2224 matches found
GNOME Project G Structured File Library (libgsf) Compound Document Binary File Directory integer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2068 GNOME Project G Structured File Library libgsf Compound Document Binary File Directory integer overflow vulnerability October 3, 2024 CVE Number CVE-2024-36474 SUMMARY An integer overflow vulnerability exists in the Compound Document Binary File format...
libigl PlyFile ply_cast_ascii out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1879 libigl PlyFile plycastascii out-of-bounds write vulnerability May 28, 2024 CVE Number CVE-2023-49600 SUMMARY An out-of-bounds write vulnerability exists in the PlyFile plycastascii functionality of libigl v2.5.0. A specially crafted .ply file can lead to...
WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability
Talos Vulnerability Report TALOS-2023-1869 WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability January 10, 2024 CVE Number CVE-2023-47171 SUMMARY An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN...
GTKWave VZT longest_len value allocation integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1816 GTKWave VZT longestlen value allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35004 SUMMARY An integer overflow vulnerability exists in the VZT longestlen value allocation functionality of GTKWave 3.3.115. A specially crafted...
GTKWave VZT LZMA_read_varint out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1811 GTKWave VZT LZMAreadvarint out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-36861 SUMMARY An out-of-bounds write vulnerability exists in the VZT LZMAreadvarint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead ...
GTKWave LXT2 num_dict_entries integer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1820 GTKWave LXT2 numdictentries integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-39316,CVE-2023-39317 SUMMARY Multiple integer overflow vulnerabilities exist in the LXT2 numdictentries functionality of GTKWave 3.3.115. A specially crafted...
SoftEther VPN CtEnumCa() information disclosure vulnerability
Talos Vulnerability Report TALOS-2023-1753 SoftEther VPN CtEnumCa information disclosure vulnerability October 12, 2023 CVE Number CVE-2023-32275 SUMMARY An information disclosure vulnerability exists in the CtEnumCa functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted...
peplink Surf SOHO HW1 admin.cgi MVPN_trial_init OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1779 peplink Surf SOHO HW1 admin.cgi MVPNtrialinit OS command injection vulnerability October 11, 2023 CVE Number CVE-2023-28381 SUMMARY An OS command injection vulnerability exists in the admin.cgi MVPNtrialinit functionality of peplink Surf SOHO HW1 v6.3.5 ...
Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability
Talos Vulnerability Report TALOS-2023-1774 Open Automation Software OAS Platform OAS Engine configuration management information disclosure vulnerability September 5, 2023 CVE Number CVE-2023-32271 SUMMARY An information disclosure vulnerability exists in the OAS Engine configuration management...
Open Babel PQS format coord_file out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2022-1671 Open Babel PQS format coordfile out-of-bounds write vulnerability July 21, 2023 CVE Number CVE-2022-43467 SUMMARY An out-of-bounds write vulnerability exists in the PQS format coordfile functionality of Open Babel 3.1.1 and master commit 530dbfa3. A...
Apple DCERPC presentation result list out of bounds memory access
Talos Vulnerability Report TALOS-2022-1659 Apple DCERPC presentation result list out of bounds memory access July 13, 2023 CVE Number CVE-2023-23539 SUMMARY An out of bounds memory access vulnerability exists in the processing of packets containing presentation result lists in DCERPC library as...
PowerISO VHD File Format parsing CXSPARSE record memory corruption vulnerability
Talos Vulnerability Report TALOS-2022-1644 PowerISO VHD File Format parsing CXSPARSE record memory corruption vulnerability December 7, 2022 CVE Number CVE-2022-41992 SUMMARY A memory corruption vulnerability exists in the VHD File Format parsing CXSPARSE record functionality of PowerISO PowerISO...
Microsoft Azure Sphere Security Monitor SMSyscallPeripheralAcquire information disclosure vulnerability
Talos Vulnerability Report TALOS-2021-1309 Microsoft Azure Sphere Security Monitor SMSyscallPeripheralAcquire information disclosure vulnerability September 14, 2021 CVE Number None SUMMARY An information disclosure vulnerability exists in the Security Monitor SMSyscallPeripheralAcquire...
