PT-2025-50640

Name of the Vulnerable Software and Affected Versions libbiosig version 3.9.1 Description The software contains stack-based buffer overflow flaws in the MFER parsing functionality. A crafted MFER file can cause arbitrary code execution. An attacker can trigger these flaws by providing a malicious...

libbiosig 安全漏洞

libbiosig is an open source software library for biomedical signal processing open source by BioSig Project. It has biosignal analysis capabilities. A security vulnerability exists in libbiosig version 3.9.1, which stems from a stack buffer overflow in the MFER parsing function that could lead to...

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor versions prior to 13.2 and prior to 2025 2025.2, which originates from an insufficient memory allocation when processing specially crafted PDF files, and may result in memory...

CVE-2025-55312

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereferen...

libbiosig 安全漏洞

libbiosig is an open source software library for biomedical signal processing open source by BioSig Project. It has biosignal analysis capabilities. A security vulnerability exists in libbiosig version 3.9.1, which stems from a stack buffer overflow in the MFER parsing function that could lead to...

Linux Distros Unpatched Vulnerability : CVE-2025-66043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER fil...

EasyImages 安全漏洞

EasyImages is a thin wrapper on PIL by Jakub Cieslik individual developer. It is used for exploring, visualizing and sharing images. A security vulnerability exists in EasyImages 2.0 2.8.6 and earlier versions, which stems from improper file renaming functionality and could lead to the execution ...

PT-2025-50620

An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereferen...

PT-2025-50650

Name of the Vulnerable Software and Affected Versions Ruijie RG-RAP2200E version 247 2200 Description An issue exists in Ruijie RG-RAP2200E 247 2200 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to the module set in the /usr/local/lua/dev...

AzeoTech DAQFactory 缓冲区错误漏洞

AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from an out-of-bounds write vulnerability that originates from an out-of-bounds write to a memory buffer, which can be exploited by...

TeamViewer DEX Client 安全漏洞

TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. A security vulnerability exists in TeamViewer DEX Client versions prior to 25.11 that stems from a specially crafted request to bypass file integrity validation, which could lead to th...

The Biosig Project libbiosig MFER parsing multiple stack-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2025-2296 The Biosig Project libbiosig MFER parsing multiple stack-based buffer overflow vulnerabilities December 11, 2025 CVE Number CVE-2025-66047,CVE-2025-66045,CVE-2025-66044,CVE-2025-66048,CVE-2025-66043,CVE-2025-66046 SUMMARY Several stack-based buffer...

EUVD-2025-202621

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...

EUVD-2025-202492

Adobe Experience Manager versions 6.5.23 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by injecting malicious scripts into a web page that are executed in the context of the...

CVE-2021-47719

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...

CVE-2025-64785

Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the application uses a search path to locate...

CVE-2021-47705

COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit improper boundary validation in CNCCtrl.dll to cause heap...

CVE-2025-24857

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...

DEBIAN-CVE-2025-24857

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...

CVE-2025-24857

Improper access control for volatile memory containing boot code in Universal Boot Loader U-Boot before 2017.11 and Qualcomm chips IPQ4019, IPQ5018, IPQ5322, IPQ6018, IPQ8064, IPQ8074, and IPQ9574 could allow an attacker to execute arbitrary code...