Tenda AC6 V5.0 Tenda App Router Authentication cleartext transmission vulnerability

Talos Vulnerability Report TALOS-2025-2178 Tenda AC6 V5.0 Tenda App Router Authentication cleartext transmission vulnerability August 20, 2025 CVE Number CVE-2025-31143 SUMMARY A cleartext transmission vulnerability exists in the Tenda App Router Authentication functionality of Tenda AC6 V5.0...

Tenda AC6 V5.0 Session Authentication Cookie unencrypted transmission of credentials vulnerability

Talos Vulnerability Report TALOS-2025-2167 Tenda AC6 V5.0 Session Authentication Cookie unencrypted transmission of credentials vulnerability August 20, 2025 CVE Number CVE-2025-31646 SUMMARY A unencrypted transmission of credentials vulnerability exists in the Session Authentication Cookie...

OpenPrinting ippusbxd media-size-supported stack based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2071 OpenPrinting ippusbxd media-size-supported stack based buffer overflow vulnerability August 19, 2025 CVE Number CVE-2024-45062 SUMMARY A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer th...

Foxit Reader Signature Uninitialized Pointer Vulnerability

Talos Vulnerability Report TALOS-2025-2202 Foxit Reader Signature Uninitialized Pointer Vulnerability August 13, 2025 CVE Number CVE-2025-32451 SUMMARY A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascrip...

Dell ControlVault3 cv_upgrade_sensor_firmware out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2137 Dell ControlVault3 cvupgradesensorfirmware out-of-bounds write vulnerability August 9, 2025 CVE Number CVE-2025-25050 SUMMARY An out-of-bounds write vulnerability exists in the cvupgradesensorfirmware functionality of Dell ControlVault3 5.14.3.0. A...

Dell ControlVault3 securebio_identify stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2130 Dell ControlVault3 securebioidentify stack-based buffer overflow vulnerability August 9, 2025 CVE Number CVE-2025-24922 SUMMARY A stack-based buffer overflow vulnerability exists in the securebioidentify functionality of Dell ControlVault3 5.14.3.0. A...

Dell ControlVault3 cvhDecapsulateCmd improper input validation vulnerability

Talos Vulnerability Report TALOS-2025-2153 Dell ControlVault3 cvhDecapsulateCmd improper input validation vulnerability August 9, 2025 CVE Number CVE-2025-24919 SUMMARY A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality of Dell ControlVault3 prior to...

Dell ControlVault3 cv_close arbitrary free vulnerability

Talos Vulnerability Report TALOS-2024-2129 Dell ControlVault3 cvclose arbitrary free vulnerability August 9, 2025 CVE Number CVE-2025-25215 SUMMARY An arbitrary free vulnerability exists in the cvclose functionality of Dell ControlVault3 5.14.3.0. A specially crafted ControlVault API call can lea...

Dell ControlVault3 cv_send_blockdata out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-2127 Dell ControlVault3 cvsendblockdata out-of-bounds read vulnerability August 9, 2025 CVE Number CVE-2025-24311 SUMMARY An out-of-bounds read vulnerability exists in the cvsendblockdata functionality of Dell ControlVault3 5.14.3.0. A specially crafted...

PDF-XChange Editor EMF File EMR_EXTCREATEFONTINDIRECTW Facename Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2203 PDF-XChange Editor EMF File EMREXTCREATEFONTINDIRECTW Facename Out-Of-Bounds Read Vulnerability August 5, 2025 CVE Number CVE-2025-47152 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor...

PDF-XChange Editor EMF File EMR_POLYDRAW16 PT_BEZIERTO Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2171 PDF-XChange Editor EMF File EMRPOLYDRAW16 PTBEZIERTO Out-Of-Bounds Read Vulnerability August 5, 2025 CVE Number CVE-2025-27931 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using ...

Eclipse ThreadX FileX RAM disk driver buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2088 Eclipse ThreadX FileX RAM disk driver buffer overflow vulnerability July 30, 2025 CVE Number CVE-2025-55089 SUMMARY A buffer overflow vulnerability exists in the FileX RAM disk driver functionality of Eclipse ThreadX FileX git commit 1b85eb2. A specially...

MedDream PACS Premium setup incorrect default permissions vulnerability

Talos Vulnerability Report TALOS-2025-2154 MedDream PACS Premium setup incorrect default permissions vulnerability July 28, 2025 CVE Number CVE-2025-26469 SUMMARY An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium...

MedDream PACS Premium radiationDoseReport.php reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2176 MedDream PACS Premium radiationDoseReport.php reflected cross-site scripting XSS vulnerability July 28, 2025 CVE Number CVE-2025-32731 SUMMARY A reflected cross-site scripting xss vulnerability exists in the radiationDoseReport.php functionality of...

MedDream PACS Premium cecho.php SSRF vulnerability

Talos Vulnerability Report TALOS-2025-2177 MedDream PACS Premium cecho.php SSRF vulnerability July 28, 2025 CVE Number CVE-2025-24485 SUMMARY A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTTP request can...

