2021-44404,CVE-2021-44405, CVE-2021-44406, CVE-2021-44407, CVE-2021-44408, CVE-2021-44409, CVE-2021-44410, CVE-2021-44411, CVE-2021-44412, CVE-2021-44413, CVE-2021-44414, CVE-2021-44415, CVE-2021-44416, CVE-2021-44417, CVE-2021-44418, CVE-2021-44419
|
8.6
|
TALOS-2021-1423
|
Reolink RLC-410W cgiserver.cgi session creation denial of service vulnerability
|
2022-01-26
|
CVE-2021-40406
|
7.5
|
TALOS-2021-1414
|
Apple macOS ImageIO DDS image out-of-bounds read vulnerability
|
2022-01-25
|
CVE-2021-30939
|
5.3
|
TALOS-2021-1409
|
Advantech WISE-PaaS/OTA 3.0.9 Server installation privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40397
|
8.8
|
TALOS-2021-1400
|
Advantech DeviceOn/iEdge Server 1.0.2 privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40389
|
8.8
|
TALOS-2021-1408
|
Advantech DeviceOn/iService 1.1.7 Server installation privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40396
|
8.8
|
TALOS-2021-1399
|
Advantech SQ Manager Server 1.0.6 privilege escalation vulnerability
|
2022-01-18
|
CVE-2021-40388
|
8.8
|
TALOS-2021-1387
|
Adobe Acrobat Reader Javascript event.richValue use-after-free vulnerability
|
2022-01-11
|
CVE-2021-44710
|
8.8
|
TALOS-2021-1410
|
Adobe Acrobat Reader DC annotation gestures integer overflow vulnerability
|
2022-01-11
|
CVE-2021-44711
|
8.8
|
TALOS-2021-1372
|
Google Chrome WebRTC RTPSenderVideoFrameTransformerDelegate memory corruption vulnerability
|
2022-01-10
|
CVE-2021-37979
|
7.1
|
TALOS-2021-1376
|
AnyCubic Chitubox AnyCubic Plugin readDatHeadVec heap-based buffer overflow vulnerability
|
2022-01-10
|
CVE-2021-21948
|
7.8
|
TALOS-2021-1353
|
Garrett Metal Detectors iC Module CMA check_udp_crc memcpy stack-based buffer overflow vulnerability
|
2021-12-20
|
CVE-2021-21901
|
9.8
|
TALOS-2021-1358
|
Garrett Metal Detectors iC Module CMA CLI getenv command directory traversal vulnerability
|
2021-12-20
|
CVE-2021-21907
|
4.9
|
TALOS-2021-1355
|
Garrett Metal Detectors iC Module CMA check_udp_crc strcpy stack-based buffer overflow vulnerability
|
2021-12-20
|
CVE-2021-21903
|
9.8
|
TALOS-2021-1426
|
Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame decoding heap-based buffer overflow vulnerability
|
2021-12-20
|
CVE-2021-40417
|
9.8
|
TALOS-2021-1357
|
Garrett Metal Detectors iC Module CMA CLI readfile stack-based buffer overflow vulnerabilities
|
2021-12-20
|
CVE-2021-21905,CVE-2021-21906
|
8.2
|
TALOS-2021-1354
|
Garrett Metal Detectors iC Module CMA run_server_6877 authentication bypass vulnerability
|
2021-12-20
|
CVE-2021-21902
|
7.5
|
TALOS-2021-1356
|
Garrett Metal Detectors iC Module CMA CLI setenv command directory traversal vulnerability
|
2021-12-20
|
CVE-2021-21904
|
9.1
|
TALOS-2021-1359
|
Garrett Metal Detectors iC Module CMA CLI del[env] command directory traversal vulnerabilities
|
2021-12-20
|
CVE-2021-21908,CVE-2021-21909
|
6.0
|
TALOS-2021-1427
|
Blackmagic Design DaVinci Resolve R3D DPDecoder Service frame parsing uninitialized uuid object vulnerability
|
2021-12-20
|
CVE-2021-40418
|
9.8
|
TALOS-2021-1404
|
Gerbv RS-274X format aperture macro variables out-of-bounds write vulnerability
|
2021-12-06
|
CVE-2021-40393
|
10.0
|
TALOS-2021-1384
|
Dream Report ODS Remote Connector privilege escalation vulnerability
|
2021-12-06
|
CVE-2021-21957
|
8.8
|
TALOS-2021-1405
|
Gerbv RS-274X aperture macro outline primitive integer overflow vulnerability
|
2021-12-06
|
CVE-2021-40394
|
10.0
|
TALOS-2021-1352
|
Google Chrome Blink setBaseAndExtent use after free vulnerability
|
2021-11-30
|
CVE-2021-30625
|
8.3
|
TALOS-2021-1380
|
Anker Eufy Homebase 2 home_security process_msg() authentication bypass vulnerability
|
2021-11-29
|
CVE-2021-21953
|
7.7
|
TALOS-2021-1382
|
Anker Eufy Homebase 2 home_security get_aes_key_info_by_packetid() authentication bypass vulnerability
|
2021-11-29
|
CVE-2021-21955
|
7.7
|
TALOS-2021-1379
|
Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_RSA_KEY_REQUEST authentication bypass vulnerability
|
2021-11-29
|
CVE-2021-21952
|
9.4
|
TALOS-2021-1381
|
Anker Eufy Homebase 2 home_security wifi_country_code_update command execution vulnerability
|
2021-11-29
|
CVE-2021-21954
|
9.9
|
TALOS-2021-1378
|
Anker Eufy Homebase 2 home_security CMD_DEVICE_GET_SERVER_LIST_REQUEST out-of-bounds write vulnerability
|
2021-11-29
|
CVE-2021-21950,CVE-2021-21951
|
10.0
|
TALOS-2021-1383
|
CloudLinux Inc Imunify360 Ai-Bolit php unserialize vulnerability
|
2021-11-22
|
CVE-021-21956
|
8.2
|
TALOS-2021-1363
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'group_list' page
|
2021-11-22
|
CVE-2021-21915,CVE-2021-21916,CVE-2021-21917
|
7.7
|
TALOS-2021-1364
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'company_list' page
|
2021-11-22
|
CVE-2021-21918,CVE-2021-21919
|
7.7
|
TALOS-2021-1366
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'device_list' page
|
2021-11-22
|
CVE-2021-21924,CVE-2021-21925,CVE-21926,CVE-2021-21927,CVE-2021-21928,CVE-2021-21929,CVE-2021-21930,CVE-2021-21931,CVE-2021-21932,CVE-2021-21933,CVE-2021-21934,CVE-2021-21935,CVE-2021-21936,CVE-2021-21937
|
7.7
|
TALOS-2021-1365
|
Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'user_list' page
|
2021-11-22
|
CVE-2021-21920,CVE-2021-21921, CVE-2021-21922,CVE-2021-21923
|
7.7
|
TALOS-2021-1360
|
Advantech R-SeeNet installation privilege escalation vulnerability
|
2021-11-22
|
CVE-2021-21910, CVE-2021-21911, CVE-2021-21912
|
8.8
|
TALOS-2021-1349
|
LibreCad libdxfrw dwgCompressor::decompress18() out-of-bounds write vulnerability
|
2021-11-17
|
CVE-2021-21898
|
8.8
|
TALOS-2021-1350
|
LibreCad libdxfrw dwgCompressor::copyCompBytes21 heap-based buffer overflow vulnerability
