Lucene search
K
TalosMost viewed

2224 matches found

Talos
Talos
added 2025/01/14 12:0 a.m.10 views

Wavlink AC3000 usbip.cgi set_info() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2045 Wavlink AC3000 usbip.cgi setinfo buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36272 SUMMARY A buffer overflow vulnerability exists in the usbip.cgi setinfo functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...

9.1CVSS7.5AI score0.01265EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.10 views

Wavlink AC3000 adm.cgi rep_as_router() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2024 Wavlink AC3000 adm.cgi repasrouter buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39756 SUMMARY A buffer overflow vulnerability exists in the adm.cgi repasrouter functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...

9.1CVSS7.8AI score0.01805EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.10 views

Wavlink AC3000 wireless.cgi AddMac() command injection vulnerability

Talos Vulnerability Report TALOS-2024-2044 Wavlink AC3000 wireless.cgi AddMac command injection vulnerability January 14, 2025 CVE Number CVE-2024-34544 SUMMARY A command injection vulnerability exists in the wireless.cgi AddMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially...

9.1CVSS7.7AI score0.08494EPSS
Exploits1
Talos
Talos
added 2024/08/13 12:0 a.m.10 views

Microsoft Windows CLIPSP.SYS License Update Field Type 0xD3 out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1970 Microsoft Windows CLIPSP.SYS License Update Field Type 0xD3 out-of-bounds read vulnerability August 13, 2024 CVE Number None SUMMARY An out-of-bounds read vulnerability exists in the License Update Field Type 0xD3 functionality of Microsoft Windows...

7AI score
Exploits0
Talos
Talos
added 2026/07/01 12:0 a.m.9 views

GeoVision GeoWebPlayer Websocket Server lack of authentication vulnerability

Summary A lack of authentication vulnerability exists in the Websocket Server functionality of GeoWebPlayer versions: 1.1.1.0. A specially crafted websocket connection can lead to execute priviledged operation. An attacker can stage a malicious webpage to trigger this vulnerability. Confirmed...

8.8CVSS5.9AI score0.00227EPSS
Exploits0
Talos
Talos
added 2026/06/15 12:0 a.m.9 views

GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi privilege escalation vulnerability

Summary A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability. Confirmed Vulnerable Versions The...

6.5CVSS5.4AI score0.00271EPSS
Exploits0
Talos
Talos
added 2026/06/15 12:0 a.m.9 views

GeoVision GV-VMS V20 WebCam Server stack overflow vulnerabilities

Summary Multiple exploitable stack overflow vulnerabilities exist in the WebCam Server functionality of GV-VMS V20 versions: 20.0.2. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger these vulnerabilities...

10CVSS6.4AI score0.00514EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.9 views

Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_connect OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2308 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientconnect...

8.5CVSS7.5AI score0.0116EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.9 views

Tp-Link Archer AX53 v1.0 Openvpn configuration restore script_security OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2303 Tp-Link Archer AX53 v1.0 Openvpn configuration restore scriptsecurity OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore scriptsecurity...

8.5CVSS6.2AI score0.0116EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.9 views

Tp-Link Archer AX53 v1.0 Openvpn configuration restore route_up OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2309 Tp-Link Archer AX53 v1.0 Openvpn configuration restore routeup OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore routeup functionality of...

8.5CVSS7.5AI score0.0116EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.9 views

Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2302 Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability May 7, 2026 CVE Number CVE-2026-30814 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x436 functionality of Tp-Link AX53 v1.0 1.3.1 Bui...

8CVSS6.4AI score0.00418EPSS
Exploits0
Talos
Talos
added 2026/04/07 12:0 a.m.9 views

LibRaw deflate_dng_load_raw integer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2364 LibRaw deflatedngloadraw integer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20884 SUMMARY An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead ...

