Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2024/10/03 12:0 a.m.26 views

GNOME Project G Structured File Library (libgsf) Compound Document Binary File Directory integer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2068 GNOME Project G Structured File Library libgsf Compound Document Binary File Directory integer overflow vulnerability October 3, 2024 CVE Number CVE-2024-36474 SUMMARY An integer overflow vulnerability exists in the Compound Document Binary File format...

8.4CVSS7.8AI score0.00402EPSS
Exploits0
Talos
Talos
added 2024/05/28 12:0 a.m.25 views

libigl PlyFile ply_cast_ascii out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1879 libigl PlyFile plycastascii out-of-bounds write vulnerability May 28, 2024 CVE Number CVE-2023-49600 SUMMARY An out-of-bounds write vulnerability exists in the PlyFile plycastascii functionality of libigl v2.5.0. A specially crafted .ply file can lead to...

8.1CVSS8.1AI score0.0065EPSS
Exploits1
Talos
Talos
added 2024/01/10 12:0 a.m.25 views

WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1869 WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability January 10, 2024 CVE Number CVE-2023-47171 SUMMARY An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN...

6.5CVSS6.7AI score0.01072EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.25 views

GTKWave VZT longest_len value allocation integer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1816 GTKWave VZT longestlen value allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35004 SUMMARY An integer overflow vulnerability exists in the VZT longestlen value allocation functionality of GTKWave 3.3.115. A specially crafted...

7.8CVSS7.9AI score0.00432EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.25 views

GTKWave VZT LZMA_read_varint out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1811 GTKWave VZT LZMAreadvarint out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-36861 SUMMARY An out-of-bounds write vulnerability exists in the VZT LZMAreadvarint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead ...

7.8CVSS7.9AI score0.00436EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.25 views

GTKWave LXT2 num_dict_entries integer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1820 GTKWave LXT2 numdictentries integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-39316,CVE-2023-39317 SUMMARY Multiple integer overflow vulnerabilities exist in the LXT2 numdictentries functionality of GTKWave 3.3.115. A specially crafted...

7.8CVSS7.9AI score0.00416EPSS
Exploits2
Talos
Talos
added 2023/10/12 12:0 a.m.25 views

SoftEther VPN CtEnumCa() information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1753 SoftEther VPN CtEnumCa information disclosure vulnerability October 12, 2023 CVE Number CVE-2023-32275 SUMMARY An information disclosure vulnerability exists in the CtEnumCa functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted...

5.5CVSS5.4AI score0.00392EPSS
Exploits1
Talos
Talos
added 2023/10/11 12:0 a.m.25 views

peplink Surf SOHO HW1 admin.cgi MVPN_trial_init OS command injection vulnerability

Talos Vulnerability Report TALOS-2023-1779 peplink Surf SOHO HW1 admin.cgi MVPNtrialinit OS command injection vulnerability October 11, 2023 CVE Number CVE-2023-28381 SUMMARY An OS command injection vulnerability exists in the admin.cgi MVPNtrialinit functionality of peplink Surf SOHO HW1 v6.3.5 ...

8.8CVSS8.3AI score0.05913EPSS
Exploits1
Talos
Talos
added 2023/09/05 12:0 a.m.25 views

Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1774 Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability September 5, 2023 CVE Number CVE-2023-32271 SUMMARY An information disclosure vulnerability exists in the OAS Engine configuration management...

6.5CVSS6.5AI score0.00871EPSS
Exploits1
Talos
Talos
added 2023/07/21 12:0 a.m.25 views

Open Babel PQS format coord_file out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1671 Open Babel PQS format coordfile out-of-bounds write vulnerability July 21, 2023 CVE Number CVE-2022-43467 SUMMARY An out-of-bounds write vulnerability exists in the PQS format coordfile functionality of Open Babel 3.1.1 and master commit 530dbfa3. A...

9.8CVSS9.1AI score0.00843EPSS
Exploits1
Talos
Talos
added 2023/07/13 12:0 a.m.25 views

Apple DCERPC presentation result list out of bounds memory access

Talos Vulnerability Report TALOS-2022-1659 Apple DCERPC presentation result list out of bounds memory access July 13, 2023 CVE Number CVE-2023-23539 SUMMARY An out of bounds memory access vulnerability exists in the processing of packets containing presentation result lists in DCERPC library as...