|
2021-11-17
|
CVE-2021-21899
|
8.8
|
TALOS-2021-1351
|
LibreCad libdxfrw dxfRW::processLType() use-after-free vulnerability
|
2021-11-17
|
CVE-2021-21900
|
8.8
|
TALOS-2021-1348
|
Google Chrome WebRTC addIceCandidate use after free vulnerability
|
2021-11-16
|
CVE-2021-30602
|
8.3
|
TALOS-2021-1337
|
Lantronix PremierWave 2050 Web Manager FsTFtp directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21894,CVE-2021-21895
|
9.1
|
TALOS-2021-1312
|
Lantronix PremierWave 2050 Web Manager Diagnostics: Traceroute OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21872
|
9.9
|
TALOS-2021-1329
|
Lantronix PremierWave 2050 Web Manager FsMove directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21885
|
7.2
|
TALOS-2021-1314
|
Lantronix PremierWave 2050 Web Manager SSL Credential Upload OS command injection vulnerabilities
|
2021-11-15
|
CVE-2021-21873,CVE-2021-21874,CVE-2021-21875
|
9.1
|
TALOS-2021-1322
|
Lantronix PremierWave 2050 Web Manager Applications and FsBrowse local file inclusion vulnerability
|
2021-11-15
|
CVE-2021-21878
|
4.9
|
TALOS-2021-1325
|
Lantronix PremierWave 2050 Web Manager Wireless Network Scanner OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21881
|
9.9
|
TALOS-2021-1332
|
Lantronix PremierWave 2050 Web Manager SslGenerateCertificate OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21888
|
9.1
|
TALOS-2021-1327
|
Lantronix PremierWave 2050 Web Manager Diagnostics: Ping OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21883
|
9.9
|
TALOS-2021-1323
|
Lantronix PremierWave 2050 Web Manager File Upload directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21879
|
9.9
|
TALOS-2021-1324
|
Lantronix PremierWave 2050 Web Manager FsCopyFile directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21880
|
7.2
|
TALOS-2021-1315
|
Lantronix PremierWave 2050 Web Manager FsTFtp OS command injection vulnerabilities
|
2021-11-15
|
CVE-2021-21876,CVE-2021-21877
|
9.1
|
TALOS-2021-1335
|
Lantronix PremierWave 2050 Web Manager FsUnmount stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21892
|
9.9
|
TALOS-2021-1338
|
Lantronix PremierWave 2050 Web Manager FsBrowseClean directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21896
|
4.9
|
TALOS-2021-1331
|
Lantronix PremierWave 2050 Web Manager SslGenerateCSR stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21887
|
9.1
|
TALOS-2021-1328
|
Lantronix PremierWave 2050 Web Manager SslGenerateCSR OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21884
|
9.1
|
TALOS-2021-1333
|
Lantronix PremierWave 2050 Web Manager Ping stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21889
|
9.9
|
TALOS-2021-1334
|
Lantronix PremierWave 2050 Web Manager FsBrowseClean stack-based buffer overflow vulnerability
|
2021-11-15
|
CVE-2021-21890,CVE-2021-21891
|
9.1
|
TALOS-2021-1330
|
Lantronix PremierWave 2050 Web Manager FSBrowsePage directory traversal vulnerability
|
2021-11-15
|
CVE-2021-21886
|
4.3
|
TALOS-2021-1326
|
Lantronix PremierWave 2050 Web Manager FsUnmount OS command injection vulnerability
|
2021-11-15
|
CVE-2021-21882
|
9.9
|
TALOS-2021-1344
|
Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging 1BL firmware downgrade vulnerability
|
2021-11-09
|
--
|
6.0
|
TALOS-2021-1342
|
Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests image validation signature check bypass vulnerability
|
2021-11-09
|
CVE-2021-42300
|
6.0
|
TALOS-2021-1339
|
Microsoft Azure Sphere Kernel GPIO_SET_PIN_CONFIG_IOCTL information disclosure vulnerability
|
2021-11-09
|
None
|
6.7
|
TALOS-2021-1343
|
Microsoft Azure Sphere Security Monitor SMSyscallStageBaseManifests offset calculation out-of-bounds read vulnerability
|
2021-11-09
|
CVE-2021-41376
|
2.3
|
TALOS-2021-1347
|
Microsoft Azure Sphere Pluton concurrent syscalls denial of service vulnerability
|
2021-11-09
|
--
|
6.2
|
TALOS-2021-1340
|
Microsoft Azure Sphere Kernel GPIO_GET_PIN_ACCESS_CONTROL_USER information disclosure vulnerability
|
2021-11-09
|
None
|
4.4
|
TALOS-2021-1341
|
Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging stage-without-manifest denial of service vulnerability
|
2021-11-09
|
--
|
6.0
|
TALOS-2021-1402
|
Gerbv drill format T-code tool number out-of-bounds write vulnerability
|
2021-11-04
|
CVE-2021-40391
|
10.0
|
TALOS-2021-1320
|
ZTE MF971R ADB_MODE_SWITCH stack-based buffer overflow vulnerability
|
2021-10-18
|
CVE-2021-21748
|
9.6
|
TALOS-2021-1313
|
ZTE MF971R HTTP_HOST CRLF Injection vulnerability
|
2021-10-18
|
CVE-2021-21743
|
6.3
|
TALOS-2021-1321
|
ZTE MF971R STK_PROCESS stack-based buffer overflow vulnerability
|
2021-10-18
|
CVE-2021-21749
|
8.3
|
TALOS-2021-1316
|
ZTE MF971R goform_get_cmd_process Config Control External config control vulnerability
|
2021-10-18
|
CVE-2021-21744
|
5.4
|
TALOS-2021-1317
|
ZTE MF971R Referer authentication bypass vulnerability
|
2021-10-18
|
CVE-2021-21745
|
4.7
|
TALOS-2021-1318
|
ZTE MF971R sms_cmd_status_info cross-site scripting vulnerability
|
2021-10-18
|
CVE-2021-21746
|
6.1
|
TALOS-2021-1319
|
ZTE MF971R xmlclient cross-site scripting vulnerability
|
2021-10-18
|
CVE-2021-21747
|
6.1
|
TALOS-2021-1265
|
Nitro Pro PDF JavaScript local_file_path Object use-after-free vulnerability
|
2021-10-13
|
CVE-2021-21796
|
8.8
|
TALOS-2021-1266
|
Nitro Pro PDF JavaScript TimeOutObject double free vulnerability
|
2021-10-13
|
CVE-2021-21797
|
8.8
|
TALOS-2021-1259
|
Microsoft Office Excel 2019/365 ConditionalFormatting code execution vulnerability
|
2021-10-12
|
CVE-2021-40474
|
8.8
|
TALOS-2021-1370
|
Anker Eufy Homebase 2 pushMuxer CreatePushThread use-after-free vulnerability
|
2021-10-11
|