MedDream PACS Premium PACS privilege escalation vulnerability

Talos Vulnerability Report TALOS-2025-2156 MedDream PACS Premium PACS privilege escalation vulnerability July 28, 2025 CVE Number CVE-2025-27724 SUMMARY A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php...

WWBN AVideo aVideoEncoder.json.php unzip race condition vulnerability

Talos Vulnerability Report TALOS-2025-2212 WWBN AVideo aVideoEncoder.json.php unzip race condition vulnerability July 24, 2025 CVE Number CVE-2025-25214 SUMMARY A race condition vulnerability exists in the aVideoEncoder.json.php unzip functionality of WWBN AVideo 14.4 and dev master commit...

WWBN AVideo videoNotFound 404ErrorMsg parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2207 WWBN AVideo videoNotFound 404ErrorMsg parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-50128 SUMMARY A cross-site scripting xss vulnerability exists in the videoNotFound 404ErrorMsg parameter functionality of WWBN AVideo...

WWBN AVideo videosList page parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2206 WWBN AVideo videosList page parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-53084 SUMMARY A cross-site scripting xss vulnerability exists in the videosList page parameter functionality of WWBN AVideo 14.4 and dev master...

WWBN AVideo managerPlaylists PlaylistOwnerUsersId parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2205 WWBN AVideo managerPlaylists PlaylistOwnerUsersId parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-46410 SUMMARY A cross-site scripting xss vulnerability exists in the managerPlaylists PlaylistOwnerUsersId parameter...

WWBN AVideo LoginWordPress loginForm cancelUri parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2208 WWBN AVideo LoginWordPress loginForm cancelUri parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-36548 SUMMARY A cross-site scripting xss vulnerability exists in the LoginWordPress loginForm cancelUri parameter...

WWBN AVideo userLogin cancelUri parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2209 WWBN AVideo userLogin cancelUri parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-41420 SUMMARY A cross-site scripting xss vulnerability exists in the userLogin cancelUri parameter functionality of WWBN AVideo 14.4 and de...

WWBN AVideo .htaccess sample incomplete blacklist vulnerability

Talos Vulnerability Report TALOS-2025-2213 WWBN AVideo .htaccess sample incomplete blacklist vulnerability July 24, 2025 CVE Number CVE-2025-48732 SUMMARY An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request ca...

Bloomberg Comdb2 Distributed Transaction Commit/Abort Operation denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2198 Bloomberg Comdb2 Distributed Transaction Commit/Abort Operation denial of service vulnerability July 22, 2025 CVE Number CVE-2025-46354 SUMMARY A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality o...

Bloomberg Comdb2 net_connectmsg Protocol Buffer Message null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2025-2197 Bloomberg Comdb2 netconnectmsg Protocol Buffer Message null pointer dereference vulnerability July 22, 2025 CVE Number CVE-2025-36520 SUMMARY A null pointer dereference vulnerability exists in the netconnectmsg Protocol Buffer Message functionality of...

Bloomberg Comdb2 Distributed Transaction Heartbeat denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2200 Bloomberg Comdb2 Distributed Transaction Heartbeat denial of service vulnerability July 22, 2025 CVE Number CVE-2025-36512 SUMMARY A denial of service vulnerability exists in the Bloomberg Comdb2 8.1 database when handling a distributed transaction...

Bloomberg Comdb2 Distributed Transaction Coordination Fields denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2199 Bloomberg Comdb2 Distributed Transaction Coordination Fields denial of service vulnerability July 22, 2025 CVE Number CVE-2025-48498 SUMMARY A null pointer dereference vulnerability exists in the Distributed Transaction component of Bloomberg Comdb2 8.1...

Bloomberg Comdb2 CDB2SQLQUERY Protocol Buffer Message null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2025-2201 Bloomberg Comdb2 CDB2SQLQUERY Protocol Buffer Message null pointer dereference vulnerability July 22, 2025 CVE Number CVE-2025-35966 SUMMARY A null pointer dereference vulnerability exists in the CDB2SQLQUERY protocol buffer message handling of Bloomberg...

Asus Armoury Crate AsIO3.sys stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2144 Asus Armoury Crate AsIO3.sys stack-based buffer overflow vulnerability June 16, 2025 CVE Number CVE-2025-1533 SUMMARY A stack-based buffer overflow vulnerability exists in the AsIO3.sys kernel driver of Asus Armoury Crate 5.9.13.0. A specially crafted I/...

Asus Armoury Crate AsIO3.sys authorization bypass vulnerability

Talos Vulnerability Report TALOS-2025-2150 Asus Armoury Crate AsIO3.sys authorization bypass vulnerability June 16, 2025 CVE Number CVE-2025-3464 SUMMARY An authorization bypass vulnerability exists in the AsIO3.sys functionality of Asus Armoury Crate 5.9.13.0. A specially crafted hard link can...

Adobe Acrobat Reader Font CFF2 PrivateDict vsindex Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2159 Adobe Acrobat Reader Font CFF2 PrivateDict vsindex Out-Of-Bounds Read Vulnerability June 11, 2025 CVE Number CVE-2025-43578 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2025.001.20435. A specially...

