2224 matches found
Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability
Talos Vulnerability Report TALOS-2025-2304 Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability May 7, 2026 CVE Number CVE-2026-30816 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore crt.sed functionality of Tp-Link Archer AX53 v1.0 1.3....
GL-Inet GL-AXT1800 OTA Update firmware downgrade vulnerability
Talos Vulnerability Report TALOS-2025-2230 GL-Inet GL-AXT1800 OTA Update firmware downgrade vulnerability November 24, 2025 CVE Number CVE-2025-44018 SUMMARY A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4.7.0. A specially crafted .tar file can le...
Tenda AC6 V5.0 Firmware Signature Validation firmware update vulnerability
Talos Vulnerability Report TALOS-2025-2161 Tenda AC6 V5.0 Firmware Signature Validation firmware update vulnerability August 20, 2025 CVE Number CVE-2025-31355 SUMMARY A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A...
Dell ControlVault3 cv_send_blockdata out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2024-2127 Dell ControlVault3 cvsendblockdata out-of-bounds read vulnerability August 9, 2025 CVE Number CVE-2025-24311 SUMMARY An out-of-bounds read vulnerability exists in the cvsendblockdata functionality of Dell ControlVault3 5.14.3.0. A specially crafted...
Dell ControlVault3 cv_upgrade_sensor_firmware out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2025-2137 Dell ControlVault3 cvupgradesensorfirmware out-of-bounds write vulnerability August 9, 2025 CVE Number CVE-2025-25050 SUMMARY An out-of-bounds write vulnerability exists in the cvupgradesensorfirmware functionality of Dell ControlVault3 5.14.3.0. A...
Wavlink AC3000 qos.cgi qos_sta() command injection vulnerability
Talos Vulnerability Report TALOS-2024-2047 Wavlink AC3000 qos.cgi qossta command injection vulnerability January 14, 2025 CVE Number CVE-2024-36295 SUMMARY A command execution vulnerability exists in the qos.cgi qossta functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 nas.cgi set_smb_cfg() Configuration Control Vulnerability
Talos Vulnerability Report TALOS-2024-2055 Wavlink AC3000 nas.cgi setsmbcfg Configuration Control Vulnerability January 14, 2025 CVE Number CVE-2024-39280 SUMMARY An external config control vulnerability exists in the nas.cgi setsmbcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A special...
Wavlink AC3000 wireless.cgi set_wifi_basic() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2041 Wavlink AC3000 wireless.cgi setwifibasic buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36493 SUMMARY A stack-based buffer overflow vulnerability exists in the wireless.cgi setwifibasic functionality of Wavlink AC3000...
Wavlink AC3000 touchlist_sync.cgi touchlistsync() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2046 Wavlink AC3000 touchlistsync.cgi touchlistsync buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36258 SUMMARY A stack-based buffer overflow vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000...
Wavlink AC3000 adm.cgi rep_as_bridge() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2025 Wavlink AC3000 adm.cgi repasbridge buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-37184 SUMMARY A buffer overflow vulnerability exists in the adm.cgi repasbridge functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...
Wavlink AC3000 adm.cgi set_wzdgw4G() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2026 Wavlink AC3000 adm.cgi setwzdgw4G buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39294 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setwzdgw4G functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HT...
MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the LXF parsing functionality of MediaInfoLib versions: 26.01. A specially crafted .lxf file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Confirmed Vulnerable Versions The...
MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the LXF element parsing functionality of MediaInfoLib versions: 26.01. A specially crafted .lxf file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Confirmed Vulnerable...
Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2306 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30818 SUMMARY An os command injection vulnerability exists in the dnsmasq configuration restore dhcpscript functionality ...
LibRaw x3f_thumb_loader heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2358 LibRaw x3fthumbloader heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20889 SUMMARY A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A specially crafted malicious...
MedDream PACS Premium emailfailedjob reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2255 MedDream PACS Premium emailfailedjob reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54495 SUMMARY A reflected cross-site scripting xss vulnerability exists in the emailfailedjob functionality of MedDream PACS Premiu...
MedDream PACS Premium config.php multiple reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2271 MedDream PACS Premium config.php multiple reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-58089,CVE-2025-58093,CVE-2025-58090,CVE-2025-58091,CVE-2025-58088,CVE-2025-58087,CVE-2025-58094,CVE-2025-58095,CVE-2025-58092...
Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability
Talos Vulnerability Report TALOS-2025-2279 Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability January 15, 2026 CVE Number CVE-2025-61973 SUMMARY A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A...
Tenda AC6 V5.0 missing initial setup authentication vulnerability
Talos Vulnerability Report TALOS-2025-2163 Tenda AC6 V5.0 missing initial setup authentication vulnerability August 20, 2025 CVE Number CVE-2025-24322 SUMMARY An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A...
PDF-XChange Editor EMF File EMR_EXTCREATEFONTINDIRECTW Facename Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2203 PDF-XChange Editor EMF File EMREXTCREATEFONTINDIRECTW Facename Out-Of-Bounds Read Vulnerability August 5, 2025 CVE Number CVE-2025-47152 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor...
Bloomberg Comdb2 Distributed Transaction Commit/Abort Operation denial of service vulnerability
Talos Vulnerability Report TALOS-2025-2198 Bloomberg Comdb2 Distributed Transaction Commit/Abort Operation denial of service vulnerability July 22, 2025 CVE Number CVE-2025-46354 SUMMARY A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality o...
Parallels Desktop prl_packer_inplace PVMP Unpack Directory Traversal Privilege Escalation
Talos Vulnerability Report TALOS-2025-2160 Parallels Desktop prlpackerinplace PVMP Unpack Directory Traversal Privilege Escalation June 3, 2025 CVE Number CVE-2025-31359 SUMMARY A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac...
Catdoc xls2csv utility Shared String Table Record Parser memory corruption vulnerability
Talos Vulnerability Report TALOS-2024-2128 Catdoc xls2csv utility Shared String Table Record Parser memory corruption vulnerability June 2, 2025 CVE Number CVE-2024-48877 SUMMARY A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility...
Wavlink AC3000 wireless.cgi DeleteMac() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2040 Wavlink AC3000 wireless.cgi DeleteMac buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39359 SUMMARY A stack-based buffer overflow vulnerability exists in the wireless.cgi DeleteMac functionality of Wavlink AC3000 M33A8.V5030.210505. A...
Wavlink AC3000 nas.cgi remove_dir() Command Injection Vulnerability
Talos Vulnerability Report TALOS-2024-2054 Wavlink AC3000 nas.cgi removedir Command Injection Vulnerability January 14, 2025 CVE Number CVE-2024-39360 SUMMARY An os command injection vulnerability exists in the nas.cgi removedir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially...
Wavlink AC3000 login.cgi Goto_chidx() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2019 Wavlink AC3000 login.cgi Gotochidx buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36290 SUMMARY A buffer overflow vulnerability exists in the login.cgi Gotochidx functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...
Wavlink AC3000 touchlist_sync.cgi touchlistsync() command injection vulnerability
Talos Vulnerability Report TALOS-2024-2000 Wavlink AC3000 touchlistsync.cgi touchlistsync command injection vulnerability January 14, 2025 CVE Number CVE-2024-34166 SUMMARY An os command injection vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000...
Wavlink AC3000 internet.cgi set_qos() buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2024-2022 Wavlink AC3000 internet.cgi setqos buffer overflow vulnerabilities January 14, 2025 CVE Number CVE-2024-39768,CVE-2024-39770,CVE-2024-39769 SUMMARY Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000...
Wavlink AC3000 adm.cgi set_sys_adm() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2030 Wavlink AC3000 adm.cgi setsysadm buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39774 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setsysadm functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
MediaArea MediaInfoLib ID3v2 parsing heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the ID3v2 parsing functionality of MediaInfoLib versions: 26.01. A specially crafted media file that contains ID3v2 tags can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2307 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientdisconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientdisconnect...
MedDream PACS Premium modifyTranscript reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2267 MedDream PACS Premium modifyTranscript reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-53707 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyTranscript functionality of MedDream PACS...
MedDream PACS Premium modifyEmail reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2263 MedDream PACS Premium modifyEmail reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-57881 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyEmail functionality of MedDream PACS Premium...
MedDream PACS Premium ldapUser reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2272 MedDream PACS Premium ldapUser reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-36556 SUMMARY A reflected cross-site scripting xss vulnerability exists in the ldapUser functionality of MedDream PACS Premium 7.3.6.870....
