2218 matches found
vtk vtk-dicom vtkDICOMItem::FindDataElementOrInsert heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the vtkDICOMItem::FindDataElementOrInsert functionality of vtk-dicom versions: 9.5.2. A specially crafted DICOM file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...
GeoVision GV-I/O Box 4E DVRSearch CMD_IP_SET buffer overflow vulnerabilities
Summary Multiple exploitable buffer overflow vulnerabilities exist in the DVRSearch CMDIPSET functionality of GV-I/O Box 4E versions: 2.09. A specially crafted network request can lead to a arbitrary code execution. An attacker can send a network request to trigger these vulnerabilities. Confirme...
GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerabilities
Summary Multiple exploitable OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GV-I/O Box 4E versions: 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger these vulnerabilities. Confirmed...
Google Chrome AddGenericPassword infomation overwrite vulnerability
Summary An infomation overwrite vulnerability exists in the AddGenericPassword functionality of Chrome 148.0.7778.216 Mac arm64. A keychain write from a same-user process can overwrite Chrome’s encryption key, leading to disclosure of sensitive information. An attacker can make a specially crafte...
GeoVision GV-VMS V20 GV-Cloud memory corruption vulnerability
Summary A memory corruption vulnerability exists in the GV-Cloud functionality of GV-VMS V20 versions: 20.0.2. A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability. Confirmed Vulnerable Versions The...
Internet Systems Consortium BIND DNSSEC DNSKEY Extended Flags denial of service vulnerability
Summary A denial of service vulnerability exists in the DNSSEC DNSKEY Extended Flags functionality of BIND versions: 9.21.21. A specially crafted mirror domain can lead to a denial of service. An attacker can serve a malicious zone to trigger this vulnerability. Confirmed Vulnerable Versions The...
GeoVision LPC2011/LPC2211 Web Interface privilege escalation vulnerability
Summary A privilege escalation vulnerability exists in the Web Interface functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability. Confirmed Vulnerable Versions The...
GeoVision LPC2011/LPC2211 Web Interface guessable session cookie vulnerability
Summary A guessable session cookie vulnerability exists in the Web Interface functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability. Confirmed...
GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability
Summary A stack overflow vulnerability exists in the WebCam Server Login functionality of GV-VMS V20 versions: 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Confirmed Vulnerable...
GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi privilege escalation vulnerability
Summary A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability. Confirmed Vulnerable Versions The...
GeoVision LPC2011/LPC2211 DdnsSetting.cgi OS command injection vulnerability
Summary A OS command injection vulnerability exists in the DdnsSetting.cgi functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An attacker can modify a configuration value to trigger this vulnerability. Confirmed...
GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability
Summary A insufficient encryption vulnerability exists in the Device Authentication functionality of GV-IP Device Utility versions: 9.0.5. A specially crafted network sniffing can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. Confirmed...
GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi reflected cross-site scripting (XSS) vulnerabilities
Summary Multiple exploitable reflected cross-site scripting XSS vulnerabilities exist in the Web Interface / ssi.cgi functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to...
GeoVision GV-VMS V20 WebCam Server stack overflow vulnerabilities
Summary Multiple exploitable stack overflow vulnerabilities exist in the WebCam Server functionality of GV-VMS V20 versions: 20.0.2. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities...
MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the LXF parsing functionality of MediaInfoLib versions: 26.01. A specially crafted .lxf file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Confirmed Vulnerable Versions The...
MediaArea MediaInfoLib ID3v2 parsing heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the ID3v2 parsing functionality of MediaInfoLib versions: 26.01. A specially crafted media file that contains ID3v2 tags can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the LXF element parsing functionality of MediaInfoLib versions: 26.01. A specially crafted .lxf file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Confirmed Vulnerable...
MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the Channel Splitting functionality of MediaInfoLib versions: 26.01. A specially crafted .riff file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Confirmed Vulnerable...
Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability
Talos Vulnerability Report TALOS-2025-2304 Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability May 7, 2026 CVE Number CVE-2026-30816 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore crt.sed functionality of Tp-Link Archer AX53 v1.0 1.3....
Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability
Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...
Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2302 Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability May 7, 2026 CVE Number CVE-2026-30814 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x436 functionality of Tp-Link AX53 v1.0 1.3.1 Bui...
Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2306 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30818 SUMMARY An os command injection vulnerability exists in the dnsmasq configuration restore dhcpscript functionality ...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2307 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientdisconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientdisconnect...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore script_security OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2303 Tp-Link Archer AX53 v1.0 Openvpn configuration restore scriptsecurity OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore scriptsecurity...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore route_up OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2309 Tp-Link Archer AX53 v1.0 Openvpn configuration restore routeup OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore routeup functionality of...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_connect OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2308 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientconnect...
Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability
Talos Vulnerability Report TALOS-2025-2276 Norton Secure VPN Installation Insecure Operation On Junction Privilege Escalation Vulnerability May 4, 2026 CVE Number CVE-2025-58074 SUMMARY A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Stor...
OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability
Talos Vulnerability Report TALOS-2026-2381 OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability April 27, 2026 CVE Number CVE-2026-35058 SUMMARY A reachable assertion vulnerability exists in the TLS Crypt v2 Client Key Extraction functionality of OpenVPN 2.6.x and 2.8git. A...
Adobe Photoshop Installation Privilege Escalation Vulnerability
Talos Vulnerability Report TALOS-2025-2274 Adobe Photoshop Installation Privilege Escalation Vulnerability April 22, 2026 CVE Number CVE-2026-34632 SUMMARY A privilege escalation vulnerability exists during the installation of Adobe Photoshop via the Microsoft Store. The vulnerable version of the...
LibRaw x3f_thumb_loader heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2358 LibRaw x3fthumbloader heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20889 SUMMARY A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious...
LibRaw HuffTable::initval heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2330 LibRaw HuffTable::initval heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20911 SUMMARY A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A...
LibRaw uncompressed_fp_dng_load_raw integer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2363 LibRaw uncompressedfpdngloadraw integer overflow vulnerability April 7, 2026 CVE Number CVE-2026-24450 SUMMARY An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious...
LibRaw lossless_jpeg_load_raw heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2331 LibRaw losslessjpegloadraw heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-21413 SUMMARY A heap-based buffer overflow vulnerability exists in the losslessjpegloadraw functionality of LibRaw Commit 0b56545 and Commit d20315b. A...
LibRaw deflate_dng_load_raw integer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2364 LibRaw deflatedngloadraw integer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20884 SUMMARY An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead ...
LibRaw x3f_load_huffman heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2359 LibRaw x3floadhuffman heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-24660 SUMMARY A heap-based buffer overflow vulnerability exists in the x3floadhuffman functionality of LibRaw Commit d20315b. A specially crafted malicious...
Foxit Reader List Box Calculate Array Use-After-Free Vulnerability
Talos Vulnerability Report TALOS-2026-2365 Foxit Reader List Box Calculate Array Use-After-Free Vulnerability March 31, 2026 CVE Number CVE-2026-3779 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader handles an Array object. A specially crafted JavaScript code inside a malicio...
Hangzhou Hikvision Digital Technology Co., Ltd. Face Recognition Modules SADP XML parsing stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2281 Hangzhou Hikvision Digital Technology Co., Ltd. Face Recognition Modules SADP XML parsing stack-based buffer overflow vulnerability March 18, 2026 CVE Number CVE-2025-66176 SUMMARY A stack-based buffer overflow vulnerability exists in the SADP XML parsin...
Canva Affinity EMF File EMR_POLYBEZIER Count Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2317 Canva Affinity EMF File EMRPOLYBEZIER Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-61952 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...
Canva Affinity EMF File EMR_BITBLT offBmiSrc Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2311 Canva Affinity EMF File EMRBITBLT offBmiSrc Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-64776 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...
Canva Affinity EMF File EMR_HEADER offDescription Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2299 Canva Affinity EMF File EMRHEADER offDescription Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-61979 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF fil...
Canva Affinity EMF File EMR_FRAMERGN Type Confusion Vulnerability
Talos Vulnerability Report TALOS-2025-2297 Canva Affinity EMF File EMRFRAMERGN Type Confusion Vulnerability March 17, 2026 CVE Number CVE-2025-66342 SUMMARY A type confusion vulnerability exists in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger this vulnerabilit...
Canva Affinity EMF File EMR_HEADER nDescription Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2298 Canva Affinity EMF File EMRHEADER nDescription Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-62500 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file,...
Canva Affinity EMF File EMR_POLYBEZIERTO Count Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2318 Canva Affinity EMF File EMRPOLYBEZIERTO Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66503 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...
Canva Affinity EMF File EMR_POLYGON Count Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2320 Canva Affinity EMF File EMRPOLYGON Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-65119 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...
Canva Affinity EMF File EMR_EXTSELECTCLIPRGN CountRects Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2319 Canva Affinity EMF File EMREXTSELECTCLIPRGN CountRects Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66042 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted E...
Canva Affinity EMF File EMR_POLYPOLYLINE Count Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2325 Canva Affinity EMF File EMRPOLYPOLYLINE Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2026-22882 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...
Canva Affinity EMF File EMR_EXTTEXTOUTW offDx Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2314 Canva Affinity EMF File EMREXTTEXTOUTW offDx Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-58427 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, a...
Canva Affinity EMF File EMR_STRETCHBLT offBmiSrc Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2312 Canva Affinity EMF File EMRSTRETCHBLT offBmiSrc Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-64735 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file...
Canva Affinity EMF File EMR_POLYPOLYLINE16 Count Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2315 Canva Affinity EMF File EMRPOLYPOLYLINE16 Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66617 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file...
Canva Affinity EMF File EMR_STRETCHBLT cbBitsSrc Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2313 Canva Affinity EMF File EMRSTRETCHBLT cbBitsSrc Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66633 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file...