Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2026/05/07 12:0 a.m.12 views

Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability

Talos Vulnerability Report TALOS-2025-2304 Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability May 7, 2026 CVE Number CVE-2026-30816 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore crt.sed functionality of Tp-Link Archer AX53 v1.0 1.3....

6.8CVSS6.1AI score0.00286EPSS
Exploits0
Talos
Talos
added 2025/11/24 12:0 a.m.12 views

GL-Inet GL-AXT1800 OTA Update firmware downgrade vulnerability

Talos Vulnerability Report TALOS-2025-2230 GL-Inet GL-AXT1800 OTA Update firmware downgrade vulnerability November 24, 2025 CVE Number CVE-2025-44018 SUMMARY A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4.7.0. A specially crafted .tar file can le...

8.3CVSS9.2AI score0.00218EPSS
Exploits0
Talos
Talos
added 2025/08/20 12:0 a.m.12 views

Tenda AC6 V5.0 Firmware Signature Validation firmware update vulnerability

Talos Vulnerability Report TALOS-2025-2161 Tenda AC6 V5.0 Firmware Signature Validation firmware update vulnerability August 20, 2025 CVE Number CVE-2025-31355 SUMMARY A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A...

9.8CVSS7.2AI score0.0028EPSS
Exploits0
Talos
Talos
added 2025/08/09 12:0 a.m.12 views

Dell ControlVault3 cv_send_blockdata out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-2127 Dell ControlVault3 cvsendblockdata out-of-bounds read vulnerability August 9, 2025 CVE Number CVE-2025-24311 SUMMARY An out-of-bounds read vulnerability exists in the cvsendblockdata functionality of Dell ControlVault3 5.14.3.0. A specially crafted...

8.4CVSS7.1AI score0.01302EPSS
Exploits0
Talos
Talos
added 2025/08/09 12:0 a.m.12 views

Dell ControlVault3 cv_upgrade_sensor_firmware out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2137 Dell ControlVault3 cvupgradesensorfirmware out-of-bounds write vulnerability August 9, 2025 CVE Number CVE-2025-25050 SUMMARY An out-of-bounds write vulnerability exists in the cvupgradesensorfirmware functionality of Dell ControlVault3 5.14.3.0. A...

8.8CVSS7.2AI score0.01429EPSS
Exploits0
Talos
Talos
added 2025/01/14 12:0 a.m.12 views

Wavlink AC3000 qos.cgi qos_sta() command injection vulnerability

Talos Vulnerability Report TALOS-2024-2047 Wavlink AC3000 qos.cgi qossta command injection vulnerability January 14, 2025 CVE Number CVE-2024-36295 SUMMARY A command execution vulnerability exists in the qos.cgi qossta functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...

9.1CVSS7.6AI score0.20769EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.12 views

Wavlink AC3000 nas.cgi set_smb_cfg() Configuration Control Vulnerability

Talos Vulnerability Report TALOS-2024-2055 Wavlink AC3000 nas.cgi setsmbcfg Configuration Control Vulnerability January 14, 2025 CVE Number CVE-2024-39280 SUMMARY An external config control vulnerability exists in the nas.cgi setsmbcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A special...

9.1CVSS7.6AI score0.34167EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.12 views

Wavlink AC3000 wireless.cgi set_wifi_basic() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2041 Wavlink AC3000 wireless.cgi setwifibasic buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36493 SUMMARY A stack-based buffer overflow vulnerability exists in the wireless.cgi setwifibasic functionality of Wavlink AC3000...

9.1CVSS7.8AI score0.01985EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.12 views

Wavlink AC3000 touchlist_sync.cgi touchlistsync() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2046 Wavlink AC3000 touchlistsync.cgi touchlistsync buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36258 SUMMARY A stack-based buffer overflow vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000...

10CVSS8.1AI score0.12447EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.12 views

Wavlink AC3000 adm.cgi rep_as_bridge() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2025 Wavlink AC3000 adm.cgi repasbridge buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-37184 SUMMARY A buffer overflow vulnerability exists in the adm.cgi repasbridge functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...

9.1CVSS7.8AI score0.01265EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.12 views

Wavlink AC3000 adm.cgi set_wzdgw4G() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2026 Wavlink AC3000 adm.cgi setwzdgw4G buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39294 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setwzdgw4G functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HT...

9.1CVSS7.8AI score0.01482EPSS
Exploits1
Talos
Talos
added 2026/05/25 12:0 a.m.11 views

MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the LXF parsing functionality of MediaInfoLib versions: 26.01. A specially crafted .lxf file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Confirmed Vulnerable Versions The...