9.8CVSS6.3AI score0.00454EPSS
Exploits1
Talos
Talos
added 2026/04/07 12:0 a.m.9 views

LibRaw uncompressed_fp_dng_load_raw integer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2363 LibRaw uncompressedfpdngloadraw integer overflow vulnerability April 7, 2026 CVE Number CVE-2026-24450 SUMMARY An integer overflow vulnerability exists in the uncompressedfpdngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious...

9.8CVSS6.4AI score0.00454EPSS
Exploits1
Talos
Talos
added 2026/03/17 12:0 a.m.9 views

Canva Affinity EMF File EMR_POLYPOLYLINE Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2325 Canva Affinity EMF File EMRPOLYPOLYLINE Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2026-22882 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, ...

7.1CVSS6.1AI score0.00268EPSS
Exploits1
Talos
Talos
added 2026/03/16 12:0 a.m.9 views

Tp-Link AX53 v1.0 tmpServer opcode 0x441 Write-What-Where vulnerability

Talos Vulnerability Report TALOS-2025-2285 Tp-Link AX53 v1.0 tmpServer opcode 0x441 Write-What-Where vulnerability March 16, 2026 CVE Number CVE-2025-59487 SUMMARY A write-what-where vulnerability exists in the tmpServer opcode 0x441 functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120...

8CVSS6.4AI score0.00405EPSS
Exploits0
Talos
Talos
added 2026/03/16 12:0 a.m.9 views

Tp-Link AX53 v1.0 tmpServer opcode 0x1003 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2289 Tp-Link AX53 v1.0 tmpServer opcode 0x1003 stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-58455 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x1003 functionality of Tp-Link AX53 v1.0 1.3....

8CVSS6.6AI score0.00405EPSS
Exploits0
Talos
Talos
added 2026/03/16 12:0 a.m.9 views

Tp-Link Archer AX53 v1.0 tmpServer opcode 0x437 heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2294 Tp-Link Archer AX53 v1.0 tmpServer opcode 0x437 heap-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-58077 SUMMARY A heap-based buffer overflow vulnerability exists in the tmpServer opcode 0x437 functionality of Tp-Link Archer AX53...

8CVSS6.5AI score0.00405EPSS
Exploits0
Talos
Talos
added 2026/03/03 12:0 a.m.9 views

The Biosig Project libbiosig ABF parsing out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2323 The Biosig Project libbiosig ABF parsing out-of-bounds read vulnerability March 3, 2026 CVE Number CVE-2025-64736 SUMMARY An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch...

7.1CVSS6.2AI score0.00184EPSS
Exploits1
Talos
Talos
added 2026/01/20 12:0 a.m.9 views

MedDream PACS Premium existingUser reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2257 MedDream PACS Premium existingUser reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54778 SUMMARY A reflected cross-site scripting xss vulnerability exists in the existingUser functionality of MedDream PACS Premium...

6.1CVSS5.7AI score0.00235EPSS
Exploits1
Talos
Talos
added 2026/01/20 12:0 a.m.9 views

MedDream PACS Premium autoPurge reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2253 MedDream PACS Premium autoPurge reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54817 SUMMARY A reflected cross-site scripting xss vulnerability exists in the autoPurge functionality of MedDream PACS Premium 7.3.6.87...

6.1CVSS5.8AI score0.00235EPSS
Exploits1
Talos
Talos
added 2026/01/20 12:0 a.m.9 views

MedDream PACS Premium downloadZip reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2254 MedDream PACS Premium downloadZip reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-53516 SUMMARY A reflected cross-site scripting xss vulnerability exists in the downloadZip functionality of MedDream PACS Premium...

6.1CVSS5.8AI score0.00317EPSS
Exploits1
Talos
Talos
added 2026/01/20 12:0 a.m.9 views

MedDream PACS Premium encapsulatedDoc arbitrary file read vulnerability

Talos Vulnerability Report TALOS-2025-2273 MedDream PACS Premium encapsulatedDoc arbitrary file read vulnerability January 20, 2026 CVE Number CVE-2025-53912 SUMMARY An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially...

