2224 matches found
Oracle OIT IX SDK libvs_pdf Kids List Information Leak
Talos Vulnerability Report TALOS-2016-0096 Oracle OIT IX SDK libvspdf Kids List Information Leak July 19, 2016 CVE Number CVE-2016-3574 DESCRIPTION When parsing a specially crafted PDF document, the parser is expecting a pointer where string is located leading to a read access violation with a...
Pidgin MXIT mxit_convert_markup_tx Information Leak Vulnerability
Talos Vulnerability Report TALOS-2016-0123 Pidgin MXIT mxitconvertmarkuptx Information Leak Vulnerability June 21, 2016 CVE Number CVE-2016-2380 DESCRIPTION An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially...
Pidgin MXIT Avatar Length Memory Disclosure Vulnerability
Talos Vulnerability Report TALOS-2016-0135 Pidgin MXIT Avatar Length Memory Disclosure Vulnerability June 21, 2016 CVE Number CVE-2016-2367 DESCRIPTION An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially resu...
Pidgin MXIT MultiMX Message Code Execution Vulnerability
Talos Vulnerability Report TALOS-2016-0142 Pidgin MXIT MultiMX Message Code Execution Vulnerability June 21, 2016 CVE Number CVE-2016-2374 DESCRIPTION An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent...
Libarchive 7zip read_SubStreamsInfo Code Execution Vulnerability
SUMMARY An exploitable \heap overflow vulnerability exists in the 7zip readSubStreamsInfo functionality of libarchive. A specially crafted 7zip file can cause a integer overflow resulting in memory corruption that can lead to code execution. An attacker can send a malformed file to trigger this...
Socomec DIRIS Digiware M-70 Modbus RTU over TCP reboot denial of service vulnerability
Talos Vulnerability Report TALOS-2025-2139 Socomec DIRIS Digiware M-70 Modbus RTU over TCP reboot denial of service vulnerability December 1, 2025 CVE Number CVE-2025-23417 SUMMARY A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70...
Adobe Acrobat Reader Font Program Function Definition Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2024-2076 Adobe Acrobat Reader Font Program Function Definition Out-Of-Bounds Read Vulnerability December 11, 2024 CVE Number CVE-2024-49534 SUMMARY An out-of-bounds read vulnerability exists in font handling code of Adobe Acrobat Reader 2024.002.21005. A font fil...
Microsoft CLIPSP.SYS License update signature check bypass vulnerability
Talos Vulnerability Report TALOS-2024-1964 Microsoft CLIPSP.SYS License update signature check bypass vulnerability August 13, 2024 CVE Number CVE-2024-38184 SUMMARY A signature check bypass vulnerability exists in the License update functionality of Microsoft CLIPSP.SYS 10.0.22621 Build 22621,...
AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability
Talos Vulnerability Report TALOS-2024-1940 AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability May 28, 2024 CVE Number CVE-2024-22187 SUMMARY A write-what-where vulnerability exists in the Programming Software Connection Remote Memory...
Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability
Talos Vulnerability Report TALOS-2024-1945 Silicon Labs Gecko Platform HTTP server header parsing invalid pointer dereference vulnerability April 18, 2024 CVE Number CVE-2023-51391 SUMMARY An invalid pointer dereference vulnerability exists in the HTTP server header parsing functionality of Silic...
The Biosig Project libbiosig .egi parsing heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-1920 The Biosig Project libbiosig .egi parsing heap-based buffer overflow vulnerability February 20, 2024 CVE Number CVE-2024-21795 SUMMARY A heap-based buffer overflow vulnerability exists in the .egi parsing functionality of The Biosig Project libbiosig 2.5...
Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1905 Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20735 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.2038...
GTKWave FST fstReaderIterBlocks2 tdelta improper array index validation vulnerabilities
Talos Vulnerability Report TALOS-2023-1791 GTKWave FST fstReaderIterBlocks2 tdelta improper array index validation vulnerabilities January 8, 2024 CVE Number CVE-2023-35994,CVE-2023-35996,CVE-2023-35997,CVE-2023-35995 SUMMARY Multiple improper array index validation vulnerabilities exist in the...
GTKWave LXT2 lxt2_rd_trace value elements allocation integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1821 GTKWave LXT2 lxt2rdtrace value elements allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35057 SUMMARY An integer overflow vulnerability exists in the LXT2 lxt2rdtrace value elements allocation functionality of GTKWave 3.3.11...
GTKWave VZT vzt_rd_get_facname decompression out-of-bounds write vulnerabilities
Talos Vulnerability Report TALOS-2023-1813 GTKWave VZT vztrdgetfacname decompression out-of-bounds write vulnerabilities January 8, 2024 CVE Number CVE-2023-38649,CVE-2023-38648 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdgetfacname decompression functionality of...
GTKWave FST fstReaderIterBlocks2 chain_table parsing heap-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1789 GTKWave FST fstReaderIterBlocks2 chaintable parsing heap-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-35969,CVE-2023-35970 SUMMARY Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chaintab...
