2224 matches found
Wavlink AC3000 usbip.cgi set_info() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2045 Wavlink AC3000 usbip.cgi setinfo buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36272 SUMMARY A buffer overflow vulnerability exists in the usbip.cgi setinfo functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 adm.cgi rep_as_router() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2024 Wavlink AC3000 adm.cgi repasrouter buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39756 SUMMARY A buffer overflow vulnerability exists in the adm.cgi repasrouter functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...
Wavlink AC3000 wireless.cgi AddMac() command injection vulnerability
Talos Vulnerability Report TALOS-2024-2044 Wavlink AC3000 wireless.cgi AddMac command injection vulnerability January 14, 2025 CVE Number CVE-2024-34544 SUMMARY A command injection vulnerability exists in the wireless.cgi AddMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially...
Microsoft Windows CLIPSP.SYS License Update Field Type 0xD3 out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2024-1970 Microsoft Windows CLIPSP.SYS License Update Field Type 0xD3 out-of-bounds read vulnerability August 13, 2024 CVE Number None SUMMARY An out-of-bounds read vulnerability exists in the License Update Field Type 0xD3 functionality of Microsoft Windows...
GeoVision GeoWebPlayer Websocket Server lack of authentication vulnerability
Summary A lack of authentication vulnerability exists in the Websocket Server functionality of GeoWebPlayer versions: 1.1.1.0. A specially crafted websocket connection can lead to execute priviledged operation. An attacker can stage a malicious webpage to trigger this vulnerability. Confirmed...
GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi privilege escalation vulnerability
Summary A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability. Confirmed Vulnerable Versions The...
GeoVision GV-VMS V20 WebCam Server stack overflow vulnerabilities
Summary Multiple exploitable stack overflow vulnerabilities exist in the WebCam Server functionality of GV-VMS V20 versions: 20.0.2. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_connect OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2308 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientconnect...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore script_security OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2303 Tp-Link Archer AX53 v1.0 Openvpn configuration restore scriptsecurity OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore scriptsecurity...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore route_up OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2309 Tp-Link Archer AX53 v1.0 Openvpn configuration restore routeup OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore routeup functionality of...
Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2302 Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability May 7, 2026 CVE Number CVE-2026-30814 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x436 functionality of Tp-Link AX53 v1.0 1.3.1 Bui...
LibRaw deflate_dng_load_raw integer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2364 LibRaw deflatedngloadraw integer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20884 SUMMARY An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead ...
LibRaw uncompressed_fp_dng_load_raw integer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2363 LibRaw uncompressedfpdngloadraw integer overflow vulnerability April 7, 2026 CVE Number CVE-2026-24450 SUMMARY An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious...
Canva Affinity EMF File EMR_POLYPOLYLINE Count Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2325 Canva Affinity EMF File EMRPOLYPOLYLINE Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2026-22882 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...
Tp-Link AX53 v1.0 tmpServer opcode 0x441 Write-What-Where vulnerability
Talos Vulnerability Report TALOS-2025-2285 Tp-Link AX53 v1.0 tmpServer opcode 0x441 Write-What-Where vulnerability March 16, 2026 CVE Number CVE-2025-59487 SUMMARY A write-what-where vulnerability exists in the tmpServer opcode 0x441 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...
Tp-Link AX53 v1.0 tmpServer opcode 0x1003 stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2289 Tp-Link AX53 v1.0 tmpServer opcode 0x1003 stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-58455 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x1003 functionality of Tp-Link AX53 v1.0 1.3....
Tp-Link Archer AX53 v1.0 tmpServer opcode 0x437 heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2294 Tp-Link Archer AX53 v1.0 tmpServer opcode 0x437 heap-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-58077 SUMMARY A heap-based buffer overflow vulnerability exists in the tmpServer opcode 0x437 functionality of Tp-Link Archer AX53...
The Biosig Project libbiosig ABF parsing out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2025-2323 The Biosig Project libbiosig ABF parsing out-of-bounds read vulnerability March 3, 2026 CVE Number CVE-2025-64736 SUMMARY An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch...
MedDream PACS Premium existingUser reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2257 MedDream PACS Premium existingUser reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54778 SUMMARY A reflected cross-site scripting xss vulnerability exists in the existingUser functionality of MedDream PACS Premium...