7.8CVSS6.5AI score0.00207EPSS
Exploits1
Talos
Talos
added 2026/05/20 12:0 a.m.11 views

MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the LXF element parsing functionality of MediaInfoLib versions: 26.01. A specially crafted .lxf file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Confirmed Vulnerable...

7.8CVSS6.3AI score0.00203EPSS
Exploits1
Talos
Talos
added 2026/05/07 12:0 a.m.11 views

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2306 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30818 SUMMARY An os command injection vulnerability exists in the dnsmasq configuration restore dhcpscript functionality ...

8.5CVSS6.6AI score0.01232EPSS
Exploits0
Talos
Talos
added 2026/04/07 12:0 a.m.11 views

LibRaw x3f_thumb_loader heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2358 LibRaw x3fthumbloader heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20889 SUMMARY A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious...

9.8CVSS6.5AI score0.00645EPSS
Exploits1
Talos
Talos
added 2026/01/20 12:0 a.m.11 views

MedDream PACS Premium emailfailedjob reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2255 MedDream PACS Premium emailfailedjob reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54495 SUMMARY A reflected cross-site scripting xss vulnerability exists in the emailfailedjob functionality of MedDream PACS Premiu...

6.1CVSS5.8AI score0.00286EPSS
Exploits1
Talos
Talos
added 2026/01/20 12:0 a.m.11 views

MedDream PACS Premium config.php multiple reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2271 MedDream PACS Premium config.php multiple reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-58089,CVE-2025-58093,CVE-2025-58090,CVE-2025-58091,CVE-2025-58088,CVE-2025-58087,CVE-2025-58094,CVE-2025-58095,CVE-2025-58092...

6.1CVSS5.8AI score0.0024EPSS
Exploits9
Talos
Talos
added 2026/01/15 12:0 a.m.11 views

Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2279 Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability January 15, 2026 CVE Number CVE-2025-61973 SUMMARY A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A...

8.8CVSS5.6AI score0.00143EPSS
Exploits0
Talos
Talos
added 2025/08/20 12:0 a.m.11 views

Tenda AC6 V5.0 missing initial setup authentication vulnerability

Talos Vulnerability Report TALOS-2025-2163 Tenda AC6 V5.0 missing initial setup authentication vulnerability August 20, 2025 CVE Number CVE-2025-24322 SUMMARY An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A...

9.8CVSS7.4AI score0.0054EPSS
Exploits0
Talos
Talos
added 2025/08/05 12:0 a.m.11 views

PDF-XChange Editor EMF File EMR_EXTCREATEFONTINDIRECTW Facename Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2203 PDF-XChange Editor EMF File EMREXTCREATEFONTINDIRECTW Facename Out-Of-Bounds Read Vulnerability August 5, 2025 CVE Number CVE-2025-47152 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor...

6.5CVSS6.2AI score0.00507EPSS
Exploits1
Talos
Talos
added 2025/07/22 12:0 a.m.11 views

Bloomberg Comdb2 Distributed Transaction Commit/Abort Operation denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2198 Bloomberg Comdb2 Distributed Transaction Commit/Abort Operation denial of service vulnerability July 22, 2025 CVE Number CVE-2025-46354 SUMMARY A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality o...

7.5CVSS7.5AI score0.00855EPSS
Exploits1
Talos
Talos
added 2025/06/03 12:0 a.m.11 views

Parallels Desktop prl_packer_inplace PVMP Unpack Directory Traversal Privilege Escalation

Talos Vulnerability Report TALOS-2025-2160 Parallels Desktop prlpackerinplace PVMP Unpack Directory Traversal Privilege Escalation June 3, 2025 CVE Number CVE-2025-31359 SUMMARY A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac...

8.8CVSS9AI score0.01679EPSS
Exploits1
Talos
Talos
added 2025/06/02 12:0 a.m.11 views

Catdoc xls2csv utility Shared String Table Record Parser memory corruption vulnerability

Talos Vulnerability Report TALOS-2024-2128 Catdoc xls2csv utility Shared String Table Record Parser memory corruption vulnerability June 2, 2025 CVE Number CVE-2024-48877 SUMMARY A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility...

8.4CVSS6.6AI score0.00273EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.11 views

Wavlink AC3000 wireless.cgi DeleteMac() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2040 Wavlink AC3000 wireless.cgi DeleteMac buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39359 SUMMARY A stack-based buffer overflow vulnerability exists in the wireless.cgi DeleteMac functionality of Wavlink AC3000 M33A8.V5030.210505. A...

