Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2025/01/14 12:0 a.m.19 views

Wavlink AC3000 nas.cgi add_dir() Directory Traversal Vulnerabilities

Talos Vulnerability Report TALOS-2024-2057 Wavlink AC3000 nas.cgi adddir Directory Traversal Vulnerabilities January 14, 2025 CVE Number CVE-2024-39786,CVE-2024-39787 SUMMARY Multiple directory traversal vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.21050...

9.1CVSS7.3AI score0.0243EPSS
Exploits2
Talos
Talos
added 2024/10/23 12:0 a.m.19 views

NVIDIA D3D10 Driver Shader Functionality SAMPLE out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1955 NVIDIA D3D10 Driver Shader Functionality SAMPLE out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0121 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality SAMPLE instruction of NVIDIA D3D10 Driver NVIDIA D3D...

7.8CVSS7AI score0.00415EPSS
Exploits0
Talos
Talos
added 2024/07/08 12:0 a.m.19 views

LevelOne WBR-6013 telnetd hard-coded password vulnerability

Talos Vulnerability Report TALOS-2023-1871 LevelOne WBR-6013 telnetd hard-coded password vulnerability July 8, 2024 CVE Number CVE-2023-46685 SUMMARY A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013 RER4Av3411b2T2RLEV09170623. A set of specially crafted...

9.8CVSS9.7AI score0.01003EPSS
Exploits0
Talos
Talos
added 2024/01/10 12:0 a.m.19 views

WWBN AVideo image404Raw.php information disclosure vulnerability

Talos Vulnerability Report TALOS-2023-1881 WWBN AVideo image404Raw.php information disclosure vulnerability January 10, 2024 CVE Number CVE-2023-49738 SUMMARY An information disclosure vulnerability exists in the image404Raw.php functionality of WWBN AVideo dev master commit 15fed957fb. A special...

7.5CVSS7.5AI score0.01318EPSS
Exploits1
Talos
Talos
added 2024/01/10 12:0 a.m.19 views

WWBN AVideo userRecoverPass.php captcha validation recovery notification bypass vulnerability

Talos Vulnerability Report TALOS-2023-1897 WWBN AVideo userRecoverPass.php captcha validation recovery notification bypass vulnerability January 10, 2024 CVE Number CVE-2023-50172 SUMMARY A recovery notification bypass vulnerability exists in the userRecoverPass.php captcha validation functionali...

5.3CVSS5.7AI score0.00829EPSS
Exploits1
Talos
Talos
added 2023/07/13 12:0 a.m.19 views

Apple DCERPC allocation hint uninitialized memory disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1675 Apple DCERPC allocation hint uninitialized memory disclosure vulnerability July 13, 2023 CVE Number None SUMMARY An information disclosure vulnerability exists in the call fault reporting functionality of DCERPC library as used in Apple macOS 12.6.1 that...

6.8AI score
Exploits0
Talos
Talos
added 2025/03/12 12:0 a.m.18 views

Adobe Acrobat Reader Font numGlyphs Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2136 Adobe Acrobat Reader Font numGlyphs Out-Of-Bounds Read Vulnerability March 12, 2025 CVE Number CVE-2025-27164 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2024.005.20320. A specially crafted font fi...

5.5CVSS6.6AI score0.00399EPSS
Exploits0
Talos
Talos
added 2025/01/15 12:0 a.m.18 views

Observium mapname cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2024-2092 Observium mapname cross-site scripting XSS vulnerability January 15, 2025 CVE Number CVE-2024-45061 SUMMARY A cross-site scripting xss vulnerability exists in the weather map editor functionality of Observium CE 24.4.13528. A specially crafted HTTP reque...

8.7CVSS6.1AI score0.01095EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.18 views

Wavlink AC3000 qos.cgi qos_sta_settings() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2048 Wavlink AC3000 qos.cgi qosstasettings buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39299 SUMMARY A buffer overflow vulnerability exists in the qos.cgi qosstasettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially...

9.1CVSS7.7AI score0.01482EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.18 views

Wavlink AC3000 update_filter_url.sh argument injection vulnerability

Talos Vulnerability Report TALOS-2024-2038 Wavlink AC3000 updatefilterurl.sh argument injection vulnerability January 14, 2025 CVE Number CVE-2024-39604 SUMMARY A command execution vulnerability exists in the updatefilterurl.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially craft...