CVE-2021-21941
|
10.0
|
TALOS-2021-1369
|
Anker Eufy Homebase 2 pushMuxer processRtspInfo heap buffer overflow vulnerability
|
2021-10-11
|
CVE-2021-21940
|
10.0
|
TALOS-2021-1361
|
D-LINK DIR-3040 WiFi Smart Mesh information disclosure vulnerability
|
2021-09-23
|
CVE-2021-21913
|
10.0
|
TALOS-2021-1309
|
Microsoft Azure Sphere Security Monitor SMSyscallPeripheralAcquire information disclosure vulnerability
|
2021-09-14
|
None
|
4.4
|
TALOS-2021-1267
|
Nitro Pro PDF JavaScript document.flattenPages JSStackFrame stack-based use-after-free vulnerability
|
2021-09-13
|
CVE-2021-21798
|
8.8
|
TALOS-2021-1346
|
Ribbonsoft dxflib DL_Dxf::handleLWPolylineData heap-based buffer overflow vulnerability
|
2021-09-07
|
CVE-2021-21897
|
8.8
|
TALOS-2021-1295
|
Disc Soft Ltd Daemon Tools Pro ISO Parsing memory corruption vulnerability
|
2021-08-17
|
CVE-2021-21832
|
8.1
|
TALOS-2021-1297
|
GPAC Project on Advanced Content library MPEG-4 Decoding multiple multiplication integer overflow vulnerabilities
|
2021-08-16
|
CVE-2021-21834, CVE-2021-21835, CVE-2021-21836, CVE-2021-21837, CVE-2021-21838, CVE-2021-21839, CVE-2021-21840, CVE-2021-21841, CVE-2021-21842, CVE-2021-21843, CVE-2021-21844, CVE-2021-21845, CVE-2021-21846, CVE-2021-21847, CVE-2021-21848, CVE-2021-21849, CVE-2021-21850, CVE-2021-21851, CVE-2021-21852
|
8.8
|
TALOS-2021-1299
|
GPAC Project Advanced Content MPEG-4 Decoding multiple integer addition overflow vulnerabilities
|
2021-08-16
|
CVE-2021-21853, CVE-2021-21854,CVE-2021-21855,CVE-2021-21856,CVE-2021-21857,CVE-2021-21858
|
8.8
|
TALOS-2021-1298
|
GPAC Project Advanced Content MPEG-4 Decoding multiple integer truncation vulnerabilities
|
2021-08-16
|
CVE-2021-21859,CVE-2021-21860,CVE-2021-21861,CVE-2021-21862
|
8.8
|
TALOS-2021-1279
|
AT&T Labs Xmill XML parsing CreateLabelOrAttrib memory corruption vulnerability
|
2021-08-11
|
CVE-2021-21811
|
8.1
|
TALOS-2021-1292
|
AT&T Labs Xmill XML decompression EnumerationUncompressor::UncompressItem heap-based buffer overflow vulnerability
|
2021-08-10
|
CVE-2021-21829
|
8.1
|
TALOS-2021-1310
|
Microsoft Azure Sphere Security Monitor SMSyscallWriteBlockToStageImage information disclosure vulnerability
|
2021-08-10
|
None
|
4.4
|
TALOS-2021-1280
|
AT&T Labs Xmill multiple command line parsing vulnerabilities
|
2021-08-10
|
CVE-2021-21812, CVE-2021-21813, CVE-2021-21814, CVE-2021-21815
|
7.8
|
TALOS-2021-1311
|
Microsoft Azure Sphere Security Monitor SECTION_ABIDepends denial of service vulnerability
|
2021-08-10
|
None
|
6.0
|
TALOS-2021-1278
|
AT&T Labs Xmill XML parsing ParseAttribs memory corruption vulnerability
|
2021-08-10
|
CVE-2021-21810
|
8.1
|
TALOS-2021-1293
|
AT&T Labs Xmill XML decompression LabelDict::Load heap-based buffer overflow vulnerability
|
2021-08-10
|
CVE-2021-21830
|
8.1
|
TALOS-2021-1291
|
AT&T Labs Xmill XML decompression DecodeTreeBlock multiple heap-based buffer overflow vulnerabilities
|
2021-08-10
|
CVE-2021-21826, CVE-2021-21827, CVE-2021-21828
|
8.1
|
TALOS-2021-1345
|
Mozilla Firefox MediaCacheStream::NotifyDataReceived use-after-free vulnerability
|
2021-08-10
|
CVE-2021-29985
|
8.8
|
TALOS-2021-1290
|
AT&T Labs Xmill XML decompression PlainTextUncompressor::UncompressItem heap-based buffer overflow vulnerability
|
2021-08-10
|
CVE-2021-21825
|
8.1
|
TALOS-2020-1212
|
tinyobjloader LoadObj improper array index validation vulnerability
|
2021-07-30
|
CVE-2020-28589
|
9.6
|
TALOS-2021-1294
|
Foxit Reader removeField use-after-free vulnerability
|
2021-07-27
|
CVE-2021-21831
|
8.8
|
TALOS-2021-1336
|
Foxit Reader Field OnFocus event use-after-free vulnerability
|
2021-07-27
|
CVE-2021-21893
|
8.8
|
TALOS-2021-1307
|
Foxit Reader FileAttachment annotation use-after-free vulnerability redux
|
2021-07-27
|
CVE-2021-21870
|
8.8
|
TALOS-2021-1304
|
CODESYS Development System ObjectManager.plugin ObjectStream.ProfileByteArray Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21867
|
8.8
|
TALOS-2021-1305
|
CODESYS Development System ObjectManager.plugin Project.get_MissingTypes() Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21868
|
8.8
|
TALOS-2021-1301
|
CODESYS Development System ComponentModel ComponentManager.StartupCultureSettings Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21864
|
7.8
|
TALOS-2021-1302
|
CODESYS Development System PackageManagement.plugin ExtensionMethods.Clone() Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21865
|
8.8
|
TALOS-2021-1300
|
CODESYS Development System ComponentModel Profile.FromFile() Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21863
|
8.8
|
TALOS-2021-1303
|
CODESYS Development System ObjectManager.plugin ProfileInformation.ProfileData Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21866
|
8.8
|
TALOS-2021-1306
|
CODESYS Development System Engine.plugin ProfileInformation ProfileData Unsafe Deserialization vulnerability
|
2021-07-26
|
CVE-2021-21869
|
8.8
|
TALOS-2021-1270
|
Advantech R-SeeNet telnet_form.php Reflected XSS vulnerability
|
2021-07-15
|
CVE-2021-21799
|
9.6
|
TALOS-2021-1283
|
D-LINK DIR-3040 Syslog information disclosure vulnerability
|
2021-07-15
|
CVE-2021-21818
|
6.5
|
TALOS-2021-1282
|
D-LINK DIR-3040 Zebra IP routing manager information disclosure vulnerability
|
2021-07-15
|
CVE-2021-21817
|
7.5
|
TALOS-2021-1272
|
Advantech R-SeeNet device_graph_page.php Multiple Reflected XSS vulnerabilities
|
2021-07-15
|
CVE-2021-21801, CVE-2021-21802, CVE-2021-21803
|
9.6
|
TALOS-2021-1271
|
Advantech R-SeeNet ssh_form.php Reflected XSS vulnerability
|
2021-07-15
|
CVE-2021-21800
|
9.6
|
TALOS-2021-1284
|
D-LINK DIR-3040 Libcli command injection vulnerability
|
2021-07-15