Microsoft Azure Sphere Kernel pwm_ioctl_apply_state kfree() code execution vulnerability
Summary A code execution vulnerability exists in the kernel pwmioctlapplystate functionality of Microsoft Azure Sphere 21.01. A specially crafted ioctl can lead to arbitrary kfree. An attacker can issue an ioctl to trigger this vulnerability. Tested Versions Microsoft Azure Sphere 21.01 Product...
Slic3r libslic3r Obj File TriangleMesh::TriangleMesh() out-of-bounds read vulnerability
Summary An out-of-bounds read vulnerability exists in the Obj File TriangleMesh::TriangleMesh functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted obj file could lead to information disclosure. An attacker can provide a malicious file to trigger this...
Clean My Mac X securelyRemoveItemAtPath privilege escalation vulnerability
Summary An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. Tested Versions Clean My Mac X 4.04 Product...
Circle with Disney check_circleservers Code Execution Vulnerability
Summary An exploitable vulnerability exists in the servers update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets can cause the device to overwrite sensitive files, resulting in code execution. An attacker needs to impersonate a remote server in order...
Foscam IP Video Camera CGIProxy.fcgi Gateway Address Configuration Command Injection Vulnerability
Summary An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can allow for a user to inject arbitrary shell characters during manual network configurati...
Oracle OIT libim_gem2 Gem_Text Code Execution Vulnerability
Talos Vulnerability Report TALOS-2016-0162 Oracle OIT libimgem2 GemText Code Execution Vulnerability July 19, 2016 CVE Number CVE-2016-3595 Description An integer overflow vulnerability exists in file parsing code of Oracle Outside In Technology libimgem2 library. A specially crafted Gem file can...
Pidgin MXIT g_snprintf Multiple Buffer Overflow Vulnerabilities
Talos Vulnerability Report TALOS-2016-0136 Pidgin MXIT gsnprintf Multiple Buffer Overflow Vulnerabilities June 21, 2016 CVE Number CVE-2016-2368 DESCRIPTION Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the...
Asus Armoury Crate AsIO3.sys authorization bypass vulnerability
Talos Vulnerability Report TALOS-2025-2150 Asus Armoury Crate AsIO3.sys authorization bypass vulnerability June 16, 2025 CVE Number CVE-2025-3464 SUMMARY An authorization bypass vulnerability exists in the AsIO3.sys functionality of Asus Armoury Crate 5.9.13.0. A specially crafted hard link can...
Realtek rtl819x Jungle SDK boa formUpload firmware update vulnerability
Talos Vulnerability Report TALOS-2023-1874 Realtek rtl819x Jungle SDK boa formUpload firmware update vulnerability July 8, 2024 CVE Number CVE-2023-34435 SUMMARY A firmware update vulnerability exists in the boa formUpload functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted...
libigl readOFF stack-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1784 libigl readOFF stack-based buffer overflow vulnerabilities May 28, 2024 CVE Number CVE-2023-35950,CVE-2023-35953,CVE-2023-35952,CVE-2023-35951,CVE-2023-35949 SUMMARY Multiple stack-based buffer overflow vulnerabilities exist in the readOFF.cpp...
Peplink Smart Reader web interface /cgi-bin/download_config.cgi information disclosure vulnerability
Talos Vulnerability Report TALOS-2023-1865 Peplink Smart Reader web interface /cgi-bin/downloadconfig.cgi information disclosure vulnerability April 17, 2024 CVE Number CVE-2023-45209 SUMMARY An information disclosure vulnerability exists in the web interface /cgi-bin/downloadconfig.cgi...
Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1908 Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20747 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.20380. ...
GTKWave VZT vzt_rd_block_vch_decode times parsing integer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1814 GTKWave VZT vztrdblockvchdecode times parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-38651,CVE-2023-38650 SUMMARY Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode times parsing functionality of...