Dell BSAFE Crypto-C _A_DecodeElement out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2025-2141 Dell BSAFE Crypto-C ADecodeElement out-of-bounds read vulnerability October 16, 2025 CVE Number CVE-2019-3728 SUMMARY An integer underflow vulnerability exists in the ADecodeElement functionality of Dell BSAFE Crypto-C xxx. A specially crafted ASN.1 reco...
Bloomberg Comdb2 Distributed Transaction Heartbeat denial of service vulnerability
Talos Vulnerability Report TALOS-2025-2200 Bloomberg Comdb2 Distributed Transaction Heartbeat denial of service vulnerability July 22, 2025 CVE Number CVE-2025-36512 SUMMARY A denial of service vulnerability exists in the Bloomberg Comdb2 8.1 database when handling a distributed transaction...
Bloomberg Comdb2 Distributed Transaction Coordination Fields denial of service vulnerability
Talos Vulnerability Report TALOS-2025-2199 Bloomberg Comdb2 Distributed Transaction Coordination Fields denial of service vulnerability July 22, 2025 CVE Number CVE-2025-48498 SUMMARY A null pointer dereference vulnerability exists in the Distributed Transaction component of Bloomberg Comdb2 8.1...
High-Logic FontCreator GSUB subtable Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2157 High-Logic FontCreator GSUB subtable Out-Of-Bounds Read Vulnerability June 2, 2025 CVE Number CVE-2025-20001 SUMMARY An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this...
Catdoc utilities OLE Document DIFAT Parser integer underflow vulnerability
Talos Vulnerability Report TALOS-2024-2132 Catdoc utilities OLE Document DIFAT Parser integer underflow vulnerability June 2, 2025 CVE Number CVE-2024-54028 SUMMARY An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malform...
Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability
Talos Vulnerability Report TALOS-2024-2098 Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability April 14, 2025 CVE Number CVE-2025-2260,None SUMMARY A denial of service vulnerability exists in the NetX HTTP server functionality of Eclipse ThreadX NetX Duo git commit 6c8e9d1. A...
Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability
Talos Vulnerability Report TALOS-2024-2104 Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2259 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX D...
NVIDIA nvJPEG2000 Coding Style Component index out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2024-2095 NVIDIA nvJPEG2000 Coding Style Component index out-of-bounds write vulnerability February 11, 2025 CVE Number CVE-2024-0143 SUMMARY A memory corruption vulnerability exists in the Coding Style Component handling of the NVIDIA nvJPEG2000 library version...
Wavlink AC3000 wireless.cgi AddMac() command injection vulnerability
Talos Vulnerability Report TALOS-2024-2044 Wavlink AC3000 wireless.cgi AddMac command injection vulnerability January 14, 2025 CVE Number CVE-2024-34544 SUMMARY A command injection vulnerability exists in the wireless.cgi AddMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially...
Wavlink AC3000 usbip.cgi set_info() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2045 Wavlink AC3000 usbip.cgi setinfo buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36272 SUMMARY A buffer overflow vulnerability exists in the usbip.cgi setinfo functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 adm.cgi rep_as_router() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2024 Wavlink AC3000 adm.cgi repasrouter buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39756 SUMMARY A buffer overflow vulnerability exists in the adm.cgi repasrouter functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...
Apple DCERPC zero length BIND packet infinite loop
Talos Vulnerability Report TALOS-2022-1679 Apple DCERPC zero length BIND packet infinite loop July 13, 2023 CVE Number None SUMMARY An infinite loop vulnerability exists in the way DCERPC library as used in Apple macOS 12.6.1 deals with fragment sizes. A specially-crafted network packet can cause...
GeoVision GeoWebPlayer Websocket Server lack of authentication vulnerability
Summary A lack of authentication vulnerability exists in the Websocket Server functionality of GeoWebPlayer versions: 1.1.1.0. A specially crafted websocket connection can lead to execute priviledged operation. An attacker can stage a malicious webpage to trigger this vulnerability. Confirmed...
GeoVision LPC2011/LPC2211 Web Interface guessable session cookie vulnerability
Summary A guessable session cookie vulnerability exists in the Web Interface functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability. Confirmed...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore script_security OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2303 Tp-Link Archer AX53 v1.0 Openvpn configuration restore scriptsecurity OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore scriptsecurity...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_connect OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2308 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientconnect...