Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

HumanTalk Co,Ltd

Source -

CNA

BOS Name -

N/A

CNA CVEs -

7

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
7Vulnerabilities found

CVE-2020-7823
Assigner-KrCERT/CC
ShareView Details
Assigner-KrCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.42% / 60.99%
||
7 Day CHG~0.00%
Published-04 Aug, 2020 | 14:14
Updated-17 Sep, 2024 | 02:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DaviewIndy Multiple Vulnerabilities

DaviewIndy has a Memory corruption vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.

Action-Not Available
Vendor-hmtalkHumanTalk Co,Ltd
Product-daviewindyDaviewIndy
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-7822
Assigner-KrCERT/CC
ShareView Details
Assigner-KrCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.12%
||
7 Day CHG~0.00%
Published-04 Aug, 2020 | 14:14
Updated-16 Sep, 2024 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DaviewIndy Multiple Vulnerabilities

DaviewIndy has a Heap-based overflow vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.

Action-Not Available
Vendor-hmtalkHumanTalk Co,LtdMicrosoft Corporation
Product-windowsdaviewindyDaviewIndy
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-9139
Assigner-KrCERT/CC
ShareView Details
Assigner-KrCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.12%
||
7 Day CHG~0.00%
Published-25 Apr, 2019 | 17:22
Updated-04 Aug, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.

Action-Not Available
Vendor-datoolsHumanTalk Co,Ltd
Product-daviewindyDaviewIndy
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-9138
Assigner-KrCERT/CC
ShareView Details
Assigner-KrCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.32% / 54.31%
||
7 Day CHG~0.00%
Published-25 Apr, 2019 | 17:19
Updated-04 Aug, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed PhotoShop file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.

Action-Not Available
Vendor-datoolsHumanTalk Co,Ltd
Product-daviewindyDaviewIndy
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-9137
Assigner-KrCERT/CC
ShareView Details
Assigner-KrCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.12%
||
7 Day CHG~0.00%
Published-25 Apr, 2019 | 17:11
Updated-04 Aug, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnerability, triggered when the user opens a malformed Image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.

Action-Not Available
Vendor-hmtalkHumanTalk Co,Ltd
Product-daviewindyDaviewIndy
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-9136
Assigner-KrCERT/CC
ShareView Details
Assigner-KrCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.12%
||
7 Day CHG~0.00%
Published-25 Apr, 2019 | 16:57
Updated-04 Aug, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability, triggered when the user opens a malformed JPEG2000 format file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.

Action-Not Available
Vendor-datoolsHumanTalk Co,Ltd
Product-daviewindyDaviewIndy
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-9135
Assigner-KrCERT/CC
ShareView Details
Assigner-KrCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.12%
||
7 Day CHG~0.00%
Published-25 Apr, 2019 | 16:49
Updated-04 Aug, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vulnerability, triggered when the user opens a malformed DIB format file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.

Action-Not Available
Vendor-datoolsHumanTalk Co,Ltd
Product-daviewindyDaviewIndy
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write