9.6CVSS6.1AI score0.00436EPSS
Exploits1
Talos
Talos
added 2026/01/20 12:0 a.m.9 views

MedDream PACS Premium modifyAeTitle reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2260 MedDream PACS Premium modifyAeTitle reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54852 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyAeTitle functionality of MedDream PACS Premium...

6.1CVSS5.7AI score0.0026EPSS
Exploits1
Talos
Talos
added 2025/11/17 12:0 a.m.9 views

Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2175 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability November 17, 2025 CVE Number CVE-2025-36462,CVE-2025-36463,CVE-2025-36460,CVE-2025-36461 SUMMARY Multiple out-of-bounds read and write vulnerabilities...

7.3CVSS7.4AI score0.00125EPSS
Exploits0
Talos
Talos
added 2025/11/17 12:0 a.m.9 views

Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability

Talos Vulnerability Report TALOS-2025-2173 Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability November 17, 2025 CVE Number CVE-2025-31649 SUMMARY A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 5.14.3.0. A...

8.7CVSS6.8AI score0.00231EPSS
Exploits0
Talos
Talos
added 2025/11/05 12:0 a.m.9 views

Entr'ouvert Lasso lasso_node_init_from_message_with_format denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2195 Entr'ouvert Lasso lassonodeinitfrommessagewithformat denial of service vulnerability November 5, 2025 CVE Number CVE-2025-46784 SUMMARY A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso...

7.5CVSS6.9AI score0.0046EPSS
Exploits1
Talos
Talos
added 2025/09/24 12:0 a.m.9 views

NVIDIA nvdisasm symbol table parsing improper array index validation vulnerability

Talos Vulnerability Report TALOS-2025-2169 NVIDIA nvdisasm symbol table parsing improper array index validation vulnerability September 24, 2025 CVE Number CVE-2025-23338 SUMMARY An improper array index validation vulnerability exists in the symbol table parsing functionality of NVIDIA nvdisasm...

5.5CVSS6.9AI score0.00171EPSS
Exploits0
Talos
Talos
added 2025/08/25 12:0 a.m.9 views

SAIL Image Decoding Library PSD Image Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2218 SAIL Image Decoding Library PSD Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53510 SUMMARY A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...

8.8CVSS7.7AI score0.00636EPSS
Exploits1
Talos
Talos
added 2025/08/20 12:0 a.m.9 views

Tenda AC6 V5.0 HTTP Header Parsing denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2166 Tenda AC6 V5.0 HTTP Header Parsing denial of service vulnerability August 20, 2025 CVE Number CVE-2025-30256 SUMMARY A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted...

8.6CVSS7AI score0.00367EPSS
Exploits0
Talos
Talos
added 2025/08/20 12:0 a.m.9 views

Tenda AC6 V5.0 HTTP authentication bypass vulnerability

Talos Vulnerability Report TALOS-2025-2165 Tenda AC6 V5.0 HTTP authentication bypass vulnerability August 20, 2025 CVE Number CVE-2025-27129 SUMMARY An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP...

9.8CVSS7.5AI score0.01985EPSS
Exploits0
Talos
Talos
added 2025/08/20 12:0 a.m.9 views

Tenda AC6 V5.0 web portal authentication unencrypted transmission of credentials vulnerability

Talos Vulnerability Report TALOS-2025-2162 Tenda AC6 V5.0 web portal authentication unencrypted transmission of credentials vulnerability August 20, 2025 CVE Number CVE-2025-27564 SUMMARY A unencrypted transmission of credentials vulnerability exists in the web portal authentication functionality...

7.2AI score
Exploits0
Talos
Talos
added 2025/08/20 12:0 a.m.9 views

Tenda AC6 V5.0 Cloud API stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2168 Tenda AC6 V5.0 Cloud API stack-based buffer overflow vulnerability August 20, 2025 CVE Number CVE-2025-32010 SUMMARY A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HT...