9CVSS7.1AI score0.01898EPSS
Exploits1
Talos
Talos
added 2024/10/30 12:0 a.m.18 views

LevelOne WBR-6012 Web Application denial of service vulnerability

Talos Vulnerability Report TALOS-2024-2001 LevelOne WBR-6012 Web Application denial of service vulnerability October 30, 2024 CVE Number CVE-2024-33623 SUMMARY A denial of service vulnerability exists in the Web Application functionality of LevelOne WBR-6012 R0.40e6. A specially crafted HTTP...

7.5CVSS5.4AI score0.11434EPSS
Exploits1
Talos
Talos
added 2024/10/23 12:0 a.m.18 views

NVIDIA D3D10 Driver Shader Functionality STORE_STRUCTURED instruction out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-2014 NVIDIA D3D10 Driver Shader Functionality STORESTRUCTURED instruction out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0120 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D10...

7.8CVSS7.6AI score0.00415EPSS
Exploits0
Talos
Talos
added 2024/10/23 12:0 a.m.18 views

NVIDIA D3D10 Driver Shader Functionality LD instruction out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-2012 NVIDIA D3D10 Driver Shader Functionality LD instruction out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0117 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D10 Driver 555.99,...

7.8CVSS7.3AI score0.00415EPSS
Exploits0
Talos
Talos
added 2024/10/02 12:0 a.m.18 views

Foxit Reader checkbox Calculate use-after-free vulnerability

Talos Vulnerability Report TALOS-2024-1967 Foxit Reader checkbox Calculate use-after-free vulnerability October 2, 2024 CVE Number CVE-2024-28888 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript co...

8.8CVSS8.1AI score0.0193EPSS
Exploits1
Talos
Talos
added 2023/10/19 12:0 a.m.18 views

JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser integer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1808 JustSystems Corporation Ichitaro 2023 HyperLinkFrame parser integer overflow vulnerability October 19, 2023 CVE Number CVE-2023-38127 SUMMARY An integer overflow exists in the “HyperLinkFrame” stream parser of Ichitaro 2023 1.0.1.59372. A specially craft...

7.8CVSS8AI score0.00647EPSS
Exploits1
Talos
Talos
added 2021/11/09 12:0 a.m.18 views

Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging 1BL firmware downgrade vulnerability

Summary A firmware downgrade vulnerability exists in the Security Monitor SMSyscallCommitImageStaging 1BL functionality of Microsoft Azure Sphere 21.01. A specially-crafted set of Secmon syscalls can lead to downgrading the version of the 1BL firmware. An attacker can use syscalls to trigger this...

7AI score
Exploits0
Talos
Talos
added 2025/09/24 12:0 a.m.17 views

NVIDIA cuobjdump DWARF debug abbreviations parsing arbitrary code execution vulnerability

Talos Vulnerability Report TALOS-2025-2155 NVIDIA cuobjdump DWARF debug abbreviations parsing arbitrary code execution vulnerability September 24, 2025 CVE Number CVE-2025-23339 SUMMARY An arbitrary code execution vulnerability exists in the DWARF parsing functionality of NVIDIA cuobjdump 12.8.55...

7.8CVSS8AI score0.00306EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.17 views

Wavlink AC3000 adm.cgi set_MeshAp() arbitrary code execution vulnerability

Talos Vulnerability Report TALOS-2024-2031 Wavlink AC3000 adm.cgi setMeshAp arbitrary code execution vulnerability January 14, 2025 CVE Number CVE-2024-39370 SUMMARY An arbitrary code execution vulnerability exists in the adm.cgi setMeshAp functionality of Wavlink AC3000 M33A8.V5030.210505. A...

9.1CVSS7.7AI score0.02143EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.17 views

Wavlink AC3000 adm.cgi set_ledonoff() OS command injection vulnerability

Talos Vulnerability Report TALOS-2024-2032 Wavlink AC3000 adm.cgi setledonoff OS command injection vulnerability January 14, 2025 CVE Number CVE-2024-37186 SUMMARY An os command injection vulnerability exists in the adm.cgi setledonoff functionality of Wavlink AC3000 M33A8.V5030.210505. A special...

9.1CVSS7.8AI score0.22827EPSS
Exploits1
Talos
Talos
added 2025/01/13 12:0 a.m.17 views

OFFIS DCMTK determineMinMax improper array index validation vulnerability

Talos Vulnerability Report TALOS-2024-2121 OFFIS DCMTK determineMinMax improper array index validation vulnerability January 13, 2025 CVE Number CVE-2024-52333 SUMMARY An improper array index validation vulnerability exists in the determineMinMax functionality of OFFIS DCMTK 3.6.8. A specially...

