Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2024/04/17 12:0 a.m.30 views

Peplink Smart Reader web interface /cgi-bin/upload_config.cgi data integrity vulnerability

Talos Vulnerability Report TALOS-2023-1866 Peplink Smart Reader web interface /cgi-bin/uploadconfig.cgi data integrity vulnerability April 17, 2024 CVE Number CVE-2023-45744 SUMMARY A data integrity vulnerability exists in the web interface /cgi-bin/uploadconfig.cgi functionality of Peplink Smart...

8.8CVSS6.5AI score0.01305EPSS
Exploits3
Talos
Talos
added 2024/04/03 12:0 a.m.30 views

Open Automation Software OAS Platform OAS Engine Save Security Configuration file write vulnerability

Talos Vulnerability Report TALOS-2024-1951 Open Automation Software OAS Platform OAS Engine Save Security Configuration file write vulnerability April 3, 2024 CVE Number CVE-2024-22178 SUMMARY A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open...

4.9CVSS5.4AI score0.00662EPSS
Exploits1
Talos
Talos
added 2024/02/26 12:0 a.m.30 views

llama.cpp GGUF library header.n_tensors heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1915 llama.cpp GGUF library header.ntensors heap-based buffer overflow vulnerability February 26, 2024 CVE Number CVE-2024-21836 SUMMARY A heap-based buffer overflow vulnerability exists in the GGUF library header.ntensors functionality of llama.cpp Commit...

9.8CVSS8.8AI score0.01349EPSS
Exploits1
Talos
Talos
added 2024/01/10 12:0 a.m.30 views

WWBN AVideo checkLoginAttempts login attempt restriction bypass vulnerability

Talos Vulnerability Report TALOS-2023-1898 WWBN AVideo checkLoginAttempts login attempt restriction bypass vulnerability January 10, 2024 CVE Number CVE-2023-49810 SUMMARY A login attempt restriction bypass vulnerability exists in the checkLoginAttempts functionality of WWBN AVideo dev master...

7.3CVSS7.1AI score0.00668EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.30 views

GTKWave LXT2 lxt2_rd_iter_radix shift operation integer underflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1824 GTKWave LXT2 lxt2rditerradix shift operation integer underflow vulnerabilities January 8, 2024 CVE Number CVE-2023-39413,CVE-2023-39414 SUMMARY Multiple integer underflow vulnerabilities exist in the LXT2 lxt2rditerradix shift operation functionality of...

7.8CVSS7.7AI score0.0038EPSS
Exploits2
Talos
Talos
added 2024/01/08 12:0 a.m.30 views

GTKWave VCD var definition section out-of-bounds read vulnerabilities

Talos Vulnerability Report TALOS-2023-1805 GTKWave VCD var definition section out-of-bounds read vulnerabilities January 8, 2024 CVE Number CVE-2023-37447,CVE-2023-37446,CVE-2023-37445,CVE-2023-37444,CVE-2023-37442,CVE-2023-37443 SUMMARY Multiple out-of-bounds read vulnerabilities exist in the VC...

7.8CVSS8.2AI score0.00436EPSS
Exploits5
Talos
Talos
added 2023/11/27 12:0 a.m.30 views

Foxit Reader 3D Annot use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1837 Foxit Reader 3D Annot use-after-free vulnerability November 27, 2023 CVE Number CVE-2023-32616 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. A specially crafted Javascript code inside a malicio...

8.8CVSS9.1AI score0.0182EPSS
Exploits1
Talos
Talos
added 2023/11/14 12:0 a.m.30 views

Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1733 Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability November 14, 2023 CVE Number CVE-2023-27882 SUMMARY A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston...

9.8CVSS9.8AI score0.01778EPSS
Exploits1
Talos
Talos
added 2023/09/05 12:0 a.m.30 views

Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1775 Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability September 5, 2023 CVE Number CVE-2023-35124 SUMMARY An information disclosure vulnerability exists in the OAS Engine configuration management...

4.3CVSS4.5AI score0.00541EPSS
Exploits1
Talos
Talos
added 2023/07/21 12:0 a.m.30 views

Open Babel CSR format title out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1667 Open Babel CSR format title out-of-bounds write vulnerability July 21, 2023 CVE Number CVE-2022-41793 SUMMARY An out-of-bounds write vulnerability exists in the CSR format title functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially...