SoftEther VPN vpnserver ConnectionAccept() denial-of-service vulnerability
Talos Vulnerability Report TALOS-2023-1743 SoftEther VPN vpnserver ConnectionAccept denial-of-service vulnerability October 12, 2023 CVE Number CVE-2023-25774 SUMMARY A denial-of-service vulnerability exists in the vpnserver ConnectionAccept functionality of SoftEther VPN 5.02. A set of specially...
Hancom Office 2020 HWord footerr use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1759 Hancom Office 2020 HWord footerr use-after-free vulnerability September 26, 2023 CVE Number CVE-2023-32541 SUMMARY A use-after-free vulnerability exists in the footerr functionality of Hancom Office 2020 HWord 11.0.0.7520. A specially crafted .doc file c...
Apple DCERPC association groups heap overflow
Talos Vulnerability Report TALOS-2022-1676 Apple DCERPC association groups heap overflow July 13, 2023 CVE Number CVE-2023-27935 SUMMARY A heap overflow vulnerability exists in the way DCERPC library as used in Apple macOS 12.6.1 keeps track of association groups related to BIND requests. A...
OpenImageIO DDS native tile reading denial of service vulnerability
Talos Vulnerability Report TALOS-2022-1635 OpenImageIO DDS native tile reading denial of service vulnerability December 22, 2022 CVE Number CVE-2022-41999 SUMMARY A denial of service vulnerability exists in the DDS native tile reading functionality of OpenImageIO Project OpenImageIO v2.3.19.0 and...
OpenImageIO Project OpenImageIO IFFOutput wild write vulnerability
Talos Vulnerability Report TALOS-2022-1656 OpenImageIO Project OpenImageIO IFFOutput wild write vulnerability December 22, 2022 CVE Number CVE-2022-43601,CVE-2022-43600,CVE-2022-43599,CVE-2022-43602 SUMMARY Multiple code execution vulnerabilities exist in the IFFOutput::close functionality of...
OpenImageIO Project OpenImageIO ZfileOutput::close() denial of service vulnerability
Talos Vulnerability Report TALOS-2022-1657 OpenImageIO Project OpenImageIO ZfileOutput::close denial of service vulnerability December 22, 2022 CVE Number CVE-2022-43603 SUMMARY A denial of service vulnerability exists in the ZfileOutput::close functionality of OpenImageIO Project OpenImageIO...
Lansweeper lansweeper TicketTemplateActions.aspx GetTemplateAttachment directory traversal vulnerability
Talos Vulnerability Report TALOS-2022-1531 Lansweeper lansweeper TicketTemplateActions.aspx GetTemplateAttachment directory traversal vulnerability December 1, 2022 CVE Number CVE-2022-27498 SUMMARY A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment...
Callback technologies CBFS Filter handle_ioctl_83150 null pointer dereference vulnerability
Talos Vulnerability Report TALOS-2022-1647 Callback technologies CBFS Filter handleioctl83150 null pointer dereference vulnerability November 22, 2022 CVE Number CVE-2022-43588 SUMMARY A null pointer dereference vulnerability exists in the handleioctl83150 functionality of Callback technologies...
Abode Systems, Inc. iota All-In-One Security Kit XCMD setUPnP OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1557 Abode Systems, Inc. iota All-In-One Security Kit XCMD setUPnP OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-30541 SUMMARY An OS command injection vulnerability exists in the XCMD setUPnP functionality of Abode Systems, Inc. iota...
Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug denial of service vulnerability
Talos Vulnerability Report TALOS-2022-1555 Abode Systems, Inc. iota All-In-One Security Kit XCMD doDebug denial of service vulnerability October 20, 2022 CVE Number CVE-2022-32760 SUMMARY A denial of service vulnerability exists in the XCMD doDebug functionality of Abode Systems, Inc. iota...
Abode Systems, Inc. iota All-In-One Security Kit XCMD setIPCam stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1560 Abode Systems, Inc. iota All-In-One Security Kit XCMD setIPCam stack-based buffer overflow vulnerability October 20, 2022 CVE Number CVE-2022-32454 SUMMARY A stack-based buffer overflow vulnerability exists in the XCMD setIPCam functionality of Abode...
InHand Networks InRouter302 console infactory_port OS command injection vulnerability
Summary An OS command injection vulnerability exists in the console infactoryport functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Test...
Reolink RLC-410W web server misconfiguration information disclosure vulnerability
Summary An information disclosure vulnerability exists due to a web server misconfiguration in the reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability. Tested...
Lantronix PremierWave 2050 Web Manager FsBrowseClean stack-based buffer overflow vulnerability
Summary A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this...
LogicalDoc installation privilege escalation vulnerability
Summary A local privilege elevation vulnerability exists in the file system permissions of LogicalDoc 8.5.1 installation. Depending on the vector chosen, an attacker can either replace the service binary or replace DLL files loaded by the service, both which get executed by a service thus executi...