8.4CVSS7.8AI score0.0061EPSS
Exploits1
Talos
Talos
added 2024/10/23 12:0 a.m.17 views

NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-2015 NVIDIA D3D10 Driver Shader Functionality MOV instruction out-of-bounds read vulnerability October 23, 2024 CVE Number CVE-2024-0119 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D10 Driver 555.99...

7.8CVSS6.9AI score0.00415EPSS
Exploits0
Talos
Talos
added 2022/01/26 12:0 a.m.17 views

Reolink RLC-410W device TestEmail out-of-bounds write vulnerability

Summary An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted network request can lead to an out-of-bounds write. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions Reolink...

9.8CVSS9.7AI score0.01397EPSS
Exploits0
Talos
Talos
added 2021/11/09 12:0 a.m.17 views

Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging stage-without-manifest denial of service vulnerability

Summary A denial of service vulnerability exists in the Security Monitor SMSyscallCommitImageStaging stage-without-manifest functionality of Microsoft Azure Sphere 21.01. A specially crafted image package can lead to boot looping, requiring manual recovery. An attacker can flash a malicious image...

7AI score
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.16 views

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability

Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...

6.8CVSS6AI score0.00276EPSS
Exploits0
Talos
Talos
added 2026/03/18 12:0 a.m.16 views

Hangzhou Hikvision Digital Technology Co., Ltd. Face Recognition Modules SADP XML parsing stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2281 Hangzhou Hikvision Digital Technology Co., Ltd. Face Recognition Modules SADP XML parsing stack-based buffer overflow vulnerability March 18, 2026 CVE Number CVE-2025-66176 SUMMARY A stack-based buffer overflow vulnerability exists in the SADP XML parsin...

8.8CVSS7.9AI score0.00485EPSS
Exploits0
Talos
Talos
added 2025/06/03 12:0 a.m.16 views

Parallels Desktop prl_disp_service Snapshots SymLink Change Ownership Privilege Escalation

Talos Vulnerability Report TALOS-2024-2123 Parallels Desktop prldispservice Snapshots SymLink Change Ownership Privilege Escalation June 3, 2025 CVE Number CVE-2024-52561 SUMMARY A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1...

7.8CVSS7.3AI score0.00244EPSS
Exploits1
Talos
Talos
added 2025/01/15 12:0 a.m.16 views

Observium add_alert_check cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2024-2090 Observium addalertcheck cross-site scripting XSS vulnerability January 15, 2025 CVE Number CVE-2024-47140 SUMMARY A cross-site scripting xss vulnerability exists in the addalertcheck page of Observium CE 24.4.13528. A specially crafted HTTP request can...

8.7CVSS6AI score0.00693EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.16 views

Wavlink AC3000 touchlist_sync.cgi main() arbitrary code execution vulnerability

Talos Vulnerability Report TALOS-2024-1999 Wavlink AC3000 touchlistsync.cgi main arbitrary code execution vulnerability January 14, 2025 CVE Number CVE-2022-2488 SUMMARY An arbitrary code execution vulnerability exists in the touchlistsync.cgi main functionality of Wavlink AC3000...

9.8CVSS8AI score0.28724EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.16 views

Wavlink AC3000 wctrls static login vulnerability

Talos Vulnerability Report TALOS-2024-2034 Wavlink AC3000 wctrls static login vulnerability January 14, 2025 CVE Number CVE-2024-39754 SUMMARY A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead ...

10CVSS9.6AI score0.01257EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.16 views

Wavlink AC3000 adm.cgi set_TR069() command injection vulnerability

Talos Vulnerability Report TALOS-2024-2028 Wavlink AC3000 adm.cgi setTR069 command injection vulnerability January 14, 2025 CVE Number CVE-2024-21797 SUMMARY A command execution vulnerability exists in the adm.cgi setTR069 functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HT...

9.1CVSS7.9AI score0.20769EPSS
Exploits1
Talos
Talos
added 2024/10/30 12:0 a.m.16 views

LevelOne WBR-6012 FTP improper input validation vulnerability

Talos Vulnerability Report TALOS-2024-1998 LevelOne WBR-6012 FTP improper input validation vulnerability October 30, 2024 CVE Number CVE-2024-33700 SUMMARY The LevelOne WBR-6012 router firmware R0.40e6 suffers from an input validation vulnerability within its FTP functionality, enabling attackers...