9.8CVSS9.2AI score0.00816EPSS
Exploits1
Talos
Talos
added 2023/07/21 12:0 a.m.30 views

Open Babel MSI format atom uninitialized pointer dereference vulnerability

Talos Vulnerability Report TALOS-2022-1669 Open Babel MSI format atom uninitialized pointer dereference vulnerability July 21, 2023 CVE Number CVE-2022-44451 SUMMARY A use of uninitialized pointer vulnerability exists in the MSI format atom functionality of Open Babel 3.1.1 and master commit...

9.8CVSS9.1AI score0.00816EPSS
Exploits1
Talos
Talos
added 2023/03/20 12:0 a.m.30 views

WellinTech KingHistorian User authentication information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1683 WellinTech KingHistorian User authentication information disclosure vulnerability March 20, 2023 CVE Number CVE-2022-45124 SUMMARY An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian...

7.5CVSS7.4AI score0.14503EPSS
Exploits1
Talos
Talos
added 2023/01/26 12:0 a.m.30 views

Siretta QUARTZ-GOLD m2m DELETE_FILE cmd directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1637 Siretta QUARTZ-GOLD m2m DELETEFILE cmd directory traversal vulnerability January 26, 2023 CVE Number CVE-2022-41154 SUMMARY A directory traversal vulnerability exists in the m2m DELETEFILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. ...

8.2CVSS7AI score0.01878EPSS
Exploits1
Talos
Talos
added 2023/01/12 12:0 a.m.30 views

Qt Project Qt QML QtScript Reflect API integer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1617 Qt Project Qt QML QtScript Reflect API integer overflow vulnerability January 12, 2023 CVE Number CVE-2022-40983 SUMMARY An integer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code...

8.8CVSS8.8AI score0.01076EPSS
Exploits1
Talos
Talos
added 2022/12/20 12:0 a.m.30 views

OpenStack oslo.privsep privilege escalation vulnerability

Talos Vulnerability Report TALOS-2022-1599 OpenStack oslo.privsep privilege escalation vulnerability December 20, 2022 CVE Number CVE-2022-38065 SUMMARY A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissive...

8.8CVSS9.1AI score0.00596EPSS
Exploits1
Talos
Talos
added 2022/08/16 12:0 a.m.30 views

HDF5 Group libhdf5 gif2h5 heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1487 HDF5 Group libhdf5 gif2h5 heap-based buffer overflow vulnerability August 16, 2022 CVE Number CVE-2022-26061 SUMMARY A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file...

7.8CVSS7.9AI score0.00618EPSS
Exploits1
Talos
Talos
added 2022/05/25 12:0 a.m.30 views

Open Automation Software Platform Engine SecureBrowseFile information disclosure vulnerability

Summary An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger th...

7.5CVSS7.6AI score0.01641EPSS
Exploits1
Talos
Talos
added 2022/05/10 12:0 a.m.30 views

InHand Networks InRouter302 router configuration import privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions InHand...

8.8CVSS8.2AI score0.01885EPSS
Exploits1
Talos
Talos
added 2022/02/23 12:0 a.m.30 views

Accusoft ImageGear XWD parser::xwdread_pixmapformat_0_or_1 heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Accusoft ImageGear 19.10 Product URLs...

9.8CVSS8.7AI score0.01494EPSS
Exploits1
Talos
Talos
added 2021/11/17 12:0 a.m.30 views

LibreCad libdxfrw dwgCompressor::copyCompBytes21 heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2021-1350 LibreCad libdxfrw dwgCompressor::copyCompBytes21 heap-based buffer overflow vulnerability November 17, 2021 CVE Number CVE-2021-21899 SUMMARY A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw...

8.8CVSS8.7AI score0.02686EPSS
Exploits1
Talos
Talos
added 2021/11/15 12:0 a.m.30 views

Lantronix PremierWave 2050 Web Manager Diagnostics: Ping OS command injection vulnerability

Summary An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...