Google Chrome DrawElementsInstanced information leak vulnerability
Talos Vulnerability Report TALOS-2020-1123 Google Chrome DrawElementsInstanced information leak vulnerability October 22, 2020 CVE Number CVE-2020-6555 SUMMARY An information disclosure vulnerability exists in the WebGL functionality of Google Chrome 83.0.4103.116 Stable 64-bit and 86.0.4198.0...
Accusoft ImageGear TIFF handle_COMPRESSION_PACKBITS memory corruption vulnerability
Talos Vulnerability Report TALOS-2020-1095 Accusoft ImageGear TIFF handleCOMPRESSIONPACKBITS memory corruption vulnerability September 1, 2020 CVE Number CVE-2020-6151 SUMMARY A memory corruption vulnerability exists in the TIFF handleCOMPRESSIONPACKBITS functionality of Accusoft ImageGear 19.7. ...
atftpd daemon Denial of Service Vulnerability
Summary An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert call resulting in denial-of-service. An attacker can send a sequence of malicious packets to...
Intel IGC64.DLL Shader Functionality hull shader denial of service vulnerability
Summary An exploitable denial of service vulnerability exists in Intel IGC64.DLL graphics driver. A specially crafted hull shader can cause a NULL pointer dereference. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability could potentially be...
Mini-SNMPD decode_int Information Leak Vulnerability
Summary An exploitable out of bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request can trigger an out of bounds memory read which can result in sensitive information disclosure and Denial Of Service. In order to trigger...
AMD ATI Radeon ATIDXX64.DLL shader functionality constant buffer denial-of-service vulnerability
Summary An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be...
Rakuten Viber Android Secret Chats Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the “Secret Chats” functionality of Rakuten Viber on Android 9.3.0.6. The “Secret Chats” functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this...
Samsung SmartThings Hub video-core Camera Update Code Execution Vulnerabilities
Summary Multiple exploitable buffer overflow vulnerabilities exist in the camera “update” feature of video-core’s HTTP server of Samsung SmartThings Hub. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker...
Natus Xltek EEG NeuroWorks ItemList Traversal Denial-of-Service Vulnerability
Summary An exploitable denial-of-service vulnerability exists in the traversal of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this...
Blender Sequencer imb_get_anim_type Streams Integer Overflow Code Execution Vulnerability
Summary An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created .avi file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...
Circle with Disney Database Updater Code Execution Vulnerability
Summary An exploitable vulnerability exists in the database update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to execute arbitrary code. An attacker needs to impersonate a remote server in order to trigger this vulnerability...
Libbpg BGP image decoding Code Execution Vulnerability
Summary An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be...
Oracle OIT ContentAccess libvs_word+63AC Code Execution Vulnerability
Talos Vulnerability Report TALOS-2016-0158 Oracle OIT ContentAccess libvsword+63AC Code Execution Vulnerability July 19, 2016 CVE Number CVE-2016-3592 Description Partially controlled memory write vulnerability exists in Mac Word file format parsing code of Oracle Outside In Technology Content...
Oracle OIT IX SDK libvs_pdf Root xref Denial of Service Vulnerabiity
Talos Vulnerability Report TALOS-2016-0099 Oracle OIT IX SDK libvspdf Root xref Denial of Service Vulnerabiity July 19, 2016 CVE Number CVE-2016-3577 DESCRIPTION A stack overflow leading to a crash due to unbounded recusive function call is present in the PDF file format parsing code of the IX SD...
Pidgin MXIT Suggested Contacts Memory Disclosure Vulnerability
Talos Vulnerability Report TALOS-2016-0143 Pidgin MXIT Suggested Contacts Memory Disclosure Vulnerability June 21, 2016 CVE Number CVE-2016-2375 DESCRIPTION An exploitable out-of-bounds ready exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT contact information sent fr...
Pidgin MXIT read stage 0x3 Code Execution Vulnerability
Talos Vulnerability Report TALOS-2016-0118 Pidgin MXIT read stage 0x3 Code Execution Vulnerability June 21, 2016 CVE Number CVE-2016-2376 DESCRIPTION A buffer overflows vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could...
Pidgin MXIT File Transfer Length Memory Disclosure Vulnerability
Talos Vulnerability Report TALOS-2016-0140 Pidgin MXIT File Transfer Length Memory Disclosure Vulnerability June 21, 2016 CVE Number CVE-2016-2372 DESCRIPTION An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potential...
Pidgin libpurple Mxit Emoticon ASN Length Denial of Service Vulnerability
Talos Vulnerability Report VRT-2014-0203 Pidgin libpurple Mxit Emoticon ASN Length Denial of Service Vulnerability November 6, 2014 CVE Number CVE-2014-3695 Description An exploitable denial of service vulnerability exists in Pidgin’s implementation of the Mxit protocol in the libpurple library. ...
LevelOne WBR-6012 Web Application buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-1997 LevelOne WBR-6012 Web Application buffer overflow vulnerability October 30, 2024 CVE Number CVE-2024-28052 SUMMARY The WBR-6012 is a wireless SOHO router. It is a low-cost device which functions as an internet gateway for homes and small offices while...