7.5CVSS7.8AI score0.0083EPSS
Exploits1
Talos
Talos
added 2015/05/11 12:0 a.m.15 views

Pidgin libpurple MSN Message Parsing NULL Dereference Denial of Service Vulnerability

Talos Vulnerability Report VRT-2014-0201 Pidgin libpurple MSN Message Parsing NULL Dereference Denial of Service Vulnerability May 11, 2015 Description A exploitable denial of service vulnerability exists in Pidgin’s implem ntation of the MSN Messenger protocol in the libpurple library. An attack...

7.1AI score
Exploits0
Talos
Talos
added 2026/06/23 12:0 a.m.14 views

Google Chrome AddGenericPassword infomation overwrite vulnerability

Summary An infomation overwrite vulnerability exists in the AddGenericPassword functionality of Chrome 148.0.7778.216 Mac arm64. A keychain write from a same-user process can overwrite Chrome’s encryption key, leading to disclosure of sensitive information. An attacker can make a specially crafte...

5.9AI score
Exploits0
Talos
Talos
added 2026/04/27 12:0 a.m.14 views

OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability

Talos Vulnerability Report TALOS-2026-2381 OpenVPN TLS Crypt v2 Client Key Extraction denial of service vulnerability April 27, 2026 CVE Number CVE-2026-35058 SUMMARY A reachable assertion vulnerability exists in the TLS Crypt v2 Client Key Extraction functionality of OpenVPN 2.6.x and 2.8git. A...

7.5CVSS6.9AI score0.00815EPSS
Exploits0
Talos
Talos
added 2025/08/09 12:0 a.m.14 views

Dell ControlVault3 cv_close arbitrary free vulnerability

Talos Vulnerability Report TALOS-2024-2129 Dell ControlVault3 cvclose arbitrary free vulnerability August 9, 2025 CVE Number CVE-2025-25215 SUMMARY An arbitrary free vulnerability exists in the cvclose functionality of Dell ControlVault3 5.14.3.0. A specially crafted ControlVault API call can lea...

8.8CVSS7.8AI score0.01768EPSS
Exploits0
Talos
Talos
added 2025/04/02 12:0 a.m.14 views

STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server single PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2103 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server single PUT request integer underflow vulnerability April 2, 2025 CVE Number CVE-2024-50596,CVE-2024-50597 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of...

7.5CVSS7.3AI score0.00707EPSS
Exploits2
Talos
Talos
added 2025/01/14 12:0 a.m.14 views

Wavlink AC3000 login.cgi set_sys_init() command injection vulnerabilities

Talos Vulnerability Report TALOS-2024-2018 Wavlink AC3000 login.cgi setsysinit command injection vulnerabilities January 14, 2025 CVE Number CVE-2024-39759,CVE-2024-39761,CVE-2024-39760 SUMMARY Multiple OS command injection vulnerabilities exist in the login.cgi setsysinit functionality of Wavlin...

10CVSS10AI score0.17378EPSS
Exploits3
Talos
Talos
added 2025/01/14 12:0 a.m.15 views

Wavlink AC3000 qos.cgi qos_settings() buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2024-2049 Wavlink AC3000 qos.cgi qossettings buffer overflow vulnerabilities January 14, 2025 CVE Number CVE-2024-39803,CVE-2024-39801,CVE-2024-39802 SUMMARY Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000...

9.1CVSS7.8AI score0.01289EPSS
Exploits3
Talos
Talos
added 2024/10/23 12:0 a.m.14 views

NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration

Talos Vulnerability Report TALOS-2024-2013 NVIDIA D3D10 Driver Shader Functionality out-of-bounds read vulnerability due to excessive loop iteration October 23, 2024 CVE Number CVE-2024-0118 SUMMARY An out-of-bounds read vulnerability exists in the Shader Functionality functionality of NVIDIA D3D...

7.8CVSS6.8AI score0.00415EPSS
Exploits0
Talos
Talos
added 2024/08/19 12:0 a.m.14 views

Microsoft Teams (work or school) for macOS library injection vulnerability

Talos Vulnerability Report TALOS-2024-1973 Microsoft Teams work or school for macOS library injection vulnerability August 19, 2024 CVE Number CVE-2024-42004 SUMMARY A library injection vulnerability exists in Microsoft Teams work or school 24046.2813.2770.1094 for macOS. A specially crafted...

9.8CVSS6.9AI score0.00789EPSS
Exploits1
Talos
Talos
added 2016/07/19 12:0 a.m.14 views

Oracle OIT ImageExport libvs_bmp BMP BI_RLE8 Width Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0160 Oracle OIT ImageExport libvsbmp BMP BIRLE8 Width Code Execution Vulnerability July 19, 2016 Description A vulnerability in libvseshr can lead to remote code execution while parsing a specially crafted Word document containing a reference to Escher drawin...

8.2AI score
Exploits0
Talos
Talos
added 2026/02/18 12:0 a.m.13 views

OpenCFD OpenFOAM Code Stream directive arbitrary code execution vulnerability

Talos Vulnerability Report TALOS-2025-2292 OpenCFD OpenFOAM Code Stream directive arbitrary code execution vulnerability February 18, 2026 CVE Number CVE-2025-61982 SUMMARY An arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A...

7.8CVSS6.6AI score0.0015EPSS
Exploits0
Talos
Talos
added 2025/12/01 12:0 a.m.13 views

Socomec DIRIS Digiware M-70 Modbus TCP reboot denial of service vulnerability

Talos Vulnerability Report TALOS-2024-2119 Socomec DIRIS Digiware M-70 Modbus TCP reboot denial of service vulnerability December 1, 2025 CVE Number CVE-2024-48882 SUMMARY A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially...

8.6CVSS7.1AI score0.00375EPSS
Exploits0
Talos
Talos
added 2025/11/17 12:0 a.m.13 views

Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability

Talos Vulnerability Report TALOS-2025-2174 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability November 17, 2025 CVE Number CVE-2025-31361 SUMMARY A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIOUSHADDRECORD...

8.7CVSS7.2AI score0.00218EPSS
Exploits0
Talos
Talos
added 2025/08/25 12:0 a.m.13 views

The Biosig Project libbiosig RHS2000 parsing heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2240 The Biosig Project libbiosig RHS2000 parsing heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-48005 SUMMARY A heap-based buffer overflow vulnerability exists in the RHS2000 parsing functionality of The Biosig Project libbiosig...

9.8CVSS7.2AI score0.00689EPSS
Exploits1
Talos
Talos
added 2025/06/03 12:0 a.m.13 views

Parallels Desktop prl_vmarchiver Unarchive Hard Link Privilege Escalation

Talos Vulnerability Report TALOS-2024-2126 Parallels Desktop prlvmarchiver Unarchive Hard Link Privilege Escalation June 3, 2025 CVE Number CVE-2024-36486 SUMMARY A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac...

7.8CVSS7.7AI score0.00277EPSS
Exploits1
Talos
Talos
added 2025/02/11 12:0 a.m.13 views

NVIDIA nvJPEG2000 Default Coding Styles Ndecomp buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2113 NVIDIA nvJPEG2000 Default Coding Styles Ndecomp buffer overflow vulnerability February 11, 2025 CVE Number CVE-2024-0145 SUMMARY A heap based buffer overflow vulnerability exists in the way Ndecomp parameter is used when parsing JPEG2000 files in NVIDIA...

6.8CVSS7.5AI score0.00874EPSS
Exploits0
Talos
Talos
added 2025/01/14 12:0 a.m.13 views

Wavlink AC3000 wireless.cgi set_wifi_basic_mesh() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2042 Wavlink AC3000 wireless.cgi setwifibasicmesh buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39603 SUMMARY A stack-based buffer overflow vulnerability exists in the wireless.cgi setwifibasicmesh functionality of Wavlink AC3000...

9.1CVSS7.8AI score0.02362EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.13 views

Wavlink AC3000 login.cgi Unauthenticated Firmware Upload vulnerability

Talos Vulnerability Report TALOS-2024-2036 Wavlink AC3000 login.cgi Unauthenticated Firmware Upload vulnerability January 14, 2025 CVE Number CVE-2024-39608 SUMMARY A firmware update vulnerability exists in the login.cgi functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...

10CVSS7.3AI score0.0137EPSS
Exploits1
Talos
Talos
added 2026/06/18 12:0 a.m.12 views

Internet Systems Consortium BIND DNSSEC DNSKEY Extended Flags denial of service vulnerability

Summary A denial of service vulnerability exists in the DNSSEC DNSKEY Extended Flags functionality of BIND versions: 9.21.21. A specially crafted mirror domain can lead to a denial of service. An attacker can serve a malicious zone to trigger this vulnerability. Confirmed Vulnerable Versions The...

5.7AI score
Exploits0
Total number of security vulnerabilities2224