9.9CVSS9.9AI score0.06061EPSS
Exploits1
Talos
Talos
added 2021/03/10 12:0 a.m.30 views

3MF Consortium lib3mf NMR::COpcPackageReader::releaseZIP() use-after-free vulnerability

Summary A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions 3MF Consortium...

8.1CVSS8AI score0.04339EPSS
Exploits1
Talos
Talos
added 2021/01/27 12:0 a.m.30 views

phpGACL return_page redirection open redirect vulnerability

Summary An open redirect vulnerability exists in the returnpage redirection functionality of phpGACL 3.3.7. A specially crafted HTTP request can redirect users to an arbitrary URL. An attacker can provide a crafted URL to trigger this vulnerability. Tested Versions OpenEMR 5.0.2 OpenEMR developme...

6.1CVSS6.3AI score0.01879EPSS
Exploits1
Talos
Talos
added 2020/06/10 12:0 a.m.30 views

Microsoft Office Excel PivotField code execution vulnerability

Summary An exploitable use-after-free vulnerability exists in Excel application of Microsoft Office Professional Plus 2016 x86, version 2002, build 12527.20242 and Microsoft Office 365 ProPlus x86, version 1908, build 11929.20606. A specially crafted XLS file can cause a use after free condition,...

9.3CVSS8.6AI score0.17157EPSS
Exploits0
Talos
Talos
added 2020/06/09 12:0 a.m.30 views

Siemens LOGO! TDE service "NFSAccess" Delete Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the TDE service functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted network request can cause be used to delete critical system data resulting in a denial of service. An attacker...

9.1CVSS9.1AI score0.0199EPSS
Exploits0
Talos
Talos
added 2019/08/19 12:0 a.m.30 views

Nest Labs Nest Cam IQ indoor Weave CASE nlWeaveCertificate authentication bypass vulnerability

Talos Vulnerability Report TALOS-2019-0811 Nest Labs Nest Cam IQ indoor Weave CASE nlWeaveCertificate authentication bypass vulnerability August 19, 2019 CVE Number CVE-2019-5044 Summary An exploitable certificate authentication vulnerability exists in the Weave CASE Pairing function of the Nest...

6.7AI score
Exploits0
Talos
Talos
added 2019/01/02 12:0 a.m.30 views

Clean My Mac X removeASL Privilege Escalation Vulnerability

Summary An exploitable privilege escalation vulnerability exists in the Clean My Mac X, version 4.04, helper service due to improper input validation. A user with local access can use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a...

7.1CVSS5.7AI score0.00497EPSS
Exploits1
Talos
Talos
added 2019/01/02 12:0 a.m.30 views

CleanMyMac X removeKextAtPath privilege escalation vulnerability

Summary The CleanMyMac X software contains an exploitable privilege escalation vulnerability due to improper input validation. An attacker with local access could use this vulnerability to modify the running kernel extensions on the system. Tested Versions Clean My Mac X 4.04 Product URLs...

7.1CVSS5.9AI score0.00306EPSS
Exploits0
Talos
Talos
added 2017/07/11 12:0 a.m.30 views

Iceni Infix PDF parsing SetSize Code Execution Vulnerability

Summary An out-of-bounds write vulnerability exists in the PDF parsing functionality of Infix 7.1.5. A specially crafted PDF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific PDF file to trigger this vulnerability. Tested Versions...

8.8CVSS8.2AI score0.01215EPSS
Exploits2
Talos
Talos
added 2017/06/22 12:0 a.m.30 views

InsideSecure MatrixSSL x509 certificate SubjectDomainPolicy Remote Code Execution Vulnerability

Summary An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a...

9.8CVSS9.1AI score0.02344EPSS
Exploits2
Talos
Talos
added 2017/05/04 12:0 a.m.30 views

AntennaHouse DMC HTMLFilter AddSst Code Execution Vulnerability

Summary An exploitable heap corruption vulnerability exists in the AddSst functionality of AntennaHouse DMC HTMLFilter as used by MarkLogioc 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide a malicious XLS file to...

