Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability

Talos Vulnerability Report TALOS-2025-2174 Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter privilege escalation vulnerability November 17, 2025 CVE Number CVE-2025-31361 SUMMARY A privilege escalation vulnerability exists in the ControlVault WBDI Driver WBIOUSHADDRECORD...

Dell ControlVault3 CvManager buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2189 Dell ControlVault3 CvManager buffer overflow vulnerability November 17, 2025 CVE Number CVE-2025-36553 SUMMARY A buffer overflow vulnerability exists in the CvManager functionality of Dell ControlVault3 5.14.3.0 and 5.15.10.14, A31. A specially crafted...

Dell ControlVault3 CvManager_SBI buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2188 Dell ControlVault3 CvManagerSBI buffer overflow vulnerability November 17, 2025 CVE Number CVE-2025-32089 SUMMARY A buffer overflow vulnerability exists in the CvManagerSBI functionality of Dell ControlVault3 5.14.3.0 and 5.15.10.14, A31. A specially...

Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability

Talos Vulnerability Report TALOS-2025-2173 Dell ControlVault3 ControlVault WBDI Driver hard-coded password vulnerability November 17, 2025 CVE Number CVE-2025-31649 SUMMARY A hard-coded password vulnerability exists in the ControlVault WBDI Driver functionality of Dell ControlVault3 5.14.3.0. A...

Entr'ouvert Lasso g_assert_not_reached denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2196 Entr'ouvert Lasso gassertnotreached denial of service vulnerability November 5, 2025 CVE Number CVE-2025-46705 SUMMARY A denial of service vulnerability exists in the gassertnotreached functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially craft...

Entr'ouvert Lasso lasso_provider_verify_saml_signature denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2194 Entr'ouvert Lasso lassoproviderverifysamlsignature denial of service vulnerability November 5, 2025 CVE Number CVE-2025-46404 SUMMARY A denial of service vulnerability exists in the lassoproviderverifysamlsignature functionality of Entr'ouvert Lasso 2.5....

Entr'ouvert Lasso lasso_node_init_from_message_with_format denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2195 Entr'ouvert Lasso lassonodeinitfrommessagewithformat denial of service vulnerability November 5, 2025 CVE Number CVE-2025-46784 SUMMARY A denial of service vulnerability exists in the lassonodeinitfrommessagewithformat functionality of Entr'ouvert Lasso...

Entr'ouvert Lasso lasso_node_impl_init_from_xml type confusion vulnerability

Talos Vulnerability Report TALOS-2025-2193 Entr'ouvert Lasso lassonodeimplinitfromxml type confusion vulnerability November 5, 2025 CVE Number CVE-2025-47151 SUMMARY A type confusion vulnerability exists in the lassonodeimplinitfromxml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A special...

GCC Productions Inc. Fade In XML parser use-after-free vulnerability

Talos Vulnerability Report TALOS-2025-2252 GCC Productions Inc. Fade In XML parser use-after-free vulnerability October 28, 2025 CVE Number CVE-2025-53814 SUMMARY A use-after-free vulnerability exists in the XML parser functionality of GCC Productions Inc. Fade In 4.2.0. A specially crafted .xml...

GCC Productions Inc. Fade In XML parser out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2250 GCC Productions Inc. Fade In XML parser out-of-bounds write vulnerability October 28, 2025 CVE Number CVE-2025-53855 SUMMARY An out-of-bounds write vulnerability exists in the XML parser functionality of GCC Productions Inc. Fade In 4.2.0. A specially...

Truffle Security Co. TruffleHog git arbitrary code execution vulnerability

Talos Vulnerability Report TALOS-2025-2243 Truffle Security Co. TruffleHog git arbitrary code execution vulnerability October 20, 2025 CVE Number CVE-2025-41390 SUMMARY An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially...

Dell BSAFE Crypto-C _A_DecodeElement out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2141 Dell BSAFE Crypto-C ADecodeElement out-of-bounds read vulnerability October 16, 2025 CVE Number CVE-2019-3728 SUMMARY An integer underflow vulnerability exists in the ADecodeElement functionality of Dell BSAFE Crypto-C xxx. A specially crafted ASN.1 reco...

Dell BSAFE Crypto-C GetIndefiniteElementLen stack overflow vulnerability

Talos Vulnerability Report TALOS-2025-2142 Dell BSAFE Crypto-C GetIndefiniteElementLen stack overflow vulnerability October 16, 2025 CVE Number None SUMMARY A stack overflow vulnerability exists in the GetIndefiniteElementLen functionality of Dell BSAFE Crypto-C xxx. A specially crafted ASN.1...