7.8CVSS8.1AI score0.00393EPSS
Exploits0
Talos
Talos
added 2022/12/07 12:0 a.m.25 views

PowerISO VHD File Format parsing CXSPARSE record memory corruption vulnerability

Talos Vulnerability Report TALOS-2022-1644 PowerISO VHD File Format parsing CXSPARSE record memory corruption vulnerability December 7, 2022 CVE Number CVE-2022-41992 SUMMARY A memory corruption vulnerability exists in the VHD File Format parsing CXSPARSE record functionality of PowerISO PowerISO...

7.8CVSS7.8AI score0.00469EPSS
Exploits1
Talos
Talos
added 2021/09/14 12:0 a.m.25 views

Microsoft Azure Sphere Security Monitor SMSyscallPeripheralAcquire information disclosure vulnerability

Talos Vulnerability Report TALOS-2021-1309 Microsoft Azure Sphere Security Monitor SMSyscallPeripheralAcquire information disclosure vulnerability September 14, 2021 CVE Number None SUMMARY An information disclosure vulnerability exists in the Security Monitor SMSyscallPeripheralAcquire...

7.7AI score
Exploits0
Talos
Talos
added 2021/04/13 12:0 a.m.25 views

Microsoft Azure Sphere Kernel pwm_ioctl_apply_state kfree() code execution vulnerability

Summary A code execution vulnerability exists in the kernel pwmioctlapplystate functionality of Microsoft Azure Sphere 21.01. A specially crafted ioctl can lead to arbitrary kfree. An attacker can issue an ioctl to trigger this vulnerability. Tested Versions Microsoft Azure Sphere 21.01 Product...

8.1CVSS8.2AI score0.0048EPSS
Exploits0
Talos
Talos
added 2021/02/24 12:0 a.m.25 views

Slic3r libslic3r Obj File TriangleMesh::TriangleMesh() out-of-bounds read vulnerability

Summary An out-of-bounds read vulnerability exists in the Obj File TriangleMesh::TriangleMesh functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted obj file could lead to information disclosure. An attacker can provide a malicious file to trigger this...

8.6CVSS6.5AI score0.01342EPSS
Exploits1
Talos
Talos
added 2019/01/02 12:0 a.m.25 views

Clean My Mac X securelyRemoveItemAtPath privilege escalation vulnerability

Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...

7.1CVSS5.9AI score0.00309EPSS
Exploits0
Talos
Talos
added 2017/10/31 12:0 a.m.25 views

Circle with Disney check_circleservers Code Execution Vulnerability

Summary An exploitable vulnerability exists in the servers update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to overwrite sensitive files, resulting in code execution. An attacker needs to impersonate a remote server in order...

9CVSS8.5AI score0.02024EPSS
Exploits2
Talos
Talos
added 2017/06/19 12:0 a.m.25 views

Foscam IP Video Camera CGIProxy.fcgi Gateway Address Configuration Command Injection Vulnerability

Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...

8.8CVSS9.1AI score0.04527EPSS
Exploits1
Talos
Talos
added 2016/07/19 12:0 a.m.25 views

Oracle OIT libim_gem2 Gem_Text Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0162 Oracle OIT libimgem2 GemText Code Execution Vulnerability July 19, 2016 CVE Number CVE-2016-3595 Description An integer overflow vulnerability exists in file parsing code of Oracle Outside In Technology libimgem2 library. A specially crafted Gem file can...

9CVSS8.8AI score0.0393EPSS
Exploits1
Talos
Talos
added 2016/06/21 12:0 a.m.25 views

Pidgin MXIT g_snprintf Multiple Buffer Overflow Vulnerabilities

Talos Vulnerability Report TALOS-2016-0136 Pidgin MXIT gsnprintf Multiple Buffer Overflow Vulnerabilities June 21, 2016 CVE Number CVE-2016-2368 DESCRIPTION Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the...

8.1CVSS7.6AI score0.04554EPSS
Exploits1
Talos
Talos
added 2025/06/16 12:0 a.m.24 views

Asus Armoury Crate AsIO3.sys authorization bypass vulnerability

Talos Vulnerability Report TALOS-2025-2150 Asus Armoury Crate AsIO3.sys authorization bypass vulnerability June 16, 2025 CVE Number CVE-2025-3464 SUMMARY An authorization bypass vulnerability exists in the AsIO3.sys functionality of Asus Armoury Crate 5.9.13.0. A specially crafted hard link can...