8.3CVSS8.4AI score0.01328EPSS
Exploits2
Talos
Talos
added 2017/04/10 12:0 a.m.30 views

Moxa AWK-3131A web_runScript Header Manipulation Denial of Service Vulnerability

Summary An exploitable null pointer dereference vulnerability exists in the Web Application /forms/webrunScript iwfilename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. An HTTP POST request with a blank line in the header will cause a segmentation fault in the web...

7.8CVSS7.4AI score0.01405EPSS
Exploits2
Talos
Talos
added 2017/02/27 12:0 a.m.30 views

Iceni Argus PDF TextToPolys Rasterization Code Execution Vulnerability

Summary An exploitable integer-overflow vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will attempt to convert each character from a font into a polygon and then attempt to rasterize these shapes. When rasterizing these shapes, the tool will perfor...

9.3CVSS8.3AI score0.02116EPSS
Exploits2
Talos
Talos
added 2016/10/26 12:0 a.m.30 views

Iceni Argus ipfSetColourStroke Code Execution Vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the ipfSetColourStroke functionality of Iceni Argus. A specially crafted pdf file can cause a buffer overflow resulting in arbitrary code exection. An attacker can provide a malicious pdf file to trigger this vulnerability...

8.8CVSS8.4AI score0.02062EPSS
Exploits2
Talos
Talos
added 2016/06/21 12:0 a.m.30 views

Pidgin MXIT CP_SOCK_REC_TERM Denial of Service Vulnerability

Talos Vulnerability Report TALOS-2016-0137 Pidgin MXIT CPSOCKRECTERM Denial of Service Vulnerability June 21, 2016 CVE Number CVE-2016-2369 DESCRIPTION An NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server...

5.9CVSS0.2AI score0.02251EPSS
Exploits1
Talos
Talos
added 2016/06/14 12:0 a.m.30 views

Ruby Psych::Emitter start_document Heap Overflow Vulnerability

Talos Vulnerability Report TALOS-2016-0032 Ruby Psych::Emitter startdocument Heap Overflow Vulnerability June 14, 2016 CVE Number CVE-2016-2338 DESCRIPTION An exploitable heap overflow vulnerability exists in the Psych::Emitter startdocument function of Ruby. In Psych::Emitter startdocument...

9.8CVSS9.3AI score0.04644EPSS
Exploits3
Talos
Talos
added 2025/01/15 12:0 a.m.29 views

Observium vlan html code injection vulnerability

Talos Vulnerability Report TALOS-2024-2091 Observium vlan html code injection vulnerability January 15, 2025 CVE Number CVE-2024-47002 SUMMARY A html code injection vulnerability exists in the vlan management part of Observium CE 24.4.13528. A specially crafted HTTP request can lead to an arbitra...

8.7CVSS8.3AI score0.14439EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.29 views

Wavlink AC3000 adm.cgi set_TR069() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2029 Wavlink AC3000 adm.cgi setTR069 buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-37357 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setTR069 functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...

9.1CVSS7.8AI score0.09693EPSS
Exploits1
Talos
Talos
added 2024/12/11 12:0 a.m.29 views

Adobe Acrobat Reader Font gvar per-tuple-variation-table Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2024-2064 Adobe Acrobat Reader Font gvar per-tuple-variation-table Out-Of-Bounds Read Vulnerability December 11, 2024 CVE Number CVE-2024-49532 SUMMARY An out-of-bounds read vulnerability exists in font handling code of Adobe Acrobat Reader 2024.002.21005. A...

5.5CVSS6.5AI score0.00525EPSS
Exploits0
Talos
Talos
added 2024/09/18 12:0 a.m.29 views

OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser invalid pointer dereference vulnerabilities

Talos Vulnerability Report TALOS-2024-2016 OpenPLC OpenPLCv3 OpenPLC Runtime EtherNet/IP parser invalid pointer dereference vulnerabilities September 18, 2024 CVE Number CVE-2024-39590,CVE-2024-39589 SUMMARY Multiple invalid pointer dereference vulnerabilities exist in the OpenPLC Runtime...

7.5CVSS7.9AI score0.01021EPSS
Exploits2
Talos
Talos
added 2024/09/18 12:0 a.m.29 views

OpenPLC OpenPLC_v3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2005 OpenPLC OpenPLCv3 OpenPLC Runtime EtherNet/IP parser stack-based buffer overflow vulnerability September 18, 2024 CVE Number CVE-2024-34026 SUMMARY A stack-based buffer overflow vulnerability exists in the OpenPLC Runtime EtherNet/IP parser functionality...