MedDream PACS Premium autoPurge reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2253 MedDream PACS Premium autoPurge reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54817 SUMMARY A reflected cross-site scripting xss vulnerability exists in the autoPurge functionality of MedDream PACS Premium 7.3.6.87...
MedDream PACS Premium downloadZip reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2254 MedDream PACS Premium downloadZip reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-53516 SUMMARY A reflected cross-site scripting xss vulnerability exists in the downloadZip functionality of MedDream PACS Premium...
MedDream PACS Premium encapsulatedDoc arbitrary file read vulnerability
Talos Vulnerability Report TALOS-2025-2273 MedDream PACS Premium encapsulatedDoc arbitrary file read vulnerability January 20, 2026 CVE Number CVE-2025-53912 SUMMARY An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially...
MedDream PACS Premium modifyAeTitle reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2260 MedDream PACS Premium modifyAeTitle reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54852 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyAeTitle functionality of MedDream PACS Premium...
Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2025-2175 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability November 17, 2025 CVE Number CVE-2025-36462,CVE-2025-36463,CVE-2025-36460,CVE-2025-36461 SUMMARY Multiple out-of-bounds read and write vulnerabilities...
Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability
Talos Vulnerability Report TALOS-2025-2173 Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability November 17, 2025 CVE Number CVE-2025-31649 SUMMARY A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 5.14.3.0. A...
Entr'ouvert Lasso lasso_node_init_from_message_with_format denial of service vulnerability
Talos Vulnerability Report TALOS-2025-2195 Entr'ouvert Lasso lassonodeinitfrommessagewithformat denial of service vulnerability November 5, 2025 CVE Number CVE-2025-46784 SUMMARY A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso...
NVIDIA nvdisasm symbol table parsing improper array index validation vulnerability
Talos Vulnerability Report TALOS-2025-2169 NVIDIA nvdisasm symbol table parsing improper array index validation vulnerability September 24, 2025 CVE Number CVE-2025-23338 SUMMARY An improper array index validation vulnerability exists in the symbol table parsing functionality of NVIDIA nvdisasm...
SAIL Image Decoding Library PSD Image Decoding integer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2218 SAIL Image Decoding Library PSD Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53510 SUMMARY A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...
Tenda AC6 V5.0 HTTP Header Parsing denial of service vulnerability
Talos Vulnerability Report TALOS-2025-2166 Tenda AC6 V5.0 HTTP Header Parsing denial of service vulnerability August 20, 2025 CVE Number CVE-2025-30256 SUMMARY A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted...
Tenda AC6 V5.0 HTTP authentication bypass vulnerability
Talos Vulnerability Report TALOS-2025-2165 Tenda AC6 V5.0 HTTP authentication bypass vulnerability August 20, 2025 CVE Number CVE-2025-27129 SUMMARY An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP...
Tenda AC6 V5.0 web portal authentication unencrypted transmission of credentials vulnerability
Talos Vulnerability Report TALOS-2025-2162 Tenda AC6 V5.0 web portal authentication unencrypted transmission of credentials vulnerability August 20, 2025 CVE Number CVE-2025-27564 SUMMARY A unencrypted transmission of credentials vulnerability exists in the web portal authentication functionality...
Tenda AC6 V5.0 Cloud API stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2168 Tenda AC6 V5.0 Cloud API stack-based buffer overflow vulnerability August 20, 2025 CVE Number CVE-2025-32010 SUMMARY A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HT...
WWBN AVideo videosList page parameter cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2206 WWBN AVideo videosList page parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-53084 SUMMARY A cross-site scripting xss vulnerability exists in the videosList page parameter functionality of WWBN AVideo 14.4 and dev master...
Parallels Desktop prl_disp_service Snapshots.xml Hard Link Privilege Escalation
Talos Vulnerability Report TALOS-2024-2124 Parallels Desktop prldispservice Snapshots.xml Hard Link Privilege Escalation June 3, 2025 CVE Number CVE-2024-54189 SUMMARY A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 build 55740...