8.4CVSS8.2AI score0.0052EPSS
Exploits0
Talos
Talos
added 2024/07/08 12:0 a.m.24 views

Realtek rtl819x Jungle SDK boa formUpload firmware update vulnerability

Talos Vulnerability Report TALOS-2023-1874 Realtek rtl819x Jungle SDK boa formUpload firmware update vulnerability July 8, 2024 CVE Number CVE-2023-34435 SUMMARY A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted...

7.2CVSS7.2AI score0.00471EPSS
Exploits0
Talos
Talos
added 2024/05/28 12:0 a.m.24 views

libigl readOFF stack-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1784 libigl readOFF stack-based buffer overflow vulnerabilities May 28, 2024 CVE Number CVE-2023-35950,CVE-2023-35953,CVE-2023-35952,CVE-2023-35951,CVE-2023-35949 SUMMARY Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp...

7.8CVSS8.5AI score0.00495EPSS
Exploits5
Talos
Talos
added 2024/04/17 12:0 a.m.24 views

Peplink Smart Reader web interface /cgi-bin/download_config.cgi information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1865 Peplink Smart Reader web interface /cgi-bin/downloadconfig.cgi information disclosure vulnerability April 17, 2024 CVE Number CVE-2023-45209 SUMMARY An information disclosure vulnerability exists in the web interface /cgi-bin/downloadconfig.cgi...

9.8CVSS6.3AI score0.37678EPSS
Exploits5
Talos
Talos
added 2024/02/15 12:0 a.m.24 views

Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2023-1908 Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20747 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.20380. ...

5.5CVSS6.5AI score0.02385EPSS
Exploits0
Talos
Talos
added 2024/01/08 12:0 a.m.24 views

GTKWave VZT vzt_rd_block_vch_decode times parsing integer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1814 GTKWave VZT vztrdblockvchdecode times parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-38651,CVE-2023-38650 SUMMARY Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode times parsing functionality of...

7.8CVSS7.6AI score0.00375EPSS
Exploits2
Talos
Talos
added 2024/01/08 12:0 a.m.24 views

GTKWave VZT LZMA_Read dmem extraction out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1810 GTKWave VZT LZMARead dmem extraction out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-37282 SUMMARY An out-of-bounds write vulnerability exists in the VZT LZMARead dmem extraction functionality of GTKWave 3.3.115. A specially crafted...

7.8CVSS7.8AI score0.00436EPSS
Exploits1
Talos
Talos
added 2023/07/19 12:0 a.m.24 views

Foxit Reader Field OnBlur event use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1757 Foxit Reader Field OnBlur event use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-33866 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting...

8.8CVSS9AI score0.00898EPSS
Exploits1
Talos
Talos
added 2023/04/20 12:0 a.m.24 views

Slic3r libslic3r TriangleMesh clone heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2022-1593 Slic3r libslic3r TriangleMesh clone heap-based buffer overflow vulnerability April 20, 2023 CVE Number CVE-2022-36788 SUMMARY A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master...

8.1CVSS8.1AI score0.00617EPSS
Exploits1
Talos
Talos
added 2023/04/05 12:0 a.m.24 views

JustSystems Corporation Ichitaro Frame stream parser invalid free vulnerability

Talos Vulnerability Report TALOS-2022-1687 JustSystems Corporation Ichitaro Frame stream parser invalid free vulnerability April 5, 2023 CVE Number CVE-2023-22291 SUMMARY An invalid free vulnerability exists in the Frame stream parser functionality of Ichitaro 2022 1.0.1.57600. A specially crafte...

7.8CVSS7.3AI score0.00452EPSS
Exploits1
Talos
Talos
added 2023/04/05 12:0 a.m.24 views

JustSystems Corporation Ichitaro "LayoutBox" stream heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1722 JustSystems Corporation Ichitaro "LayoutBox" stream heap-based buffer overflow vulnerability April 5, 2023 CVE Number CVE-2023-22660 SUMMARY A heap-based buffer overflow vulnerability exists in the way Ichitaro version 2022 1.0.1.57600 processes certain...