9.1CVSS8AI score0.02362EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.11 views

Wavlink AC3000 nas.cgi remove_dir() Command Injection Vulnerability

Talos Vulnerability Report TALOS-2024-2054 Wavlink AC3000 nas.cgi removedir Command Injection Vulnerability January 14, 2025 CVE Number CVE-2024-39360 SUMMARY An os command injection vulnerability exists in the nas.cgi removedir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially...

9.1CVSS8.1AI score0.11711EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.11 views

Wavlink AC3000 login.cgi Goto_chidx() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2019 Wavlink AC3000 login.cgi Gotochidx buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36290 SUMMARY A buffer overflow vulnerability exists in the login.cgi Gotochidx functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...

10CVSS7.8AI score0.01359EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.11 views

Wavlink AC3000 touchlist_sync.cgi touchlistsync() command injection vulnerability

Talos Vulnerability Report TALOS-2024-2000 Wavlink AC3000 touchlistsync.cgi touchlistsync command injection vulnerability January 14, 2025 CVE Number CVE-2024-34166 SUMMARY An os command injection vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000...

10CVSS9.9AI score0.1579EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.11 views

Wavlink AC3000 internet.cgi set_qos() buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2024-2022 Wavlink AC3000 internet.cgi setqos buffer overflow vulnerabilities January 14, 2025 CVE Number CVE-2024-39768,CVE-2024-39770,CVE-2024-39769 SUMMARY Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000...

9.1CVSS7.6AI score0.01212EPSS
Exploits3
Talos
Talos
added 2025/01/14 12:0 a.m.11 views

Wavlink AC3000 adm.cgi set_sys_adm() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2030 Wavlink AC3000 adm.cgi setsysadm buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39774 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setsysadm functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...

9.1CVSS7.5AI score0.0126EPSS
Exploits1
Talos
Talos
added 2026/05/25 12:0 a.m.10 views

MediaArea MediaInfoLib ID3v2 parsing heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the ID3v2 parsing functionality of MediaInfoLib versions: 26.01. A specially crafted media file that contains ID3v2 tags can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

7.8CVSS6.5AI score0.00207EPSS
Exploits1
Talos
Talos
added 2026/05/07 12:0 a.m.10 views

Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2307 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientdisconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientdisconnect...

8.5CVSS7.5AI score0.0116EPSS
Exploits0
Talos
Talos
added 2026/01/20 12:0 a.m.10 views

MedDream PACS Premium modifyTranscript reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2267 MedDream PACS Premium modifyTranscript reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-53707 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyTranscript functionality of MedDream PACS...

6.1CVSS5.8AI score0.00317EPSS
Exploits1
Talos
Talos
added 2026/01/20 12:0 a.m.10 views

MedDream PACS Premium modifyEmail reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2263 MedDream PACS Premium modifyEmail reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-57881 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyEmail functionality of MedDream PACS Premium...

6.1CVSS5.7AI score0.00235EPSS
Exploits1
Talos
Talos
added 2026/01/20 12:0 a.m.10 views

MedDream PACS Premium ldapUser reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2272 MedDream PACS Premium ldapUser reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-36556 SUMMARY A reflected cross-site scripting xss vulnerability exists in the ldapUser functionality of MedDream PACS Premium 7.3.6.870....

6.1CVSS5.7AI score0.00286EPSS
Exploits1
Talos
Talos
added 2025/10/16 12:0 a.m.10 views

Dell BSAFE Crypto-C _A_DecodeElement out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2141 Dell BSAFE Crypto-C ADecodeElement out-of-bounds read vulnerability October 16, 2025 CVE Number CVE-2019-3728 SUMMARY An integer underflow vulnerability exists in the ADecodeElement functionality of Dell BSAFE Crypto-C xxx. A specially crafted ASN.1 reco...

7.5CVSS7.1AI score0.02385EPSS
Exploits0
Talos
Talos
added 2025/07/22 12:0 a.m.10 views

Bloomberg Comdb2 Distributed Transaction Heartbeat denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2200 Bloomberg Comdb2 Distributed Transaction Heartbeat denial of service vulnerability July 22, 2025 CVE Number CVE-2025-36512 SUMMARY A denial of service vulnerability exists in the Bloomberg Comdb2 8.1 database when handling a distributed transaction...

7.5CVSS7.5AI score0.00523EPSS
Exploits1
Talos
Talos
added 2025/07/22 12:0 a.m.10 views

Bloomberg Comdb2 Distributed Transaction Coordination Fields denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2199 Bloomberg Comdb2 Distributed Transaction Coordination Fields denial of service vulnerability July 22, 2025 CVE Number CVE-2025-48498 SUMMARY A null pointer dereference vulnerability exists in the Distributed Transaction component of Bloomberg Comdb2 8.1...

