SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2221 SAIL Image Decoding Library BMPv3 RLE Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-52930 SUMMARY A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...

The Biosig Project libbiosig ISHNE ECG Annotations file parsing heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2232 The Biosig Project libbiosig ISHNE ECG Annotations file parsing heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53853 SUMMARY A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig...

SAIL Image Decoding Library PSD RLE Decoding heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2219 SAIL Image Decoding Library PSD RLE Decoding heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53085 SUMMARY A memory corruption vulnerability exists in the PSD RLE Decoding functionality of the SAIL Image Decoding Library...

The Biosig Project libbiosig MFER Tag 3 null write stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2236 The Biosig Project libbiosig MFER Tag 3 null write stack-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-46411 SUMMARY A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project...

SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2216 SAIL Image Decoding Library BMPv3 Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-32468 SUMMARY A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8...

SAIL Image Decoding Library PSD Image Decoding integer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2218 SAIL Image Decoding Library PSD Image Decoding integer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53510 SUMMARY A memory corruption vulnerability exists in the PSD Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. Wh...

The Biosig Project libbiosig MFER default NS mismatch heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2237 The Biosig Project libbiosig MFER default NS mismatch heap-based buffer overflow vulnerability August 25, 2025 CVE Number CVE-2025-53511 SUMMARY A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project...

Tenda AC6 V5.0 Tenda App Router Authentication cleartext transmission vulnerability

Talos Vulnerability Report TALOS-2025-2178 Tenda AC6 V5.0 Tenda App Router Authentication cleartext transmission vulnerability August 20, 2025 CVE Number CVE-2025-31143 SUMMARY A cleartext transmission vulnerability exists in the Tenda App Router Authentication functionality of Tenda AC6 V5.0...

Tenda AC6 V5.0 HTTP Header Parsing denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2166 Tenda AC6 V5.0 HTTP Header Parsing denial of service vulnerability August 20, 2025 CVE Number CVE-2025-30256 SUMMARY A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted...

Tenda AC6 V5.0 web portal authentication unencrypted transmission of credentials vulnerability

Talos Vulnerability Report TALOS-2025-2162 Tenda AC6 V5.0 web portal authentication unencrypted transmission of credentials vulnerability August 20, 2025 CVE Number CVE-2025-27564 SUMMARY A unencrypted transmission of credentials vulnerability exists in the web portal authentication functionality...

Tenda AC6 V5.0 /goform/getproductInfo information disclosure vulnerability

Talos Vulnerability Report TALOS-2025-2164 Tenda AC6 V5.0 /goform/getproductInfo information disclosure vulnerability August 20, 2025 CVE Number CVE-2025-24496 SUMMARY An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110...

Tenda AC6 V5.0 HTTP authentication bypass vulnerability

Talos Vulnerability Report TALOS-2025-2165 Tenda AC6 V5.0 HTTP authentication bypass vulnerability August 20, 2025 CVE Number CVE-2025-27129 SUMMARY An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP...

Tenda AC6 V5.0 Cloud API stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2168 Tenda AC6 V5.0 Cloud API stack-based buffer overflow vulnerability August 20, 2025 CVE Number CVE-2025-32010 SUMMARY A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HT...

Tenda AC6 V5.0 Session Authentication Cookie unencrypted transmission of credentials vulnerability

Talos Vulnerability Report TALOS-2025-2167 Tenda AC6 V5.0 Session Authentication Cookie unencrypted transmission of credentials vulnerability August 20, 2025 CVE Number CVE-2025-31646 SUMMARY A unencrypted transmission of credentials vulnerability exists in the Session Authentication Cookie...

Tenda AC6 V5.0 Firmware Signature Validation firmware update vulnerability

Talos Vulnerability Report TALOS-2025-2161 Tenda AC6 V5.0 Firmware Signature Validation firmware update vulnerability August 20, 2025 CVE Number CVE-2025-31355 SUMMARY A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A...

Tenda AC6 V5.0 missing initial setup authentication vulnerability

Talos Vulnerability Report TALOS-2025-2163 Tenda AC6 V5.0 missing initial setup authentication vulnerability August 20, 2025 CVE Number CVE-2025-24322 SUMMARY An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A...

OpenPrinting ippusbxd media-size-supported stack based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2071 OpenPrinting ippusbxd media-size-supported stack based buffer overflow vulnerability August 19, 2025 CVE Number CVE-2024-45062 SUMMARY A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer th...

Foxit Reader Signature Uninitialized Pointer Vulnerability

Talos Vulnerability Report TALOS-2025-2202 Foxit Reader Signature Uninitialized Pointer Vulnerability August 13, 2025 CVE Number CVE-2025-32451 SUMMARY A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascrip...

Dell ControlVault3 cv_close arbitrary free vulnerability

Talos Vulnerability Report TALOS-2024-2129 Dell ControlVault3 cvclose arbitrary free vulnerability August 9, 2025 CVE Number CVE-2025-25215 SUMMARY An arbitrary free vulnerability exists in the cvclose functionality of Dell ControlVault3 5.14.3.0. A specially crafted ControlVault API call can lea...