7.8CVSS7.7AI score0.00537EPSS
Exploits1
Talos
Talos
added 2023/03/30 12:0 a.m.24 views

OpenImageIO Project OpenImageIO TGAInput::decode_pixel() out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2023-1708 OpenImageIO Project OpenImageIO TGAInput::decodepixel out-of-bounds read vulnerability March 30, 2023 CVE Number CVE-2023-22845 SUMMARY An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImage...

7.5CVSS7.3AI score0.00943EPSS
Exploits1
Talos
Talos
added 2023/02/02 12:0 a.m.24 views

Moxa SDS-3008 Series Industrial Ethernet Switch web application cleartext transmission vulnerability

Talos Vulnerability Report TALOS-2022-1616 Moxa SDS-3008 Series Industrial Ethernet Switch web application cleartext transmission vulnerability February 2, 2023 CVE Number CVE-2022-40693 SUMMARY A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008...

7.5CVSS6.4AI score0.00646EPSS
Exploits1
Talos
Talos
added 2022/05/10 12:0 a.m.24 views

InHand Networks InRouter302 httpd parse_ping_result API buffer overflow vulnerability

Summary A buffer overflow vulnerability exists in the httpd parsepingresult API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions InHand Networ...

8.2CVSS7.3AI score0.01256EPSS
Exploits1
Talos
Talos
added 2021/08/10 12:0 a.m.24 views

Microsoft Azure Sphere Security Monitor SMSyscallWriteBlockToStageImage information disclosure vulnerability

Talos Vulnerability Report TALOS-2021-1310 Microsoft Azure Sphere Security Monitor SMSyscallWriteBlockToStageImage information disclosure vulnerability August 10, 2021 CVE Number None SUMMARY An information disclosure vulnerability exists in the Security Monitor SMSyscallWriteBlockToStageImage...

6.4AI score
Exploits0
Talos
Talos
added 2018/12/10 12:0 a.m.24 views

Facebook WhatsApp Desktop Multiple Web Connection Notice Bypass Vulnerability

Summary An exploitable notice bypass vulnerability exists in the multiple web connections functionality of Facebook WhatsApp Desktop version 0.2.9739. This functionality allows a user to choose what to do when multiple desktop sessions are initiated using WhatsApp Desktop. By stealing the session...

7AI score
Exploits0
Talos
Talos
added 2025/01/14 12:0 a.m.23 views

Wavlink AC3000 openvpn.cgi openvpn_client_setup() Configuration Control Vulnerability

Talos Vulnerability Report TALOS-2024-2051 Wavlink AC3000 openvpn.cgi openvpnclientsetup Configuration Control Vulnerability January 14, 2025 CVE Number CVE-2024-38666 SUMMARY An external config control vulnerability exists in the openvpn.cgi openvpnclientsetup functionality of Wavlink AC3000...

9.1CVSS7.3AI score0.18881EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.23 views

Wavlink AC3000 adm.cgi sch_reboot() OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2024-2033 Wavlink AC3000 adm.cgi schreboot OS command injection vulnerabilities January 14, 2025 CVE Number CVE-2024-39781,CVE-2024-39783,CVE-2024-39782 SUMMARY Multiple OS command injection vulnerabilities exist in the adm.cgi schreboot functionality of Wavlink...

9.1CVSS9.8AI score0.04469EPSS
Exploits3
Talos
Talos
added 2025/01/13 12:0 a.m.23 views

OFFIS DCMTK nowindow improper array index validation vulnerability

Talos Vulnerability Report TALOS-2024-2122 OFFIS DCMTK nowindow improper array index validation vulnerability January 13, 2025 CVE Number CVE-2024-47796 SUMMARY An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM fi...

8.4CVSS8.9AI score0.0061EPSS
Exploits1
Talos
Talos
added 2024/10/30 12:0 a.m.23 views

LevelOne WBR-6012 Web Application information disclosure vulnerability

Talos Vulnerability Report TALOS-2024-1985 LevelOne WBR-6012 Web Application information disclosure vulnerability October 30, 2024 CVE Number CVE-2024-33603 SUMMARY The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users ...