7.5CVSS7.4AI score0.00555EPSS
Exploits1
Talos
Talos
added 2025/06/02 12:0 a.m.10 views

High-Logic FontCreator GSUB subtable Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2157 High-Logic FontCreator GSUB subtable Out-Of-Bounds Read Vulnerability June 2, 2025 CVE Number CVE-2025-20001 SUMMARY An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this...

6.5CVSS6.5AI score0.00457EPSS
Exploits1
Talos
Talos
added 2025/06/02 12:0 a.m.10 views

Catdoc utilities OLE Document DIFAT Parser integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2132 Catdoc utilities OLE Document DIFAT Parser integer underflow vulnerability June 2, 2025 CVE Number CVE-2024-54028 SUMMARY An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malform...

8.4CVSS7.1AI score0.00252EPSS
Exploits1
Talos
Talos
added 2025/04/14 12:0 a.m.10 views

Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability

Talos Vulnerability Report TALOS-2024-2098 Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability April 14, 2025 CVE Number CVE-2025-2260,None SUMMARY A denial of service vulnerability exists in the NetX HTTP server functionality of Eclipse ThreadX NetX Duo git commit 6c8e9d1. A...

7.5CVSS8.1AI score0.00845EPSS
Exploits0
Talos
Talos
added 2025/04/14 12:0 a.m.10 views

Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2104 Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2259 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX D...

7.5CVSS8.3AI score0.00845EPSS
Exploits0
Talos
Talos
added 2025/02/11 12:0 a.m.10 views

NVIDIA nvJPEG2000 Coding Style Component index out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-2095 NVIDIA nvJPEG2000 Coding Style Component index out-of-bounds write vulnerability February 11, 2025 CVE Number CVE-2024-0143 SUMMARY A memory corruption vulnerability exists in the Coding Style Component handling of the NVIDIA nvJPEG2000 library version...

6.8CVSS7.3AI score0.00643EPSS
Exploits0
Talos
Talos
added 2025/01/14 12:0 a.m.10 views

Wavlink AC3000 wireless.cgi AddMac() command injection vulnerability

Talos Vulnerability Report TALOS-2024-2044 Wavlink AC3000 wireless.cgi AddMac command injection vulnerability January 14, 2025 CVE Number CVE-2024-34544 SUMMARY A command injection vulnerability exists in the wireless.cgi AddMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially...

9.1CVSS7.7AI score0.08494EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.10 views

Wavlink AC3000 usbip.cgi set_info() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2045 Wavlink AC3000 usbip.cgi setinfo buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36272 SUMMARY A buffer overflow vulnerability exists in the usbip.cgi setinfo functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...

9.1CVSS7.5AI score0.01265EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.10 views

Wavlink AC3000 adm.cgi rep_as_router() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2024 Wavlink AC3000 adm.cgi repasrouter buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39756 SUMMARY A buffer overflow vulnerability exists in the adm.cgi repasrouter functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...

9.1CVSS7.8AI score0.01805EPSS
Exploits1
Talos
Talos
added 2023/07/13 12:0 a.m.10 views

Apple DCERPC zero length BIND packet infinite loop

Talos Vulnerability Report TALOS-2022-1679 Apple DCERPC zero length BIND packet infinite loop July 13, 2023 CVE Number None SUMMARY An infinite loop vulnerability exists in the way DCERPC library as used in Apple macOS 12.6.1 deals with fragment sizes. A specially-crafted network packet can cause...

7.6AI score
Exploits0
Talos
Talos
added 6 days ago9 views

GeoVision GeoWebPlayer Websocket Server lack of authentication vulnerability

Summary A lack of authentication vulnerability exists in the Websocket Server functionality of GeoWebPlayer versions: 1.1.1.0. A specially crafted websocket connection can lead to execute priviledged operation. An attacker can stage a malicious webpage to trigger this vulnerability. Confirmed...

8.8CVSS5.9AI score0.00227EPSS
Exploits0
Talos
Talos
added 2026/06/15 12:0 a.m.9 views

GeoVision LPC2011/LPC2211 Web Interface guessable session cookie vulnerability

Summary A guessable session cookie vulnerability exists in the Web Interface functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability. Confirmed...

8.6CVSS5.5AI score0.00329EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.9 views

Tp-Link Archer AX53 v1.0 Openvpn configuration restore script_security OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2303 Tp-Link Archer AX53 v1.0 Openvpn configuration restore scriptsecurity OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore scriptsecurity...

8.5CVSS6.2AI score0.0116EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.9 views

Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_connect OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2308 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientconnect...

8.5CVSS7.5AI score0.0116EPSS
Exploits0
Total number of security vulnerabilities2224