2204 matches found
Tp-Link AX53 v1.0 tmpServer opcode 0x1003 stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2289 Tp-Link AX53 v1.0 tmpServer opcode 0x1003 stack-based buffer overflow vulnerability March 16, 2026 CVE Number CVE-2025-58455 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x1003 functionality of Tp-Link AX53 v1.0 1.3....
Tp-Link AX53 v1.0 SSH Hostkey misconfiguration vulnerability
Talos Vulnerability Report TALOS-2025-2291 Tp-Link AX53 v1.0 SSH Hostkey misconfiguration vulnerability March 16, 2026 CVE Number CVE-2025-62501 SUMMARY A misconfiguration vulnerability exists in the SSH Hostkey functionality of Tp-Link AX53 v1.0 1.3.1 Build 20241120 rel.549015553. A specially...
Microsoft DirectX End-User Runtime Web Installer Privilege Escalation Vulnerability
Talos Vulnerability Report TALOS-2025-2293 Microsoft DirectX End-User Runtime Web Installer Privilege Escalation Vulnerability March 11, 2026 CVE Number CVE-2025-68623 SUMMARY A local privilege escalation vulnerability exists during the installation of Microsoft DirectX End-User Runtime. A...
The Biosig Project libbiosig Nicolet WFT parsing heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2362 The Biosig Project libbiosig Nicolet WFT parsing heap-based buffer overflow vulnerability March 3, 2026 CVE Number CVE-2026-20777 SUMMARY A heap-based buffer overflow vulnerability exists in the Nicolet WFT parsing functionality of The Biosig Project...
The Biosig Project libbiosig ABF parsing out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2025-2323 The Biosig Project libbiosig ABF parsing out-of-bounds read vulnerability March 3, 2026 CVE Number CVE-2025-64736 SUMMARY An out-of-bounds read vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.2 and Master Branch...
The Biosig Project libbiosig Intan CLP parsing heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2026-2361 The Biosig Project libbiosig Intan CLP parsing heap-based buffer overflow vulnerability March 3, 2026 CVE Number CVE-2026-22891 SUMMARY A heap-based buffer overflow vulnerability exists in the Intan CLP parsing functionality of The Biosig Project libbios...
OpenCFD OpenFOAM Code Stream directive arbitrary code execution vulnerability
Talos Vulnerability Report TALOS-2025-2292 OpenCFD OpenFOAM Code Stream directive arbitrary code execution vulnerability February 18, 2026 CVE Number CVE-2025-61982 SUMMARY An arbitrary code execution vulnerability exists in the Code Stream directive functionality of OpenCFD OpenFOAM 2506. A...
MedDream PACS Premium existingUser reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2257 MedDream PACS Premium existingUser reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54778 SUMMARY A reflected cross-site scripting xss vulnerability exists in the existingUser functionality of MedDream PACS Premium...
MedDream PACS Premium fetchPriorStudies reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2258 MedDream PACS Premium fetchPriorStudies reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-46270 SUMMARY A reflected cross-site scripting xss vulnerability exists in the fetchPriorStudies functionality of MedDream PACS...
MedDream PACS Premium sendOruReport reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2270 MedDream PACS Premium sendOruReport reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-44000 SUMMARY A reflected cross-site scripting xss vulnerability exists in the sendOruReport functionality of MedDream PACS Premium...
MedDream PACS Premium encapsulatedDoc reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2256 MedDream PACS Premium encapsulatedDoc reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54157 SUMMARY A reflected cross-site scripting xss vulnerability exists in the encapsulatedDoc functionality of MedDream PACS...
MedDream PACS Premium modifyEmail reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2263 MedDream PACS Premium modifyEmail reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-57881 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyEmail functionality of MedDream PACS Premium...
MedDream PACS Premium modifyCoercion reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2262 MedDream PACS Premium modifyCoercion reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54861 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyCoercion functionality of MedDream PACS Premiu...
MedDream PACS Premium autoPurge reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2253 MedDream PACS Premium autoPurge reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54817 SUMMARY A reflected cross-site scripting xss vulnerability exists in the autoPurge functionality of MedDream PACS Premium 7.3.6.87...
MedDream PACS Premium modifyRoute reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2266 MedDream PACS Premium modifyRoute reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-57787 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyRoute functionality of MedDream PACS Premium...
MedDream PACS Premium modifyHL7Route reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2265 MedDream PACS Premium modifyHL7Route reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-53854 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyHL7Route functionality of MedDream PACS Premiu...
MedDream PACS Premium modifyTranscript reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2267 MedDream PACS Premium modifyTranscript reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-53707 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyTranscript functionality of MedDream PACS...
MedDream PACS Premium modifyUser reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2268 MedDream PACS Premium modifyUser reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54853 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyUser functionality of MedDream PACS Premium...