Adobe Acrobat Reader Annotation Destroy Use-After-Free Vulnerability

Talos Vulnerability Report TALOS-2025-2170 Adobe Acrobat Reader Annotation Destroy Use-After-Free Vulnerability June 11, 2025 CVE Number CVE-2025-43576 SUMMARY A use-after-free vulnerability exists in the annotation object processing functionality of Adobe Acrobat Reader 2025.001.20435. A special...

Parallels Desktop prl_vmarchiver Unarchive Hard Link Privilege Escalation

Talos Vulnerability Report TALOS-2024-2126 Parallels Desktop prlvmarchiver Unarchive Hard Link Privilege Escalation June 3, 2025 CVE Number CVE-2024-36486 SUMMARY A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac...

Parallels Desktop prl_packer_inplace PVMP Unpack Directory Traversal Privilege Escalation

Talos Vulnerability Report TALOS-2025-2160 Parallels Desktop prlpackerinplace PVMP Unpack Directory Traversal Privilege Escalation June 3, 2025 CVE Number CVE-2025-31359 SUMMARY A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac...

Parallels Desktop prl_disp_service Snapshots.xml Hard Link Privilege Escalation

Talos Vulnerability Report TALOS-2024-2124 Parallels Desktop prldispservice Snapshots.xml Hard Link Privilege Escalation June 3, 2025 CVE Number CVE-2024-54189 SUMMARY A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 build 55740...

Parallels Desktop prl_disp_service Snapshots SymLink Change Ownership Privilege Escalation

Talos Vulnerability Report TALOS-2024-2123 Parallels Desktop prldispservice Snapshots SymLink Change Ownership Privilege Escalation June 3, 2025 CVE Number CVE-2024-52561 SUMMARY A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1...

Catdoc xls2csv utility Shared String Table Record Parser memory corruption vulnerability

Talos Vulnerability Report TALOS-2024-2128 Catdoc xls2csv utility Shared String Table Record Parser memory corruption vulnerability June 2, 2025 CVE Number CVE-2024-48877 SUMMARY A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility...

Catdoc utilities OLE Document Parser File Allocation Table 32-bit integer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2131 Catdoc utilities OLE Document Parser File Allocation Table 32-bit integer overflow vulnerability June 2, 2025 CVE Number CVE-2024-52035 SUMMARY An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of...

High-Logic FontCreator GSUB subtable Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2157 High-Logic FontCreator GSUB subtable Out-Of-Bounds Read Vulnerability June 2, 2025 CVE Number CVE-2025-20001 SUMMARY An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this...

Catdoc utilities OLE Document DIFAT Parser integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2132 Catdoc utilities OLE Document DIFAT Parser integer underflow vulnerability June 2, 2025 CVE Number CVE-2024-54028 SUMMARY An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malform...

NVIDIA cuobjdump ELF Section Parsing Integer Overflow Vulnerability

Talos Vulnerability Report TALOS-2025-2151 NVIDIA cuobjdump ELF Section Parsing Integer Overflow Vulnerability June 2, 2025 CVE Number CVE-2025-23247 SUMMARY An integer overflow vulnerability exists in the ELF Section Parsing functionality of NVIDIA cuobjdump 12.8.55. A specially crafted fatbin...

Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2104 Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2259 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX D...

Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability

Talos Vulnerability Report TALOS-2024-2098 Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability April 14, 2025 CVE Number CVE-2025-2260,None SUMMARY A denial of service vulnerability exists in the NetX HTTP server functionality of Eclipse ThreadX NetX Duo git commit 6c8e9d1. A...

Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2105 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2258 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX Du...

STMicroelectronics X-CUBE-AZRTOS-F7 FileX Internal RAM interface buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2096 STMicroelectronics X-CUBE-AZRTOS-F7 FileX Internal RAM interface buffer overflow vulnerability April 2, 2025 CVE Number CVE-2024-45064 SUMMARY A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics...

STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server chunked PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2102 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server chunked PUT request integer underflow vulnerability April 2, 2025 CVE Number CVE-2024-50594,CVE-2024-50595 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of...

STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server denial of service vulnerability

Talos Vulnerability Report TALOS-2024-2097 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server denial of service vulnerability April 2, 2025 CVE Number CVE-2024-50384,CVE-2024-50385 SUMMARY A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics...

STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server single PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2103 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server single PUT request integer underflow vulnerability April 2, 2025 CVE Number CVE-2024-50596,CVE-2024-50597 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of...

Adobe Acrobat Reader Font VariationStore itemVariationDataCount Uninitialized Pointer Vulnerability

Talos Vulnerability Report TALOS-2025-2135 Adobe Acrobat Reader Font VariationStore itemVariationDataCount Uninitialized Pointer Vulnerability March 12, 2025 CVE Number CVE-2025-27158 SUMMARY A memory corruption vulnerability exists due to the use of an uninitialized pointer in the Font...

Adobe Acrobat Reader Font numGlyphs Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2136 Adobe Acrobat Reader Font numGlyphs Out-Of-Bounds Read Vulnerability March 12, 2025 CVE Number CVE-2025-27164 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2024.005.20320. A specially crafted font fi...