9.8CVSS7.4AI score0.00641EPSS
Exploits0
Talos
Talos
added 2025/07/24 12:0 a.m.9 views

WWBN AVideo videosList page parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2206 WWBN AVideo videosList page parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-53084 SUMMARY A cross-site scripting xss vulnerability exists in the videosList page parameter functionality of WWBN AVideo 14.4 and dev master...

9CVSS5.5AI score0.00703EPSS
Exploits1
Talos
Talos
added 2025/06/03 12:0 a.m.9 views

Parallels Desktop prl_disp_service Snapshots.xml Hard Link Privilege Escalation

Talos Vulnerability Report TALOS-2024-2124 Parallels Desktop prldispservice Snapshots.xml Hard Link Privilege Escalation June 3, 2025 CVE Number CVE-2024-54189 SUMMARY A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 build 55740...

7.8CVSS7.7AI score0.00277EPSS
Exploits1
Talos
Talos
added 2025/04/02 12:0 a.m.9 views

STMicroelectronics X-CUBE-AZRTOS-F7 FileX Internal RAM interface buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2096 STMicroelectronics X-CUBE-AZRTOS-F7 FileX Internal RAM interface buffer overflow vulnerability April 2, 2025 CVE Number CVE-2024-45064 SUMMARY A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics...

9.8CVSS7.8AI score0.00989EPSS
Exploits1
Talos
Talos
added 2025/02/11 12:0 a.m.9 views

NVIDIA nvJPEG2000 Ndecomp heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2108 NVIDIA nvJPEG2000 Ndecomp heap-based buffer overflow vulnerability February 11, 2025 CVE Number CVE-2024-0144 SUMMARY A heap-based buffer overflow vulnerability exists in the Ndecomp field handling of NVIDIA nvJPEG2000 0.8.0. A specially crafted JPEG2000...

6.8CVSS7.1AI score0.00703EPSS
Exploits0
Talos
Talos
added 2025/02/11 12:0 a.m.9 views

NVIDIA nvJPEG2000 cSIZ out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2024-2080 NVIDIA nvJPEG2000 cSIZ out-of-bounds write vulnerability February 11, 2025 CVE Number CVE-2024-0142 SUMMARY A memory corruption vulnerability exists in the Image Decoding functionality of NVIDIA nvJPEG2000 0.8.0. A specially crafted .jp2 file can lead to...

6.8CVSS7.1AI score0.00586EPSS
Exploits0
Talos
Talos
added 2025/01/14 12:0 a.m.9 views

Wavlink AC3000 firewall.cgi iptablesWebsFilterRun() command injection vulnerability

Talos Vulnerability Report TALOS-2024-2023 Wavlink AC3000 firewall.cgi iptablesWebsFilterRun command injection vulnerability January 14, 2025 CVE Number CVE-2024-39367 SUMMARY An os command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun functionality of Wavlink AC3000...

9.1CVSS7.9AI score0.08248EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.9 views

Wavlink AC3000 adm.cgi set_wzdap() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2027 Wavlink AC3000 adm.cgi setwzdap buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39358 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setwzap functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...

9.1CVSS7.8AI score0.01805EPSS
Exploits1
Talos
Talos
added 2025/01/14 12:0 a.m.9 views

Wavlink AC3000 internet.cgi set_add_routing() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2021 Wavlink AC3000 internet.cgi setaddrouting buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39288 SUMMARY A buffer overflow vulnerability exists in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A...

9.1CVSS7.7AI score0.13476EPSS
Exploits1
Talos
Talos
added 2026/07/01 12:0 a.m.8 views

GeoVision GeoWebPlayer Websocket Server out-of-bounds read vulnerabilities

Summary Multiple exploitable out-of-bounds read vulnerabilities exist in the Websocket Server functionality of GeoWebPlayer versions: 1.1.1.0. A specially crafted websocket message can lead to a arbitrary code execution. An attacker can stage a malicious webpage to trigger these vulnerabilities...