5.3CVSS5.2AI score0.08785EPSS
Exploits1
Talos
Talos
added 2024/10/30 12:0 a.m.23 views

LevelOne WBR-6012 Web Application cross-site request forgery (CSRF) vulnerability

Talos Vulnerability Report TALOS-2024-1981 LevelOne WBR-6012 Web Application cross-site request forgery CSRF vulnerability October 30, 2024 CVE Number CVE-2024-24777 SUMMARY A cross-site request forgery CSRF vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e...

8.8CVSS9.2AI score0.07028EPSS
Exploits1
Talos
Talos
added 2024/10/30 12:0 a.m.23 views

LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability

Talos Vulnerability Report TALOS-2024-1983 LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability October 30, 2024 CVE Number CVE-2024-32946 SUMMARY A vulnerability in the LevelOne WBR-6012 router’s firmware version R0.40e6 allows sensitive information to be transmitted in cleartext v...

5.9CVSS6.7AI score0.00282EPSS
Exploits0
Talos
Talos
added 2024/09/12 12:0 a.m.23 views

Microsoft High Definition Audio Bus Driver HDAudBus_DMA multiple irp complete requests vulnerability

Talos Vulnerability Report TALOS-2024-2008 Microsoft High Definition Audio Bus Driver HDAudBusDMA multiple irp complete requests vulnerability September 12, 2024 CVE Number CVE-2024-45383 SUMMARY A mishandling of IRP requests vulnerability exists in the HDAudBusDMA interface of Microsoft High...

5CVSS5.8AI score0.01545EPSS
Exploits1
Talos
Talos
added 2024/08/13 12:0 a.m.23 views

Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2024-2003 Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability August 13, 2024 CVE Number CVE-2024-41835 SUMMARY An out-of-bounds read vulnerability exists in CoolType, a font processing framework used by Adobe Acrobat Reader...

5.5CVSS6.2AI score0.02047EPSS
Exploits0
Talos
Talos
added 2024/07/22 12:0 a.m.23 views

Ankitects Anki LaTeX Blocklist Bypass vulnerability

Talos Vulnerability Report TALOS-2024-1994 Ankitects Anki LaTeX Blocklist Bypass vulnerability July 22, 2024 CVE Number CVE-2024-32152 SUMMARY A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can lead to an arbitra...

4.3CVSS4.9AI score0.12111EPSS
Exploits1
Talos
Talos
added 2024/05/28 12:0 a.m.23 views

Foxit Reader Updater improper certificate validation privilege escalation vulnerability

Talos Vulnerability Report TALOS-2024-1989 Foxit Reader Updater improper certificate validation privilege escalation vulnerability May 28, 2024 CVE Number CVE-2024-29072 SUMMARY A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to imprope...

8.2CVSS8.3AI score0.00464EPSS
Exploits1
Talos
Talos
added 2024/02/15 12:0 a.m.23 views

Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2023-1909 Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20748 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.20380. A...

5.5CVSS6.5AI score0.02336EPSS
Exploits0
Talos
Talos
added 2024/01/08 12:0 a.m.23 views

GTKWave VCD sorted bsearch arbitrary write vulnerabilities

Talos Vulnerability Report TALOS-2023-1807 GTKWave VCD sorted bsearch arbitrary write vulnerabilities January 8, 2024 CVE Number CVE-2023-37921,CVE-2023-37923,CVE-2023-37922 SUMMARY Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A...

7.8CVSS8AI score0.00432EPSS
Exploits3
Talos
Talos
added 2024/01/08 12:0 a.m.23 views

GTKWave FST fstReaderIterBlocks2 time_table tsec_nitems integer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1792 GTKWave FST fstReaderIterBlocks2 timetable tsecnitems integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35128 SUMMARY An integer overflow vulnerability exists in the fstReaderIterBlocks2 timetable tsecnitems functionality of GTKWave...

7.8CVSS7.6AI score0.0038EPSS
Exploits1
Talos
Talos
added 2023/10/11 12:0 a.m.23 views

Yifan YF325 httpd nvram.cgi authentication bypass vulnerability

Talos Vulnerability Report TALOS-2023-1762 Yifan YF325 httpd nvram.cgi authentication bypass vulnerability October 11, 2023 CVE Number CVE-2023-24479 SUMMARY An authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325 v1.020221108. A specially crafted network...

9.8CVSS9.7AI score0.01711EPSS
Exploits0
Total number of security vulnerabilities2224