MedDream PACS Premium modifyAutopurgeFilter reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2261 MedDream PACS Premium modifyAutopurgeFilter reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54814 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyAutopurgeFilter functionality of MedDre...
MedDream PACS Premium notifynewstudy reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2269 MedDream PACS Premium notifynewstudy reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-57786 SUMMARY A reflected cross-site scripting xss vulnerability exists in the notifynewstudy functionality of MedDream PACS Premiu...
MedDream PACS Premium config.php multiple reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2271 MedDream PACS Premium config.php multiple reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-58089,CVE-2025-58093,CVE-2025-58090,CVE-2025-58091,CVE-2025-58088,CVE-2025-58087,CVE-2025-58094,CVE-2025-58095,CVE-2025-58092...
MedDream PACS Premium downloadZip reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2254 MedDream PACS Premium downloadZip reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-53516 SUMMARY A reflected cross-site scripting xss vulnerability exists in the downloadZip functionality of MedDream PACS Premium...
MedDream PACS Premium ldapUser reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2272 MedDream PACS Premium ldapUser reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-36556 SUMMARY A reflected cross-site scripting xss vulnerability exists in the ldapUser functionality of MedDream PACS Premium 7.3.6.870....
MedDream PACS Premium encapsulatedDoc arbitrary file read vulnerability
Talos Vulnerability Report TALOS-2025-2273 MedDream PACS Premium encapsulatedDoc arbitrary file read vulnerability January 20, 2026 CVE Number CVE-2025-53912 SUMMARY An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially...
MedDream PACS Premium modifyHL7App reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2264 MedDream PACS Premium modifyHL7App reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-58080 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyHL7App functionality of MedDream PACS Premium...
MedDream PACS Premium modifyAnonymize reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2259 MedDream PACS Premium modifyAnonymize reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-55071 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyAnonymize functionality of MedDream PACS...
MedDream PACS Premium emailfailedjob reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2255 MedDream PACS Premium emailfailedjob reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54495 SUMMARY A reflected cross-site scripting xss vulnerability exists in the emailfailedjob functionality of MedDream PACS Premiu...
MedDream PACS Premium modifyAeTitle reflected cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2025-2260 MedDream PACS Premium modifyAeTitle reflected cross-site scripting XSS vulnerability January 20, 2026 CVE Number CVE-2025-54852 SUMMARY A reflected cross-site scripting xss vulnerability exists in the modifyAeTitle functionality of MedDream PACS Premium...
Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability
Talos Vulnerability Report TALOS-2025-2279 Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability January 15, 2026 CVE Number CVE-2025-61973 SUMMARY A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A...
Foxit Reader Barcode Calculate CPDF_FormField Use-After-Free Vulnerability
Talos Vulnerability Report TALOS-2025-2277 Foxit Reader Barcode Calculate CPDFFormField Use-After-Free Vulnerability December 19, 2025 CVE Number CVE-2025-58085 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader handles a Barcode field object. A specially crafted JavaScript cod...
Foxit PDF Editor Installation Uncontrolled Search Path Privilege Escalation Vulnerability
Talos Vulnerability Report TALOS-2025-2275 Foxit PDF Editor Installation Uncontrolled Search Path Privilege Escalation Vulnerability December 19, 2025 CVE Number CVE-2025-57779 SUMMARY A privilege escalation vulnerability exists during the installation of Foxit PDF Editor via the Microsoft Store....
Foxit Reader Text Widget Format Use-After-Free Vulnerability
Talos Vulnerability Report TALOS-2025-2278 Foxit Reader Text Widget Format Use-After-Free Vulnerability December 19, 2025 CVE Number CVE-2025-59488 SUMMARY A use-after-free vulnerability exists in the way Foxit Reader handles a Text Widget field object. A specially crafted JavaScript code inside ...
smallstep Step-CA Certificate Signing authentication bypass vulnerability
Talos Vulnerability Report TALOS-2025-2242 smallstep Step-CA Certificate Signing authentication bypass vulnerability December 17, 2025 CVE Number CVE-2025-44005 SUMMARY An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completi...
Grassroot DICOM Overlay::GrabOverlayFromPixelData out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2025-2211 Grassroot DICOM Overlay::GrabOverlayFromPixelData out-of-bounds read vulnerability December 16, 2025 CVE Number CVE-2025-52582 SUMMARY An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM...
Grassroot DICOM RLECodec::DecodeByStreams out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2025-2214 Grassroot DICOM RLECodec::DecodeByStreams out-of-bounds read vulnerability December 16, 2025 CVE Number CVE-2025-48429 SUMMARY An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially...
Grassroot DICOM JPEGBITSCodec::InternalCode out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2025-2210 Grassroot DICOM JPEGBITSCodec::InternalCode out-of-bounds read vulnerability December 16, 2025 CVE Number CVE-2025-53619,CVE-2025-53618 SUMMARY An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM...