Dell BSAFE Crypto-C _A_DecodeType out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2140 Dell BSAFE Crypto-C ADecodeType out-of-bounds read vulnerability October 16, 2025 CVE Number CVE-2019-3728 SUMMARY An integer overflow vulnerability exists in the ADecodeType functionality of Dell BSAFE Crypto-C xxx. A specially crafted ASN.1 record can...

Planet WGR-500 formPingCmd stack-based buffer overflow vulnerabilities

Talos Vulnerability Report TALOS-2025-2226 Planet WGR-500 formPingCmd stack-based buffer overflow vulnerabilities October 7, 2025 CVE Number CVE-2025-54401,CVE-2025-54400,CVE-2025-54399,CVE-2025-54402 SUMMARY Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd...

Planet WGR-500 formPingCmd OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2025-2229 Planet WGR-500 formPingCmd OS command injection vulnerabilities October 7, 2025 CVE Number CVE-2025-54406,CVE-2025-54405 SUMMARY Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A...

Planet WGR-500 swctrl OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2025-2227 Planet WGR-500 swctrl OS command injection vulnerabilities October 7, 2025 CVE Number CVE-2025-54404,CVE-2025-54403 SUMMARY Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially...

OpenPLC OpenPLC_v3 ModbusTCP server denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2223 OpenPLC OpenPLCv3 ModbusTCP server denial of service vulnerability October 7, 2025 CVE Number CVE-2025-53476 SUMMARY A denial of service vulnerability exists in the ModbusTCP server functionality of OpenPLC v3 a931181e8b81e36fadf7b74d5cba99b73c3f6d58. A...

Planet WGR-500 formPingCmd format string vulnerability

Talos Vulnerability Report TALOS-2025-2228 Planet WGR-500 formPingCmd format string vulnerability October 7, 2025 CVE Number CVE-2025-48826 SUMMARY A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests c...

NVIDIA nvdisasm REL section header parsing out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2204 NVIDIA nvdisasm REL section header parsing out-of-bounds write vulnerability September 24, 2025 CVE Number CVE-2025-23308 SUMMARY An out-of-bounds write vulnerability exists in the REL section header parsing functionality of NVIDIA nvdisasm 12.9.88. A...

NVIDIA nvdisasm RELA section parsing out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2172 NVIDIA nvdisasm RELA section parsing out-of-bounds write vulnerability September 24, 2025 CVE Number CVE-2025-23340 SUMMARY An out-of-bounds write vulnerability exists in the RELA section parsing functionality of NVIDIA nvdisasm 12.8.90. A specially...

NVIDIA cuobjdump DWARF debug abbreviations parsing arbitrary code execution vulnerability

Talos Vulnerability Report TALOS-2025-2155 NVIDIA cuobjdump DWARF debug abbreviations parsing arbitrary code execution vulnerability September 24, 2025 CVE Number CVE-2025-23339 SUMMARY An arbitrary code execution vulnerability exists in the DWARF parsing functionality of NVIDIA cuobjdump 12.8.55...

NVIDIA nvdisasm symbol table parsing improper array index validation vulnerability

Talos Vulnerability Report TALOS-2025-2169 NVIDIA nvdisasm symbol table parsing improper array index validation vulnerability September 24, 2025 CVE Number CVE-2025-23338 SUMMARY An improper array index validation vulnerability exists in the symbol table parsing functionality of NVIDIA nvdisasm...

NVIDIA nvdisasm REL section header parsing heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2191 NVIDIA nvdisasm REL section header parsing heap-based buffer overflow vulnerability September 24, 2025 CVE Number CVE-2025-23271 SUMMARY A heap-based buffer overflow vulnerability exists in the REL section header parsing functionality of NVIDIA nvdisasm...

Adobe Acrobat Reader Page Property Use-After-Free Vulnerability

Talos Vulnerability Report TALOS-2025-2222 Adobe Acrobat Reader Page Property Use-After-Free Vulnerability September 23, 2025 CVE Number CVE-2025-54257 SUMMARY A use-after-free vulnerability exists in the page property functionality of Adobe Acrobat Reader 2025.001.20531. A specially crafted...

The Biosig Project libbiosig RHS2000 parsing heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2240 The Biosig Project libbiosig RHS2000 parsing heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-48005 SUMMARY A heap-based buffer overflow vulnerability exists in the RHS2000 parsing functionality of The Biosig Project libbiosig...

The Biosig Project libbiosig ISHNE ECG Annotations file parsing heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2232 The Biosig Project libbiosig ISHNE ECG Annotations file parsing heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53853 SUMMARY A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig...