GTKWave VZT LZMA_Read dmem extraction out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1810 GTKWave VZT LZMARead dmem extraction out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-37282 SUMMARY An out-of-bounds write vulnerability exists in the VZT LZMARead dmem extraction functionality of GTKWave 3.3.115. A specially crafted...
Foxit Reader Field OnBlur event use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1757 Foxit Reader Field OnBlur event use-after-free vulnerability July 19, 2023 CVE Number CVE-2023-33866 SUMMARY A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 12.1.2.15332. By prematurely deleting...
Slic3r libslic3r TriangleMesh clone heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2022-1593 Slic3r libslic3r TriangleMesh clone heap-based buffer overflow vulnerability April 20, 2023 CVE Number CVE-2022-36788 SUMMARY A heap-based buffer overflow vulnerability exists in the TriangleMesh clone functionality of Slic3r libslic3r 1.3.0 and Master...
JustSystems Corporation Ichitaro Frame stream parser invalid free vulnerability
Talos Vulnerability Report TALOS-2022-1687 JustSystems Corporation Ichitaro Frame stream parser invalid free vulnerability April 5, 2023 CVE Number CVE-2023-22291 SUMMARY An invalid free vulnerability exists in the Frame stream parser functionality of Ichitaro 2022 1.0.1.57600. A specially crafte...
JustSystems Corporation Ichitaro "LayoutBox" stream heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1722 JustSystems Corporation Ichitaro "LayoutBox" stream heap-based buffer overflow vulnerability April 5, 2023 CVE Number CVE-2023-22660 SUMMARY A heap-based buffer overflow vulnerability exists in the way Ichitaro version 2022 1.0.1.57600 processes certain...
OpenImageIO Project OpenImageIO TGAInput::decode_pixel() out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1708 OpenImageIO Project OpenImageIO TGAInput::decodepixel out-of-bounds read vulnerability March 30, 2023 CVE Number CVE-2023-22845 SUMMARY An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImage...
Moxa SDS-3008 Series Industrial Ethernet Switch web application cleartext transmission vulnerability
Talos Vulnerability Report TALOS-2022-1616 Moxa SDS-3008 Series Industrial Ethernet Switch web application cleartext transmission vulnerability February 2, 2023 CVE Number CVE-2022-40693 SUMMARY A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008...
InHand Networks InRouter302 httpd parse_ping_result API buffer overflow vulnerability
Summary A buffer overflow vulnerability exists in the httpd parsepingresult API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. Tested Versions InHand Networ...
Microsoft Azure Sphere Security Monitor SMSyscallWriteBlockToStageImage information disclosure vulnerability
Talos Vulnerability Report TALOS-2021-1310 Microsoft Azure Sphere Security Monitor SMSyscallWriteBlockToStageImage information disclosure vulnerability August 10, 2021 CVE Number None SUMMARY An information disclosure vulnerability exists in the Security Monitor SMSyscallWriteBlockToStageImage...
Facebook WhatsApp Desktop Multiple Web Connection Notice Bypass Vulnerability
Summary An exploitable notice bypass vulnerability exists in the multiple web connections functionality of Facebook WhatsApp Desktop version 0.2.9739. This functionality allows a user to choose what to do when multiple desktop sessions are initiated using WhatsApp Desktop. By stealing the session...
Wavlink AC3000 openvpn.cgi openvpn_client_setup() Configuration Control Vulnerability
Talos Vulnerability Report TALOS-2024-2051 Wavlink AC3000 openvpn.cgi openvpnclientsetup Configuration Control Vulnerability January 14, 2025 CVE Number CVE-2024-38666 SUMMARY An external config control vulnerability exists in the openvpn.cgi openvpnclientsetup functionality of Wavlink AC3000...