|
CVE-2021-21819
|
9.1
|
TALOS-2021-1281
|
D-LINK DIR-3040 Syslog information disclosure vulnerability
|
2021-07-15
|
CVE-2021-21816
|
6.5
|
TALOS-2021-1274
|
Advantech R-SeeNet ping.php OS Command Injection vulnerability
|
2021-07-15
|
CVE-2021-21805
|
9.8
|
TALOS-2021-1273
|
Advantech R-SeeNet options.php local file inclusion (LFI) vulnerability
|
2021-07-15
|
CVE-2021-21804
|
8.1
|
TALOS-2021-1285
|
D-LINK DIR-3040 Libcli test environment hard-coded password vulnerability
|
2021-07-15
|
CVE-2021-21820
|
10.0
|
TALOS-2021-1255
|
IOBit Advanced SystemCare Ultimate Privileged I/O Read vulnerabilities
|
2021-07-07
|
CVE-2021-21790, CVE-2021-21791, CVE-2021-21792
|
6.5
|
TALOS-2021-1253
|
IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c406144 vulnerability
|
2021-07-07
|
CVE-2021-21786
|
8.8
|
TALOS-2021-1252
|
IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c40a148 vulnerability
|
2021-07-07
|
CVE-2021-21785
|
6.5
|
TALOS-2021-1254
|
IOBit Advanced SystemCare ultimate privileged I/O write vulnerabilities
|
2021-07-07
|
CVE-2021-21787, CVE-2021-21788,CVE-2021-21789
|
8.8
|
TALOS-2021-1308
|
PowerISO DMG File Format Handler memory corruption vulnerability
|
2021-06-28
|
CVE-2021-21871
|
8.8
|
TALOS-2021-1277
|
Moodle spellchecker plugin command execution vulnerability
|
2021-06-22
|
CVE-2021-21809
|
8.2
|
TALOS-2021-1234
|
EIP Stack Group OpENer Ethernet/IP UDP handler information disclosure vulnerability
|
2021-06-16
|
CVE-2021-21777
|
8.6
|
TALOS-2021-1288
|
Komoot GmbH Komoot Friend finder information disclosure vulnerability
|
2021-06-09
|
CVE-2021-21823
|
5.3
|
TALOS-2021-1251
|
Google Chrome WebAudio blink::AudioNodeOutput::Pull code execution vulnerability
|
2021-06-08
|
CVE-2021-30522
|
8.3
|
TALOS-2021-1238
|
Webkit WebCore::GraphicsContext use-after-free vulnerability
|
2021-06-02
|
CVE-2021-21779
|
6.8
|
TALOS-2021-1229
|
Webkit ImageLoader dispatchPendingErrorEvent use-after-free vulnerability
|
2021-06-02
|
CVE-2021-21775
|
6.8
|
TALOS-2021-1268
|
Apple macOS SMB server create file request uninitialized memory disclosure
|
2021-06-02
|
CVE-2021-30722
|
6.5
|
TALOS-2021-1260
|
Apple macOS SMB server directory query request integer overflow vulnerability
|
2021-06-02
|
CVE-2021-30717
|
7.5
|
TALOS-2021-1263
|
Apple macOS SMB server lock request infinite loop
|
2021-06-02
|
CVE-2021-30716
|
6.5
|
TALOS-2021-1269
|
Apple macOS SMB server directory query arbitrary file access
|
2021-06-02
|
CVE-2021-30721
|
4.3
|
TALOS-2021-1258
|
Apple macOS SMB server IOCTL request uninitialized stack variable vulnerability
|
2021-06-02
|
CVE-2021-30712
|
4.2
|
TALOS-2021-1246
|
Apple macOS SMB server TREE_CONNECT stack buffer overflow vulnerability
|
2021-06-02
|
CVE-2020-10005
|
8.5
|
TALOS-2021-1261
|
Accusoft ImageGear TIF bits_per_sample processing out-of-bounds write vulnerability
|
2021-06-01
|
CVE-2021-21794
|
9.8
|
TALOS-2021-1276
|
Accusoft ImageGear PNG png_palette_process memory corruption vulnerability
|
2021-06-01
|
CVE-2021-21808
|
8.1
|
TALOS-2021-1275
|
Accusoft ImageGear DICOM parse_dicom_meta_info integer overflow vulnerability
|
2021-06-01
|
CVE-2021-21807
|
9.8
|
TALOS-2021-1296
|
Accusoft ImageGear TIF IP_planar_raster_unpack improper array index validation vulnerability
|
2021-06-01
|
CVE-2021-21833
|
9.8
|
TALOS-2021-1289
|
Accusoft ImageGear JPG Handle_JPEG420 out-of-bounds write vulnerability
|
2021-06-01
|
CVE-2021-21824
|
8.1
|
TALOS-2021-1257
|
Accusoft ImageGear JPG sof_nb_comp header processing out-of-bounds write vulnerability
|
2021-06-01
|
CVE-2021-21793
|
9.8
|
TALOS-2021-1286
|
Accusoft ImageGear PDF process_fontname stack-based buffer overflow vulnerability
|
2021-06-01
|
CVE-2021-21821
|
9.8
|
TALOS-2021-1243
|
Linux Kernel Arm SIGPAGE information disclosure vulnerability
|
2021-05-28
|
CVE-2021-21781
|
4.0
|
TALOS-2021-1230
|
Trend Micro, Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability
|
2021-05-24
|
CVE-2021-32457
|
7.8
|
TALOS-2021-1241
|
Trend Micro Inc. Home Network Security SFTP log collection server hard-coded password vulnerability
|
2021-05-24
|
CVE-2021-32459
|
4.9
|
TALOS-2021-1231
|
Trend Micro Inc. Home Network Security tdts.ko chrdev_ioctl_handle privilege escalation vulnerability
|
2021-05-24
|
CVE-2021-32458
|
7.8
|
TALOS-2021-1235
|
Google Chrome AudioDelayDSPKernel::ProcessKRate heap-based buffer overflow vulnerability
|
2021-05-19
|
CVE-2021-21160
|
8.8
|
TALOS-2021-1237
|
Apple macOS SMB server signature verification information disclosure vulnerability
|
2021-05-19
|
CVE-2021-1878
|
7.1
|
TALOS-2021-1233
|
Adobe Acrobat Reader DC JavaScript search query code execution vulnerability
|
2021-05-11
|
CVE-2021-28562
|
8.0
|
TALOS-2021-1287
|
Foxit Reader FileAttachment annotation use-after-free vulnerability
|
2021-05-06
|
CVE-2021-21822
|
8.8
|
TALOS-2021-1236
|
MZ Automation GmbH lib60870.NET ASDU message processing denial of service vulnerability
|
2021-04-26
|
CVE-2021-21778
|
7.5
|
TALOS-2020-1142
|
Systemd DHCP client denial-of-service vulnerability
|
2021-04-26
|
CVE-2020-13529
|
6.1
|
TALOS-2021-1239
|
Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability
|
2021-04-22
|
None
|
7.4
|
TALOS-2021-1240
|
Trend Micro Inc. Home Network Security tdts.ko TRF file-parsing denial-of-service vulnerability
|
2021-04-22
|
None
|
7.4
|
TALOS-2020-1219
|
Prusa Research PrusaSlicer Obj.cpp load_obj() out-of-bounds write vulnerability
|
2021-04-21
|
CVE-2020-28595
|
8.8
|
TALOS-2020-1220
|
Prusa Research PrusaSlicer Objparser::objparse() stack-based buffer overflow vulnerability
|
2021-04-21
|
CVE-2020-28596
|
8.8
|
TALOS-2020-1222
|