SAIL Image Decoding Library BMPv3 Palette Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2215 SAIL Image Decoding Library BMPv3 Palette Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-46407 SUMMARY A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library...

SAIL Image Decoding Library Targa RLE Decoding heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2220 SAIL Image Decoding Library Targa RLE Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-50129 SUMMARY A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library...

The Biosig Project libbiosig MFER unvalidated length stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2234 The Biosig Project libbiosig MFER unvalidated length stack-based buffer overflow vulnerability August 25, 2025 CVE Number...

The Biosig Project libbiosig ABF parsing integer overflow to heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2231 The Biosig Project libbiosig ABF parsing integer overflow to heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53518 SUMMARY An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project...

The Biosig Project libbiosig MFER Tag 3 null write stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2236 The Biosig Project libbiosig MFER Tag 3 null write stack-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-46411 SUMMARY A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project...

SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2221 SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52930 SUMMARY A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...

SAIL Image Decoding Library PSD Image Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2218 SAIL Image Decoding Library PSD Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53510 SUMMARY A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...

The Biosig Project libbiosig MFER default NS mismatch heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2237 The Biosig Project libbiosig MFER default NS mismatch heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53511 SUMMARY A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project...

The Biosig Project libbiosig Nex parsing out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2025-2238 The Biosig Project libbiosig Nex parsing out-of-bounds read vulnerability August 25, 2025 CVE Number CVE-2025-52461 SUMMARY An out-of-bounds read vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branc...

SAIL Image Decoding Library WebP Image Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2224 SAIL Image Decoding Library WebP Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52456 SUMMARY A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8...

SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2216 SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-32468 SUMMARY A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8...

The Biosig Project libbiosig Nex parsing heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2239 The Biosig Project libbiosig Nex parsing heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-54462 SUMMARY A heap-based buffer overflow vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 a...

SAIL Image Decoding Library PSD RLE Decoding heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2219 SAIL Image Decoding Library PSD RLE Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53085 SUMMARY A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library...

The Biosig Project libbiosig MFER Tag 63 parsing heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2235 The Biosig Project libbiosig MFER Tag 63 parsing heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53557 SUMMARY A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosi...

SAIL Image Decoding Library PCX Image Decoding heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2217 SAIL Image Decoding Library PCX Image Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-35984 SUMMARY A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library...

The Biosig Project libbiosig GDF parsing integer overflow to heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2233 The Biosig Project libbiosig GDF parsing integer overflow to heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52581 SUMMARY An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project...

Tenda AC6 V5.0 web portal authentication unencrypted transmission of credentials vulnerability

Talos Vulnerability Report TALOS-2025-2162 Tenda AC6 V5.0 web portal authentication unencrypted transmission of credentials vulnerability August 20, 2025 CVE Number CVE-2025-27564 SUMMARY A unencrypted transmission of credentials vulnerability exists in the web portal authentication functionality...

Tenda AC6 V5.0 /goform/getproductInfo information disclosure vulnerability

Talos Vulnerability Report TALOS-2025-2164 Tenda AC6 V5.0 /goform/getproductInfo information disclosure vulnerability August 20, 2025 CVE Number CVE-2025-24496 SUMMARY An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110...

Tenda AC6 V5.0 Firmware Signature Validation firmware update vulnerability

Talos Vulnerability Report TALOS-2025-2161 Tenda AC6 V5.0 Firmware Signature Validation firmware update vulnerability August 20, 2025 CVE Number CVE-2025-31355 SUMMARY A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A...

Tenda AC6 V5.0 HTTP Header Parsing denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2166 Tenda AC6 V5.0 HTTP Header Parsing denial of service vulnerability August 20, 2025 CVE Number CVE-2025-30256 SUMMARY A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted...

Tenda AC6 V5.0 missing initial setup authentication vulnerability

Talos Vulnerability Report TALOS-2025-2163 Tenda AC6 V5.0 missing initial setup authentication vulnerability August 20, 2025 CVE Number CVE-2025-24322 SUMMARY An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A...

Tenda AC6 V5.0 HTTP authentication bypass vulnerability

Talos Vulnerability Report TALOS-2025-2165 Tenda AC6 V5.0 HTTP authentication bypass vulnerability August 20, 2025 CVE Number CVE-2025-27129 SUMMARY An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP...

Tenda AC6 V5.0 Cloud API stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2168 Tenda AC6 V5.0 Cloud API stack-based buffer overflow vulnerability August 20, 2025 CVE Number CVE-2025-32010 SUMMARY A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HT...