Wavlink AC3000 adm.cgi sch_reboot() OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2024-2033 Wavlink AC3000 adm.cgi schreboot OS command injection vulnerabilities January 14, 2025 CVE Number CVE-2024-39781,CVE-2024-39783,CVE-2024-39782 SUMMARY Multiple OS command injection vulnerabilities exist in the adm.cgi schreboot functionality of Wavlink...
OFFIS DCMTK nowindow improper array index validation vulnerability
Talos Vulnerability Report TALOS-2024-2122 OFFIS DCMTK nowindow improper array index validation vulnerability January 13, 2025 CVE Number CVE-2024-47796 SUMMARY An improper array index validation vulnerability exists in the nowindow functionality of OFFIS DCMTK 3.6.8. A specially crafted DICOM fi...
LevelOne WBR-6012 Web Application information disclosure vulnerability
Talos Vulnerability Report TALOS-2024-1985 LevelOne WBR-6012 Web Application information disclosure vulnerability October 30, 2024 CVE Number CVE-2024-33603 SUMMARY The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users ...
LevelOne WBR-6012 Web Application cross-site request forgery (CSRF) vulnerability
Talos Vulnerability Report TALOS-2024-1981 LevelOne WBR-6012 Web Application cross-site request forgery CSRF vulnerability October 30, 2024 CVE Number CVE-2024-24777 SUMMARY A cross-site request forgery CSRF vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e...
LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability
Talos Vulnerability Report TALOS-2024-1983 LevelOne WBR-6012 Web and FTP cleartext transmission vulnerability October 30, 2024 CVE Number CVE-2024-32946 SUMMARY A vulnerability in the LevelOne WBR-6012 router’s firmware version R0.40e6 allows sensitive information to be transmitted in cleartext v...
Microsoft High Definition Audio Bus Driver HDAudBus_DMA multiple irp complete requests vulnerability
Talos Vulnerability Report TALOS-2024-2008 Microsoft High Definition Audio Bus Driver HDAudBusDMA multiple irp complete requests vulnerability September 12, 2024 CVE Number CVE-2024-45383 SUMMARY A mishandling of IRP requests vulnerability exists in the HDAudBusDMA interface of Microsoft High...
Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2024-2003 Adobe Acrobat Reader Font Packed Point Numbers Out-Of-Bounds Read Vulnerability August 13, 2024 CVE Number CVE-2024-41835 SUMMARY An out-of-bounds read vulnerability exists in CoolType, a font processing framework used by Adobe Acrobat Reader...
Ankitects Anki LaTeX Blocklist Bypass vulnerability
Talos Vulnerability Report TALOS-2024-1994 Ankitects Anki LaTeX Blocklist Bypass vulnerability July 22, 2024 CVE Number CVE-2024-32152 SUMMARY A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can lead to an arbitra...
Foxit Reader Updater improper certificate validation privilege escalation vulnerability
Talos Vulnerability Report TALOS-2024-1989 Foxit Reader Updater improper certificate validation privilege escalation vulnerability May 28, 2024 CVE Number CVE-2024-29072 SUMMARY A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to imprope...
Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1909 Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20748 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.20380. A...
GTKWave VCD sorted bsearch arbitrary write vulnerabilities
Talos Vulnerability Report TALOS-2023-1807 GTKWave VCD sorted bsearch arbitrary write vulnerabilities January 8, 2024 CVE Number CVE-2023-37921,CVE-2023-37923,CVE-2023-37922 SUMMARY Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A...
GTKWave FST fstReaderIterBlocks2 time_table tsec_nitems integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1792 GTKWave FST fstReaderIterBlocks2 timetable tsecnitems integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35128 SUMMARY An integer overflow vulnerability exists in the fstReaderIterBlocks2 timetable tsecnitems functionality of GTKWave...
Yifan YF325 httpd nvram.cgi authentication bypass vulnerability
Talos Vulnerability Report TALOS-2023-1762 Yifan YF325 httpd nvram.cgi authentication bypass vulnerability October 11, 2023 CVE Number CVE-2023-24479 SUMMARY An authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325 v1.020221108. A specially crafted network...