Prusa Research PrusaSlicer Admesh stl_fix_normal_directions() out-of-bounds write vulnerability
|
2021-04-21
|
CVE-2020-28598
|
8.8
|
TALOS-2020-1159
|
Synology DSM synoagentregisterd server finder out-of-bounds write vulnerability
|
2021-04-19
|
CVE-2021-26560, CVE-2021-26561, CVE-2021-26562
|
9.4
|
TALOS-2020-1160
|
Synology QuickConnect servers HTTP redirection Information Disclosure Vulnerability
|
2021-04-19
|
CVE-2021-26564, CVE-2021-26565, CVE-2021-26566
|
8.3
|
TALOS-2020-1216
|
Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability
|
2021-04-15
|
CVE-2020-28592
|
8.1
|
TALOS-2020-1217
|
Cosori Smart 5.8-Quart Air Fryer CS158-AF configuration server code execution vulnerability
|
2021-04-15
|
CVE-2020-28593
|
8.1
|
TALOS-2020-1208
|
OpenClinic GA web portal multiple SQL injection vulnerabilities in 'listImmoLabels.jsp' page
|
2021-04-13
|
CVE-2020-27242, CVE-2020-27243, CVE-2020-27244, CVE-2020-27245, CVE-2020-27246
|
6.4
|
TALOS-2020-1202
|
OpenClinic GA web portal SQL injection vulnerability in 'statistics/quickFile.jsp' page
|
2021-04-13
|
CVE-2020-27226
|
6.4
|
TALOS-2021-1247
|
Microsoft Azure Sphere mount namespace unsigned code execution vulnerability
|
2021-04-13
|
CVE-2021-27074
|
6.2
|
TALOS-2020-1204
|
OpenClinic GA installation privilege escalation vulnerability
|
2021-04-13
|
CVE-2020-27228
|
8.8
|
TALOS-2021-1262
|
Microsoft Azure Sphere Kernel pwm_ioctl_apply_state kfree() code execution vulnerability
|
2021-04-13
|
CVE-2021-28460
|
8.1
|
TALOS-2020-1205
|
OpenClinic GA web portal multiple SQL injection vulnerabilities in 'patientslist.do' page
|
2021-04-13
|
CVE-2020-27229, CVE-2020-27230, CVE-2020-27231
|
6.4
|
TALOS-2020-1206
|
OpenClinic GA Web portal SQL injection vulnerability in 'manageServiceStocks.jsp' page
|
2021-04-13
|
CVE-2020-27232
|
6.4
|
TALOS-2021-1250
|
Microsoft Azure Sphere mqueue inode initialization kernel code execution vulnerability
|
2021-04-13
|
CVE-2021-27080
|
9.3
|
TALOS-2020-1207
|
OpenClinic GA web portal multiple SQL injection vulnerabilities in the 'getAssets.jsp' page
|
2021-04-13
|
CVE-2020-27233, CVE-2020-27234, CVE-2020-27235, CVE-2020-27236, CVE-2020-27237, CVE-2020-27238, CVE-2020-27239, CVE-2020-27240, CVE-2020-27241
|
6.4
|
TALOS-2021-1249
|
Microsoft Azure Sphere Linux namespace ptrace unsigned code execution vulnerability
|
2021-04-13
|
CVE-2021-27074
|
6.2
|
TALOS-2020-1203
|
OpenClinic GA unauthenticated command injection vulnerability
|
2021-04-13
|
CVE-2020-27227
|
10.0
|
TALOS-2020-1198
|
Rukovoditel Project Management App SQL injection vulnerability in the 'forms_fields_rules/rules' page
|
2021-04-08
|
CVE-2020-13587
|
5.4
|
TALOS-2020-1201
|
Rukovoditel Project Management App application SQL injection vulnerability in the 'global_lists/choices' page
|
2021-04-08
|
CVE-2020-13592
|
5.4
|
TALOS-2020-1200
|
Rukovoditel Project Management App application SQL injection vulnerability in the 'access_rules/rules_form' page
|
2021-04-08
|
CVE-2020-13591
|
5.4
|
TALOS-2020-1146
|
Dream Report platform privilege escalation vulnerability
|
2021-04-08
|
CVE-2020-13532, CVE-2020-13533, CVE-2020-13534
|
9.3
|
TALOS-2020-1199
|
Rukovoditel Project Management App multiple SQL injection vulnerabilities in the 'entities/fields' page
|
2021-04-08
|
CVE-2020-13588, CVE-2020-13589, CVE-2020-13599
|
5.4
|
TALOS-2021-1227
|
Accusoft ImageGear TIFF Header count processing out-of-bounds write vulnerability
|
2021-03-30
|
CVE-2021-21773
|
8.1
|
TALOS-2021-1244
|
Accusoft ImageGear SGI format buffer size processing out-of-bounds write vulnerability
|
2021-03-30
|
CVE-2021-21782
|
9.8
|
TALOS-2021-1232
|
Accusoft ImageGear SGI Format Buffer Size Processing out-of-bounds write vulnerability
|
2021-03-30
|
CVE-2021-21776
|
9.8
|
TALOS-2021-1245
|
Genivia gSOAP WS-Addressing plugin code execution vulnerability redux
|
2021-03-24
|
CVE-2021-21783
|
9.8
|
TALOS-2021-1264
|
Accusoft ImageGear PSD read_icc_icCurve_data heap-based buffer overflow vulnerability
|
2021-03-16
|
CVE-2021-21795
|
9.8
|
TALOS-2020-1226
|
3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability
|
2021-03-10
|
CVE-2021-21772
|
8.1
|
TALOS-2021-1226
|
3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability
|
2021-03-10
|
CVE-2021-21772
|
8.1
|
TALOS-2021-1248
|
Accusoft ImageGear JPG format SOF marker processing out-of-bounds write vulnerability
|
2021-03-02
|
CVE-2021-21784
|
9.8
|
TALOS-2020-1213
|
Slic3r libslic3r Obj File TriangleMesh::TriangleMesh() out-of-bounds read vulnerability
|
2021-02-24
|
CVE-2020-28590
|
8.6
|
TALOS-2020-1225
|
CGAL libcgal multiple code execution vulnerabilities in Nef polygon-parsing code
|
2021-02-24
|
CVE-2020-28601,CVE-2020-28602,CVE-2020-28603,CVE-2020-28604,CVE-2020-28605,CVE-2020-28606,CVE-2020-28607,CVE-2020-28608,CVE-2020-28609,CVE-2020-28610,CVE-2020-28611,CVE-2020-28612,CVE-2020-28613,CVE-2020-28614,CVE-2020-28615,CVE-2020-28616, CVE-2020-28617,CVE-2020-28618,CVE-2020-28619,CVE-2020-28620, CVE-2020-28621,CVE-2020-28622,CVE-2020-28623,CVE-2020-28624,CVE-2020-28625,CVE-2020-28626,CVE-2020-28627,CVE-2020-28628,CVE-2020-28629,CVE-2020-28630,CVE-2020-28631,CVE-2020-28632,CVE-2020-28633,CVE-2020-28634,CVE-2020-28635,CVE-2020-28636,CVE-2020-35628,CVE-2020-35629,CVE-2020-35630, CVE-2020-35631,CVE-2020-35632,CVE-2020-35633,CVE-2020-35634,CVE-2020-35635,CVE-2020-35636
|
10.0
|
TALOS-2020-1223
|
Openscad import_stl.cc:import_stl() stack-based buffer overflow vulnerability
|
2021-02-23
|
CVE-2020-28599
|
8.8
|
TALOS-2020-1224
|
Openscad import_stl.cc:import_stl() out-of-bounds stack write vulnerability
|
2021-02-23
|
CVE-2020-28600
|
8.8
|
TALOS-2020-1167
|
Sytech XL reporter installation privilege escalation vulnerability
|
2021-02-19
|
CVE-2020-13549
|
8.8
|
TALOS-2020-1168
|
Advantech WebAccess/SCADA installation local file inclusion
|
2021-02-16
|
CVE-2020-13550
|
7.7
|
TALOS-2020-1169
|
Advantech WebAccess/SCADA installation privilege escalation vulnerability
|
2021-02-16
|
CVE-2020-13551, CVE-2020-13552, CVE-2020-13553, CVE-2020-13554, CVE-2020-13555
|
8.8
|
TALOS-2020-1182
|
Accusoft ImageGear SGI RLE decompression out-of-bounds write vulnerability
|
2021-02-09
|
CVE-2020-13571
|
9.8
|
TALOS-2020-1196
|
Accusoft ImageGear PSD Header processing out-of-bounds write vulnerability
|
2021-02-09
|
CVE-2020-13585
|
9.8
|
TALOS-2020-1176
|
Accusoft ImageGear TIFF index record out-of-bounds write vulnerability
|
2021-02-09
|
CVE-2020-13561
|
9.8
|
TALOS-2020-1183
|
Accusoft ImageGear GIF LZW decoder heap overflow vulnerability
|
2021-02-05
|
CVE-2020-13572
|
9.8
|
TALOS-2020-1190
|
SoftMaker Office PlanMaker Document Records 0x8011 and 0x820a integer overflow vulnerability
|
2021-02-03
|
CVE-2020-13579
|
8.8
|
TALOS-2020-1191
|
SoftMaker Office PlanMaker Document Record 0x8010 out-of-bounds write vulnerability
|
2021-02-03
|
CVE-2020-13580
|
8.8
|
TALOS-2020-1210
|
SoftMaker Office PlanMaker Excel document CEscherObject::ReadNativeProperties multiple heap buffer overflow vulnerabilities
|
2021-02-03
|
CVE-2020-27247, CVE-2020-27248, CVE-2020-27249,CVE-2020-27250,CVE-2020-28587
|
8.8
|
TALOS-2020-1192
|
SoftMaker Office PlanMaker Document Record 0x800d memory corruption vulnerability
|
2021-02-03
|
CVE-2020-13581
|
8.8
|
TALOS-2020-1197
|
SoftMaker Office PlanMaker Excel document record 0x00fc memory corruption vulnerability
|
2021-02-03
|
CVE-2020-13586
|
8.8
|
TALOS-2020-1008
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Network Segment Denial of Service Vulnerability
|
2021-02-02
|
CVE-2020-6088
|
7.5
|
TALOS-2020-1178
|
phpGACL return_page redirection open redirect vulnerability
|
2021-01-27
|
CVE-2020-13565
|
6.1
|
TALOS-2020-1180
|
OpenEMR GACL cross-site request forgery vulnerability
|
2021-01-27
|
CVE-2020-13569
|
8.8
|
TALOS-2020-1177
|
phpGACL template multiple cross-site scripting vulnerabilities
|
2021-01-27
|
CVE-2020-13562, CVE-2020-13563, CVE-2020-13564
|
9.6
|
TALOS-2020-1179
|
phpGACL database multiple SQL injection vulnerabilities
|
2021-01-27
|
CVE-2020-13566, CVE-2020-13568
|
8.8
|
TALOS-2020-1193
|
Micrium uC-HTTP HTTP Server unchecked return value denial-of-service vulnerability
|
2021-01-26
|
CVE-2020-13582
|
8.6
|
TALOS-2020-1194
|
Micrium uC-HTTP HTTP Server null pointer dereference denial-of-service vulnerability
|
2021-01-26
|
CVE-2020-13583
|
8.6
|
TALOS-2020-1174
|
FreyrSCADA IEC-60879-5-104 server simulator traffic logging denial-of-service vulnerability
|
2021-01-11
|
CVE--2020-13559
|
5.9
|
TALOS-2020-1184
|
Rockwell Automation RSLinx classic ethernet/IP server denial-of-service vulnerability
|
2021-01-07
|
CVE-2020-13573
|
7.5
|
TALOS-2020-1161
|
SoftMaker Office TextMaker Document Record 0x001f sign-extension vulnerability
|
2021-01-05
|
CVE-2020-13544
|
8.8
|
TALOS-2020-1188
|
Genivia gSOAP WS-Security plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13577
|
7.5
|
TALOS-2020-1162
|
SoftMaker Office TextMaker Document Record 0x003f integer conversion vulnerability
|
2021-01-05
|
CVE-2020-13545
|
8.8
|
TALOS-2020-1163
|
SoftMaker Office TextMaker Document Record 0x002a integer overflow vulnerability
|
2021-01-05
|
CVE-2020-13546
|
8.8
|
TALOS-2020-1185
|
Genivia gSOAP WS-Security plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13574
|
7.5
|
TALOS-2020-1189
|
Genivia gSOAP WS-Security plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13578
|
7.5
|
TALOS-2020-1187
|
Genivia gSOAP WS-Addressing plugin code execution vulnerability
|
2021-01-05
|
CVE-2020-13576
|
9.8
|
TALOS-2020-1186
|
Genivia gSOAP WS-Addressing plugin denial-of-service vulnerability
|
2021-01-05
|
CVE-2020-13575
|
7.5
|
TALOS-2020-1150
|
Win-911 Enterprise Platform privilege escalation vulnerability
|
2021-01-04
|
CVE-2020-13539, CVE-2020-13540
|
9.3
|
TALOS-2020-1151
|
Win-911 mobile server platform privilege escalation vulnerability
|
2021-01-04
|
CVE-2020-13541
|
9.3
|
TALOS-2020-1141
|
Microsoft Azure Sphere networkd mdns denial-of-service vulnerability
|
2020-12-18
|
--
|
5.9
|
TALOS-2020-1135
|
Lantronix XPort EDGE Web Manager CSRF vulnerability
|
2020-12-16
|
CVE-2020-13527
|
4.8
|
TALOS-2020-1116
|
NZXT CAM WinRing0x64 driver IRP 0x9c402088 privilege escalation vulnerability
|
2020-12-16
|
CVE-2020-13519
|
8.8
|
TALOS-2020-1114
|
NZXT CAM WinRing0x64 Driver IRP 0x9c406104 information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13517
|
6.5
|
TALOS-2020-1147
|
Kepware LinkMaster Service privilege escalation vulnerability
|
2020-12-16
|
CVE-2020-13535
|
9 .3
|
TALOS-2020-1113
|
NZXT CAM WinRing0x64 driver IRP 0x9c406144 information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13516
|
6.5
|
TALOS-2020-1136
|
Lantronix XPort EDGE Web Manager and telnet CLI cleartext transmission of sensitive information vulnerability
|
2020-12-16
|
CVE-2020-13528
|
3.1
|
TALOS-2020-1115
|
NZXT CAM WinRing0x64 driver IRP 0x9c402084 information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13518
|
6.5
|
TALOS-2020-1110
|
NZXT CAM WinRing0x64 driver privileged I/O read IRPs information disclosure vulnerability
|
2020-12-16
|
CVE-2020-13509, CVE-2020-13511
|
6.5
|
TALOS-2020-1111
|
NZXT CAM WinRing0x64 Driver Privileged I/O Write IRPs Privilege Escalation Vulnerability
|
2020-12-16
|
CVE-2020-13512, CVE-2020-13513, CVE-2020-13514
|
8.8
|
TALOS-2020-1112
|