8.3CVSS6.1AI score0.00215EPSS
Exploits0
Talos
Talos
added 2026/06/25 12:0 a.m.8 views

vtk vtk-dicom vtkDICOMItem::FindDataElementOrInsert heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the vtkDICOMItem::FindDataElementOrInsert functionality of vtk-dicom versions: 9.5.2. A specially crafted DICOM file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

8.1CVSS6.4AI score0.0032EPSS
Exploits0
Talos
Talos
added 2026/06/15 12:0 a.m.8 views

GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability

Summary A insufficient encryption vulnerability exists in the Device Authentication functionality of GV-IP Device Utility versions: 9.0.5. A specially crafted network sniffing can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. Confirmed...

9.3CVSS5.6AI score0.00214EPSS
Exploits0
Talos
Talos
added 2026/06/15 12:0 a.m.8 views

GeoVision LPC2011/LPC2211 DdnsSetting.cgi OS command injection vulnerability

Summary A OS command injection vulnerability exists in the DdnsSetting.cgi functionality of LPC2011/LPC2211 versions: 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An attacker can modify a configuration value to trigger this vulnerability. Confirmed...

9.9CVSS6.4AI score0.01606EPSS
Exploits0
Talos
Talos
added 2026/04/07 12:0 a.m.8 views

LibRaw HuffTable::initval heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2026-2330 LibRaw HuffTable::initval heap-based buffer overflow vulnerability April 7, 2026 CVE Number CVE-2026-20911 SUMMARY A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A...

9.8CVSS6.5AI score0.00504EPSS
Exploits1
Talos
Talos
added 2026/03/17 12:0 a.m.8 views

Canva Affinity EMF File EMR_FRAMERGN Type Confusion Vulnerability

Talos Vulnerability Report TALOS-2025-2297 Canva Affinity EMF File EMRFRAMERGN Type Confusion Vulnerability March 17, 2026 CVE Number CVE-2025-66342 SUMMARY A type confusion vulnerability exists in the EMF functionality of Canva Affinity. A specially crafted EMF file can trigger this vulnerabilit...

7.8CVSS6AI score0.00278EPSS
Exploits1
Talos
Talos
added 2026/03/17 12:0 a.m.8 views

Canva Affinity EMF File EMR_POLYPOLYLINE16 Count Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2315 Canva Affinity EMF File EMRPOLYPOLYLINE16 Count Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-66617 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file...

7.1CVSS6AI score0.00268EPSS
Exploits1
Talos
Talos
added 2026/03/17 12:0 a.m.8 views

Canva Affinity EMF File EMR_EXTTEXTOUTA offDx Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2321 Canva Affinity EMF File EMREXTTEXTOUTA offDx Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-62403 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, a...

7.1CVSS6AI score0.00268EPSS
Exploits1
Talos
Talos
added 2026/03/17 12:0 a.m.8 views

Canva Affinity EMF File EMR_CREATEDIBPATTERNBRUSHPT DIBHeaderInfo HeaderSize Out-Of-Bounds Write Vulnerability

Talos Vulnerability Report TALOS-2025-2310 Canva Affinity EMF File EMRCREATEDIBPATTERNBRUSHPT DIBHeaderInfo HeaderSize Out-Of-Bounds Write Vulnerability March 17, 2026 CVE Number CVE-2025-64301 SUMMARY An out‑of‑bounds write vulnerability exists in the EMF functionality of Canva Affinity. By usin...

7.8CVSS6.1AI score0.00269EPSS
Exploits1
Talos
Talos
added 2026/03/17 12:0 a.m.8 views

Canva Affinity EMF File EMR_BITBLT offBmiSrc Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2311 Canva Affinity EMF File EMRBITBLT offBmiSrc Out-Of-Bounds Read Vulnerability March 17, 2026 CVE Number CVE-2025-64776 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of Canva Affinity. By using a specially crafted EMF file, an...

7.1CVSS5.9AI score0.00277EPSS
Exploits1
Total number of security vulnerabilities2224