VYPR
Vendor

Talos

Products
5
CVEs
15
Across products
15
Status
Private

Products

5

Recent CVEs

15
  • CVE-2018-3937CriAug 14, 2018
    risk 0.60cvss 9.1epss 0.10

    An exploitable command injection vulnerability exists in the measurementBitrateExec functionality of Sony IPELA E Series Network Camera G5 firmware 1.87.00. A specially crafted GET request can cause arbitrary commands to be executed. An attacker can send an HTTP request to…

  • CVE-2018-3938CriAug 14, 2018
    risk 0.59cvss 9.1epss 0.03

    An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can…

  • CVE-2017-2888HigOct 11, 2017
    risk 0.57cvss 8.8epss 0.03

    An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker…

  • CVE-2017-2887HigOct 11, 2017
    risk 0.57cvss 8.8epss 0.03

    An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. A specially crafted xcf file can cause a stack-based buffer overflow resulting in potential code execution. An attacker can provide a specially crafted XCF file to…

  • CVE-2018-4001HigOct 1, 2018
    risk 0.51cvss 7.8epss 0.01

    An exploitable uninitialized pointer vulnerability exists in the Office Open XML parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted document can cause an uninitialized pointer representing a TTableRow to be assigned to a variable on the stack. This variable…

  • CVE-2018-3999HigOct 1, 2018
    risk 0.51cvss 7.8epss 0.01

    An exploitable stack-based buffer overflow vulnerability exists in the JPEG parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause a length to be miscalculated and underflow. This length is then treated as unsigned and…

  • CVE-2018-4048May 30, 2019
    risk 0.00cvss epss 0.01

    An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute…

  • CVE-2018-4051Apr 2, 2019
    risk 0.00cvss epss 0.00

    An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally create directories and subdirectories on the root file system, as well as change the permissions of existing…

  • CVE-2018-4050Apr 1, 2019
    risk 0.00cvss epss 0.00

    An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges.

  • CVE-2018-4040Dec 1, 2018
    risk 0.00cvss epss 0.01

    An exploitable uninitialized pointer vulnerability exists in the rich text format parser of Atlantis Word Processor, version 3.2.7.2. A specially crafted document can cause certain RTF tokens to dereference a pointer that has been uninitialized and then write to it. An attacker…

  • CVE-2018-4039Dec 1, 2018
    risk 0.00cvss epss 0.01

    An exploitable out-of-bounds write vulnerability exists in the PNG implementation of Atlantis Word Processor, version 3.2.7.2. This can allow an attacker to corrupt memory, which can result in code execution under the context of the application. An attacker must convince a…

  • CVE-2018-4038Dec 1, 2018
    risk 0.00cvss epss 0.01

    An exploitable arbitrary write vulnerability exists in the open document format parser of the Atlantis Word Processor, version 3.2.7.2, while trying to null-terminate a string. A specially crafted document can allow an attacker to pass an untrusted value as a length to a…

  • CVE-2018-3970Oct 25, 2018
    risk 0.00cvss epss 0.00

    An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send…

  • CVE-2018-3971Oct 25, 2018
    risk 0.00cvss epss 0.01

    An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An…

  • CVE-2005-3382Oct 30, 2005
    risk 0.00cvss epss 0.04

    Multiple interpretation error in Sophos 3.91 with the 2.28.4 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type…