The Biosig Project libbiosig MFER parsing multiple stack-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2025-2296 The Biosig Project libbiosig MFER parsing multiple stack-based buffer overflow vulnerabilities December 11, 2025 CVE Number CVE-2025-66047,CVE-2025-66045,CVE-2025-66044,CVE-2025-66048,CVE-2025-66043,CVE-2025-66046 SUMMARY Several stack-based buffer...
PDF-XChange Editor EMF File EMR_SMALLTEXTOUT Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2280 PDF-XChange Editor EMF File EMRSMALLTEXTOUT Out-Of-Bounds Read Vulnerability December 2, 2025 CVE Number CVE-2025-58113 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.7.3.401. By...
Socomec DIRIS Digiware M-70 Modbus TCP and Modbus RTU over TCP denial of service vulnerability
Talos Vulnerability Report TALOS-2025-2248 Socomec DIRIS Digiware M-70 Modbus TCP and Modbus RTU over TCP denial of service vulnerability December 1, 2025 CVE Number CVE-2025-54848,CVE-2025-54851,CVE-2025-54849,CVE-2025-54850 SUMMARY A denial of service vulnerability exists in the Modbus TCP and...
Socomec DIRIS Digiware M-70 Modbus RTU over TCP factory reset denial of service vulnerability
Talos Vulnerability Report TALOS-2025-2138 Socomec DIRIS Digiware M-70 Modbus RTU over TCP factory reset denial of service vulnerability December 1, 2025 CVE Number CVE-2025-20085 SUMMARY A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware...
Socomec DIRIS Digiware M-70 Modbus RTU over TCP reboot denial of service vulnerability
Talos Vulnerability Report TALOS-2025-2139 Socomec DIRIS Digiware M-70 Modbus RTU over TCP reboot denial of service vulnerability December 1, 2025 CVE Number CVE-2025-23417 SUMMARY A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70...
Socomec DIRIS Digiware M-70 WEBVIEW-M cleartext transmission vulnerability
Talos Vulnerability Report TALOS-2024-2115 Socomec DIRIS Digiware M-70 WEBVIEW-M cleartext transmission vulnerability December 1, 2025 CVE Number CVE-2024-48894 SUMMARY A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially...
Socomec DIRIS Digiware M-70 Modbus TCP buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2152 Socomec DIRIS Digiware M-70 Modbus TCP buffer overflow vulnerability December 1, 2025 CVE Number CVE-2025-26858 SUMMARY A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted set o...
Socomec DIRIS Digiware M-70 Modbus TCP reboot denial of service vulnerability
Talos Vulnerability Report TALOS-2024-2119 Socomec DIRIS Digiware M-70 Modbus TCP reboot denial of service vulnerability December 1, 2025 CVE Number CVE-2024-48882 SUMMARY A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially...
Socomec DIRIS Digiware M-70 Modbus TCP and Modbus RTU over TCP USB Function denial of service vulnerability
Talos Vulnerability Report TALOS-2025-2251 Socomec DIRIS Digiware M-70 Modbus TCP and Modbus RTU over TCP USB Function denial of service vulnerability December 1, 2025 CVE Number CVE-2025-55222,CVE-2025-55221 SUMMARY A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over T...
Socomec Easy Config System User profile management authentication bypass vulnerability
Talos Vulnerability Report TALOS-2024-2117 Socomec Easy Config System User profile management authentication bypass vulnerability December 1, 2025 CVE Number CVE-2024-45370 SUMMARY An authentication bypass vulnerability exists in the User profile management functionality of Socomec Easy Config...
Socomec DIRIS Digiware M-70 WEBVIEW-M cross-site request forgery (CSRF) vulnerability
Talos Vulnerability Report TALOS-2024-2116 Socomec DIRIS Digiware M-70 WEBVIEW-M cross-site request forgery CSRF vulnerability December 1, 2025 CVE Number CVE-2024-53684 SUMMARY A cross-site request forgery csrf vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70...
Socomec DIRIS Digiware M-70 Modbus TCP factory reset denial of service vulnerability
Talos Vulnerability Report TALOS-2024-2118 Socomec DIRIS Digiware M-70 Modbus TCP factory reset denial of service vulnerability December 1, 2025 CVE Number CVE-2024-49572 SUMMARY A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A...
GL-Inet GL-AXT1800 OTA Update firmware downgrade vulnerability
Talos Vulnerability Report TALOS-2025-2230 GL-Inet GL-AXT1800 OTA Update firmware downgrade vulnerability November 24, 2025 CVE Number CVE-2025-44018 SUMMARY A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4.7.0. A specially crafted .tar file can le...
Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2025-2175 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter out-of-bounds write vulnerability November 17, 2025 CVE Number CVE-2025-36462,CVE-2025-36463,CVE-2025-36460,CVE-2025-36461 SUMMARY Multiple out-of-bounds read and write vulnerabilities...