STMicroelectronics X-CUBE-AZRTOS-F7 FileX Internal RAM interface buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2096 STMicroelectronics X-CUBE-AZRTOS-F7 FileX Internal RAM interface buffer overflow vulnerability April 2, 2025 CVE Number CVE-2024-45064 SUMMARY A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics...
NVIDIA nvJPEG2000 Ndecomp heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2108 NVIDIA nvJPEG2000 Ndecomp heap-based buffer overflow vulnerability February 11, 2025 CVE Number CVE-2024-0144 SUMMARY A heap-based buffer overflow vulnerability exists in the Ndecomp field handling of NVIDIA nvJPEG2000 0.8.0. A specially crafted JPEG2000...
NVIDIA nvJPEG2000 cSIZ out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2024-2080 NVIDIA nvJPEG2000 cSIZ out-of-bounds write vulnerability February 11, 2025 CVE Number CVE-2024-0142 SUMMARY A memory corruption vulnerability exists in the Image Decoding functionality of NVIDIA nvJPEG2000 0.8.0. A specially crafted .jp2 file can lead to...
Wavlink AC3000 firewall.cgi iptablesWebsFilterRun() command injection vulnerability
Talos Vulnerability Report TALOS-2024-2023 Wavlink AC3000 firewall.cgi iptablesWebsFilterRun command injection vulnerability January 14, 2025 CVE Number CVE-2024-39367 SUMMARY An os command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun functionality of Wavlink AC3000...
Wavlink AC3000 adm.cgi set_wzdap() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2027 Wavlink AC3000 adm.cgi setwzdap buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39358 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setwzap functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 internet.cgi set_add_routing() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2021 Wavlink AC3000 internet.cgi setaddrouting buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39288 SUMMARY A buffer overflow vulnerability exists in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A...
GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerabilities
Summary Multiple exploitable out-of-bounds read vulnerabilities exist in the Websocket Server functionality of GeoWebPlayer versions: 1.1.1.0. A specially crafted websocket message can lead to a arbitrary code execution. An attacker can stage a malicious webpage to trigger these vulnerabilities...
vtk vtk-dicom vtkDICOMItem::FindDataElementOrInsert heap-based buffer overflow vulnerability
Summary A heap-based buffer overflow vulnerability exists in the vtkDICOMItem::FindDataElementOrInsert functionality of vtk-dicom versions: 9.5.2. A specially crafted DICOM file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...
GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability
Summary A insufficient encryption vulnerability exists in the Device Authentication functionality of GV-IP Device Utility versions: 9.0.5. A specially crafted network sniffing can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. Confirmed...
GeoVision LPC2011/LPC2211 DdnsSetting.cgi OS command injection vulnerability
Summary A OS command injection vulnerability exists in the DdnsSetting.cgi functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An attacker can modify a configuration value to trigger this vulnerability. Confirmed...
LibRaw HuffTable::initval heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2330 LibRaw HuffTable::initval heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20911 SUMMARY A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A...
Canva Affinity EMF File EMR_FRAMERGN Type Confusion Vulnerability
Talos Vulnerability Report TALOS-2025-2297 Canva Affinity EMF File EMRFRAMERGN Type Confusion Vulnerability March 17, 2026 CVE Number CVE-2025-66342 SUMMARY A type confusion vulnerability exists in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger this vulnerabilit...
Canva Affinity EMF File EMR_POLYPOLYLINE16 Count Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2315 Canva Affinity EMF File EMRPOLYPOLYLINE16 Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66617 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file...
Canva Affinity EMF File EMR_EXTTEXTOUTA offDx Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2321 Canva Affinity EMF File EMREXTTEXTOUTA offDx Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-62403 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, a...
Canva Affinity EMF File EMR_CREATEDIBPATTERNBRUSHPT DIBHeaderInfo HeaderSize Out-Of-Bounds Write Vulnerability
Talos Vulnerability Report TALOS-2025-2310 Canva Affinity EMF File EMRCREATEDIBPATTERNBRUSHPT DIBHeaderInfo HeaderSize Out-Of-Bounds Write Vulnerability March 17, 2026 CVE Number CVE-2025-64301 SUMMARY An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity. By usin...
Canva Affinity EMF File EMR_BITBLT offBmiSrc Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2311 Canva Affinity EMF File EMRBITBLT offBmiSrc Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-64776 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...