NZXT CAM WinRing0x64 driver IRP 0x9c40a148 privilege escalation vulnerability
|
2020-12-16
|
CVE-2020-13515
|
8.8
|
TALOS-2020-1171
|
Foxit Reader JavaScript choice field use-after-free vulnerability
|
2020-12-09
|
CVE-2020-13557
|
8.8
|
TALOS-2020-1166
|
Foxit Reader Javascript Field fileSelect Use After Free Vulnerability
|
2020-12-09
|
CVE-2020-13548
|
8.0
|
TALOS-2020-1175
|
Foxit Reader JavaScript choice field format event use-after-free vulnerability
|
2020-12-09
|
CVE-2020-13560
|
8.8
|
TALOS-2020-1181
|
Foxit Reader JavaScript remove template use-after-free vulnerability
|
2020-12-09
|
CVE-2020-13570
|
7.5
|
TALOS-2020-1165
|
Foxit Reader JavaScript media openPlayer type confusion vulnerability
|
2020-12-09
|
CVE-2020-13547
|
8.8
|
TALOS-2020-1153
|
Microsoft Office ElementType code execution vulnerability
|
2020-12-08
|
CVE-2020-17123
|
8.8
|
TALOS-2020-1144
|
Schneider Electric EcoStruxure Control Expert APX project file processing code execution vulnerability
|
2020-12-08
|
CVE-2020-7560
|
8.6
|
TALOS-2020-1140
|
Schneider Electric EcoStruxure Control Expert PLC Simulator Modbus message processing remote code execution vulnerability
|
2020-12-08
|
CVE-2020-7559
|
10.0
|
TALOS-2020-1170
|
EIP Stack Group OpENer Ethernet/IP server out-of-bounds write vulnerability
|
2020-12-02
|
CVE-2020-13556
|
9.8
|
TALOS-2020-1143
|
EIP Stack Group OpENer ethernet/IP server denial-of-service vulnerability
|
2020-12-02
|
CVE-2020-13530
|
7.5
|
TALOS-2020-1195
|
Webkit ImageDecoderGStreamer use-after-free vulnerability
|
2020-11-30
|
CVE-2020-13584
|
8.8
|
TALOS-2020-1155
|
Webkit WebSocket code execution vulnerability
|
2020-11-30
|
CVE-2020-13543
|
8.8
|
TALOS-2020-1126
|
ProcessMaker sort parameter multiple SQL Injection Vulnerabilities
|
2020-11-17
|
CVE-2020-13525, CVE-2020-13526
|
6.4
|
TALOS-2020-1105
|
Pixar OpenUSD binary file format index type values information leak vulnerability
|
2020-11-12
|
CVE-2020-13498,CVE-2020-13496,CVE-2020-13497
|
4.3
|
TALOS-2020-1120
|
Pixar OpenUSD Binary File Format Decompressed Path Rebuilding Memory corruption
|
2020-11-12
|
CVE-2020-13520
|
8.8
|
TALOS-2020-1125
|
Pixar OpenUSD binary file format specs memory corruption
|
2020-11-12
|
CVE-2020-13524
|
6.3
|
TALOS-2020-1103
|
Pixar OpenUSD Binary File Format Token Strings Information Leak Vulnerability
|
2020-11-12
|
CVE-2020-13494
|
4.3
|
TALOS-2020-1094
|
Pixar OpenUSD binary file format compressed sections code execution vulnerabilities
|
2020-11-12
|
CVE-2020-6147, CVE-2020-6148, CVE-2020-6149, CVE-2020-6150, CVE-2020-6156, CVE-2020-13493
|
8.8
|
TALOS-2020-1145
|
Pixar OpenUSD SDF layer path remote code execution
|
2020-11-12
|
CVE-2020-13531
|
8.8
|
TALOS-2020-1101
|
Pixar OpenUSD Binary File Format Compressed Value Reps Code Execution Vulnerabilities
|
2020-11-12
|
CVE-2020-6155
|
8.8
|
TALOS-2020-1104
|
Pixar OpenUSD binary file format offset seek information leak vulnerability
|
2020-11-12
|
CVE-2020-9973
|
4.3
|
TALOS-2020-1154
|
LogicalDoc installation privilege escalation vulnerability
|
2020-11-10
|
CVE-2020-13542
|
9.3
|
TALOS-2020-1032
|
BIMx Desktop Viewer Resource Parsing Integer Overflow Vulnerability
|
2020-11-06
|
CVE-2020-6099
|
8.8
|
TALOS-2020-1156
|
Adobe Acrobat Reader DC form field format use after free
|
2020-11-05
|
CVE-2020-24437
|
8.8
|
TALOS-2020-1157
|
Adobe Acrobat Reader DC JavaScript submitForm heap buffer overflow redux
|
2020-11-05
|
CVE-2020-24435
|
8.8
|
TALOS-2020-1148
|
Moxa MXView series installation privilege escalation vulnerability
|
2020-11-03
|
CVE-2020-13537,CVE-2020-13536
|
9.3
|
TALOS-2020-1086
|
Synology SRM web interface session cookie HttpOnly flag information disclosure vulnerability
|
2020-10-30
|
CVE-2020-27658
|
7.5
|
TALOS-2020-1059
|
Synology SRM web interface session cookie secure flag Information Disclosure Vulnerability
|
2020-10-29
|
CVE-2020-27651
|
8.3
|
TALOS-2020-1071
|
Synology SRM dnsExit DDNS provider information disclosure vulnerability
|
2020-10-29
|
CVE-2020-27656-CVE-2020-27657
|
4.0
|
TALOS-2020-1060
|
Synology QuickConnect servers HTTP redirection Information Disclosure Vulnerability
|
2020-10-29
|
None
|
8.3
|
TALOS-2020-1065
|
Synology SRM lbd service Command Execution Vulnerability
|
2020-10-29
|
CVE-2020-27654, CVE-2020-11117
|
9.6
|
TALOS-2020-1066
|
Synology SRM QuickConnect iptables network misconfiguration vulnerability
|
2020-10-29
|
CVE-2020-27655
|
6.5
|
TALOS-2020-1064
|
Synology QuickConnect servers network misconfiguration vulnerability
|
2020-10-29
|
--
|
6.5
|
TALOS-2020-1061
|
Synology SRM QuickConnect HTTP connection Information Disclosure Vulnerability
|
2020-10-29
|
CVE-2020-27653
|
8.3
|
TALOS-2020-1058
|
Synology SRM QuickConnect authentication Information Disclosure Vulnerability
|
2020-10-29
|
CVE-2020-27649
|
8.3
|
TALOS-2020-1123
|
Google Chrome DrawElementsInstanced information leak vulnerability
|
2020-10-22
|
CVE-2020-6555
|
6.8
|
TALOS-2020-1127
|
Google Chrome WebGL Buffer11::getBufferStorage Code Execution Vulnerability
|
2020-10-20
|
CVE-2020-6542
|
8.3
|
TALOS-2020-1049
|
F2fs-Tools F2fs.Fsck dev_read Information Disclosure Vulnerability
|
2020-10-14
|
CVE-2020-6107
|
4.4
|
TALOS-2020-1050
|
F2fs-Tools F2fs.Fsck fsck_chk_orphan_node Code Execution Vulnerability
|
2020-10-14
|
CVE-2020-6108
|
8.2
|
TALOS-2020-1047
|
F2fs-Tools F2fs.Fsck Multiple Devices Code Execution Vulnerability
|
2020-10-14
|
CVE-2020-6105
|
8.2
|
TALOS-2020-1046
|
F2fs-Tools F2fs.Fsck filesystem checking Information Disclosure Vulnerability
|
2020-10-14
|
CVE-2020-6104
|
4.4
|
TALOS-2020-1048
|
F2fs-Tools F2fs.Fsck init_node_manager Information Disclosure Vulnerability