9.8CVSS9.7AI score0.02398EPSS
Exploits1
Talos
Talos
added 2024/08/13 12:0 a.m.29 views

Microsoft CLIPSP.SYS License update out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1965 Microsoft CLIPSP.SYS License update out-of-bounds read vulnerability August 13, 2024 CVE Number CVE-2024-38185 SUMMARY Multiple out-of-bounds read vulnerabilities exists in the License update functionality of Microsoft CLIPSP.SYS 10.0.22621 Build 22621,...

7.8CVSS8.1AI score0.01114EPSS
Exploits0
Talos
Talos
added 2024/04/25 12:0 a.m.29 views

Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1944 Grassroot DICOM RAWCodec::DecodeBytes out-of-bounds read vulnerability April 25, 2024 CVE Number CVE-2024-25569 SUMMARY An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A...

6.5CVSS7AI score0.01083EPSS
Exploits1
Talos
Talos
added 2024/02/29 12:0 a.m.29 views

NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2023-1849 NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability February 29, 2024 CVE Number CVE-2024-0071 SUMMARY An out-of-bounds read vulnerability exists in the Shader functionality of NVIDIA D3D10 Driver, Version 546.01, 31.0.15.4601. A...

7.8CVSS7.5AI score0.00381EPSS
Exploits0
Talos
Talos
added 2024/02/20 12:0 a.m.29 views

The Biosig Project libbiosig BrainVision Header Parsing double-free vulnerability

Talos Vulnerability Report TALOS-2024-1917 The Biosig Project libbiosig BrainVision Header Parsing double-free vulnerability February 20, 2024 CVE Number CVE-2024-22097 SUMMARY A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig Project libbiosig Maste...

9.8CVSS9.4AI score0.01615EPSS
Exploits1
Talos
Talos
added 2024/02/20 12:0 a.m.29 views

The Biosig Project libbiosig sopen_FAMOS_read integer overflow to out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-1921 The Biosig Project libbiosig sopenFAMOSread integer overflow to out-of-bounds write vulnerability February 20, 2024 CVE Number CVE-2024-21812 SUMMARY An integer overflow vulnerability exists in the sopenFAMOSread functionality of The Biosig Project...

9.8CVSS9.6AI score0.01757EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.29 views

GTKWave FST fstReaderIterBlocks2 fstWritex len heap-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1793 GTKWave FST fstReaderIterBlocks2 fstWritex len heap-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-36747,CVE-2023-36746 SUMMARY Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len...

7.8CVSS7.5AI score0.00382EPSS
Exploits2
Talos
Talos
added 2024/01/08 12:0 a.m.29 views

GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1790 GTKWave FST fstReaderIterBlocks2 vesc allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35992 SUMMARY An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of GTKWave 3.3.115,...

7.8CVSS7.7AI score0.0038EPSS
Exploits1
Talos
Talos
added 2023/10/19 12:0 a.m.29 views

JustSystems Corporation Ichitaro 2023 DocumentViewStyles and DocumentEditStyles stream relative write vulnerabilities

Talos Vulnerability Report TALOS-2023-1825 JustSystems Corporation Ichitaro 2023 DocumentViewStyles and DocumentEditStyles stream relative write vulnerabilities October 19, 2023 CVE Number CVE-2023-35126 SUMMARY An out-of-bounds write vulnerability exists within the parsers for both the...

7.8CVSS8AI score0.00484EPSS
Exploits1
Talos
Talos
added 2023/10/11 12:0 a.m.29 views

Yifan YF325 httpd next_page buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1761 Yifan YF325 httpd nextpage buffer overflow vulnerability October 11, 2023 CVE Number CVE-2023-35055,CVE-2023-35056 SUMMARY A buffer overflow vulnerability exists in the httpd nextpage functionality of Yifan YF325 v1.020221108. A specially crafted network...

9.8CVSS9.4AI score0.01018EPSS
Exploits0
Total number of security vulnerabilities2224