|
2020-10-14
|
CVE-2020-6106
|
4.4
|
TALOS-2020-1102
|
AMD ATIKMDAG.SYS D3DKMTEscape handler Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-12933
|
7.1
|
TALOS-2020-1057
|
Allen-Bradley MicroLogix 1100 programmable logic controller systems IPv4 denial-of-service vulnerability
|
2020-10-13
|
CVE-2020-6111
|
7.5
|
TALOS-2020-1005
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Port Segment Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-6083
|
7.5
|
TALOS-2020-1007
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Data Segment Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-6086, CVE-2020-6087
|
7.5
|
TALOS-2020-1006
|
Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Logical Segment Denial of Service Vulnerability
|
2020-10-13
|
CVE-2020-6084, CVE-2020-6085
|
7.5
|
TALOS-2020-1119
|
AMD ATIKMDAG.SYS D3DKMTCreateAllocation handler denial-of-service vulnerability
|
2020-10-07
|
CVE-2020-12911
|
7.1
|
TALOS-2020-1038
|
NVIDIA D3D10 Driver nvwgf2umx_cfg.dll nvwg DCL_CONSTANT_BUFFER code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
TALOS-2020-1037
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MUL code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
TALOS-2020-1124
|
Apple Safari/Webkit aboutBlankURL() code execution vulnerability
|
2020-09-30
|
CVE-2020-9951
|
8.8
|
TALOS-2020-1034
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV_SAT code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
TALOS-2020-1035
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV code execution vulnerability
|
2020-09-30
|
CVE‑2020‑5981
|
8.5
|
TALOS-2020-1106
|
Aveva eDNA Enterprise data historian CHaD.asmx multiple SQL injection vulnerabilities
|
2020-09-23
|
CVE-2020-13501,CVE-2020-13499,CVE-2020-13500
|
9.8
|
TALOS-2020-1129
|
Microsoft Azure Sphere Littlefs Quota denial of service vulnerability
|
2020-09-23
|
CVE-2020-16986
|
9.0
|
TALOS-2020-1134
|
Microsoft Azure Sphere Normal World application PACKET_MMAP unsigned code execution vulnerability
|
2020-09-23
|
None
|
5.5
|
TALOS-2020-1130
|
Microsoft Azure Sphere Littlefs truncate information disclosure vulnerability
|
2020-09-23
|
None
|
7.1
|
TALOS-2020-1139
|
Microsoft Azure Sphere Pluton SIGN_WITH_TENANT_ATTESTATION_KEY memory corruption vulnerability
|
2020-09-23
|
None
|
9.3
|
TALOS-2020-1070
|
Nitro Pro Indexed ColorSpace Rendering Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6116
|
8.8
|
TALOS-2020-1068
|
Nitro Pro XRefTable Entry Missing Object Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6115
|
8.8
|
TALOS-2020-1063
|
Nitro Pro PDF Object Stream Parsing Number of Objects Remote Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6113
|
8.8
|
TALOS-2020-1084
|
Nitro Pro PDF ICCBased ColorSpace Stroke Color Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6146
|
8.8
|
TALOS-2020-1062
|
Nitro Pro PDF JPEG2000 Stripe Sub-sample Decoding Out-of-bounds Write Code Execution Vulnerability
|
2020-09-15
|
CVE-2020-6112
|
8.8
|
TALOS-2020-1092
|
Google Chrome PDFium Javascript Active Document Memory Corruption Vulnerability
|
2020-09-14
|
CVE-2020-6513
|
6.3
|
TALOS-2020-1098
|
Microsoft Windows 10 CLFS.sys ValidateRegionBlocks privilege escalation vulnerability
|
2020-09-08
|
CVE-2020-1115
|
8.8
|
TALOS-2020-1096
|
Accusoft ImageGear DICOM parse_dicom_meta_info code execution vulnerability
|
2020-09-01
|
CVE-2020-6152
|
9.8
|
TALOS-2020-1095
|
Accusoft ImageGear TIFF handle_COMPRESSION_PACKBITS memory corruption vulnerability
|
2020-09-01
|
CVE-2020-6151
|
8.1
|
TALOS-2020-1079
|
OS4Ed openSIS DownloadWindow.php SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6136
|
6.4
|
TALOS-2020-1074
|
OS4Ed openSIS GetSchool.php SQL injection Vulnerability
|
2020-08-31
|
CVE-2020-6125
|
6.4
|
TALOS-2020-1078
|
OS4Ed openSIS Validator.php SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6135
|
6.4
|
TALOS-2020-1075
|
OS4Ed openSIS CoursePeriodModal.php page multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6126, CVE-2020-6127, CVE-2020-6128
|
6.4
|
TALOS-2020-1083
|
OS4Ed openSIS install remote code execution vulnerability
|
2020-08-31
|
CVE-2020-6143, CVE-2020-6144
|
10.0
|
TALOS-2020-1076
|
OS4Ed openSIS course_period_id parameter multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6129, CVE-2020-6130, CVE-2020-6131
|
6.4
|
TALOS-2020-1072
|
OS4Ed openSIS CheckDuplicateStudent.php page SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6117,CVE-2020-6119,CVE-2020-6121,CVE-2020-6118,CVE-2020-6120,CVE-2020-6122
|
6.4
|
TALOS-2020-1082
|
OS4Ed openSIS Modules.php remote code execution vulnerability
|
2020-08-31
|
CVE-2020-6142
|
9.9
|
TALOS-2020-1081
|
OS4Ed openSIS login SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6141
|
9.8
|
TALOS-2020-1080
|
OS4Ed openSIS Password Reset Multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6137, CVE-2020-6138, CVE-2020-6139, CVE-2020-6140
|
9.8
|
TALOS-2020-1073
|
OS4Ed openSIS email parameter SQL injection vulnerability
|
2020-08-31
|
CVE-2020-6123, CVE-2020-6124
|
6.4
|
TALOS-2020-1077
|
OS4Ed openSIS id parameter multiple SQL injection vulnerabilities
|
2020-08-31
|
CVE-2020-6132, CVE-2020-6133, CVE-2020-6134
|
6.4
|
TALOS-2020-1036
|
NVIDIA D3D10 driver nvwgf2umx_cfg.dll nvwg MOV2 code execution vulnerability
|
2020-08-30
|
CVE‑2020‑5981
|
8.5
|
TALOS-2020-1029
|
atftpd daemon Denial of Service Vulnerability
|
2020-08-26
|
CVE-2020-6097
|
7.5
|
TALOS-2020-1085
|
Google Chrome WebGL code execution vulnerability
|
2020-08-24
|
CVE-2020-6492
|
8.3
|
TALOS-2020-1133
|
Microsoft Azure Sphere Capability access control privilege escalation vulnerability |