Dell ControlVault3 cv_send_blockdata out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-2127 Dell ControlVault3 cvsendblockdata out-of-bounds read vulnerability August 9, 2025 CVE Number CVE-2025-24311 SUMMARY An out-of-bounds read vulnerability exists in the cvsendblockdata functionality of Dell ControlVault3 5.14.3.0. A specially crafted...

Dell ControlVault3 securebio_identify stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2130 Dell ControlVault3 securebioidentify stack-based buffer overflow vulnerability August 9, 2025 CVE Number CVE-2025-24922 SUMMARY A stack-based buffer overflow vulnerability exists in the securebioidentify functionality of Dell ControlVault3 5.14.3.0. A...

Dell ControlVault3 cvhDecapsulateCmd improper input validation vulnerability

Talos Vulnerability Report TALOS-2025-2153 Dell ControlVault3 cvhDecapsulateCmd improper input validation vulnerability August 9, 2025 CVE Number CVE-2025-24919 SUMMARY A deserialization of untrusted input vulnerability exists in the cvhDecapsulateCmd functionality of Dell ControlVault3 prior to...

Dell ControlVault3 cv_upgrade_sensor_firmware out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2025-2137 Dell ControlVault3 cvupgradesensorfirmware out-of-bounds write vulnerability August 9, 2025 CVE Number CVE-2025-25050 SUMMARY An out-of-bounds write vulnerability exists in the cvupgradesensorfirmware functionality of Dell ControlVault3 5.14.3.0. A...

PDF-XChange Editor EMF File EMR_EXTCREATEFONTINDIRECTW Facename Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2203 PDF-XChange Editor EMF File EMREXTCREATEFONTINDIRECTW Facename Out-Of-Bounds Read Vulnerability August 5, 2025 CVE Number CVE-2025-47152 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor...

PDF-XChange Editor EMF File EMR_POLYDRAW16 PT_BEZIERTO Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2171 PDF-XChange Editor EMF File EMRPOLYDRAW16 PTBEZIERTO Out-Of-Bounds Read Vulnerability August 5, 2025 CVE Number CVE-2025-27931 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using ...

Eclipse ThreadX FileX RAM disk driver buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2088 Eclipse ThreadX FileX RAM disk driver buffer overflow vulnerability July 30, 2025 CVE Number CVE-2025-55089 SUMMARY A buffer overflow vulnerability exists in the FileX RAM disk driver functionality of Eclipse ThreadX FileX git commit 1b85eb2. A specially...

MedDream PACS Premium cecho.php SSRF vulnerability

Talos Vulnerability Report TALOS-2025-2177 MedDream PACS Premium cecho.php SSRF vulnerability July 28, 2025 CVE Number CVE-2025-24485 SUMMARY A server-side request forgery vulnerability exists in the cecho.php functionality of MedDream PACS Premium 7.3.5.860. A specially crafted HTTP request can...

MedDream PACS Premium radiationDoseReport.php reflected cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2176 MedDream PACS Premium radiationDoseReport.php reflected cross-site scripting XSS vulnerability July 28, 2025 CVE Number CVE-2025-32731 SUMMARY A reflected cross-site scripting xss vulnerability exists in the radiationDoseReport.php functionality of...

MedDream PACS Premium PACS privilege escalation vulnerability

Talos Vulnerability Report TALOS-2025-2156 MedDream PACS Premium PACS privilege escalation vulnerability July 28, 2025 CVE Number CVE-2025-27724 SUMMARY A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream PACS Premium 7.3.3.840. A specially crafted .php...

MedDream PACS Premium setup incorrect default permissions vulnerability

Talos Vulnerability Report TALOS-2025-2154 MedDream PACS Premium setup incorrect default permissions vulnerability July 28, 2025 CVE Number CVE-2025-26469 SUMMARY An incorrect default permissions vulnerability exists in the CServerSettings::SetRegistryValues functionality of MedDream PACS Premium...

WWBN AVideo LoginWordPress loginForm cancelUri parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2208 WWBN AVideo LoginWordPress loginForm cancelUri parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-36548 SUMMARY A cross-site scripting xss vulnerability exists in the LoginWordPress loginForm cancelUri parameter...

WWBN AVideo managerPlaylists PlaylistOwnerUsersId parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2205 WWBN AVideo managerPlaylists PlaylistOwnerUsersId parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-46410 SUMMARY A cross-site scripting xss vulnerability exists in the managerPlaylists PlaylistOwnerUsersId parameter...

WWBN AVideo videosList page parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2206 WWBN AVideo videosList page parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-53084 SUMMARY A cross-site scripting xss vulnerability exists in the videosList page parameter functionality of WWBN AVideo 14.4 and dev master...

WWBN AVideo .htaccess sample incomplete blacklist vulnerability

Talos Vulnerability Report TALOS-2025-2213 WWBN AVideo .htaccess sample incomplete blacklist vulnerability July 24, 2025 CVE Number CVE-2025-48732 SUMMARY An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request ca...

WWBN AVideo userLogin cancelUri parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2209 WWBN AVideo userLogin cancelUri parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-41420 SUMMARY A cross-site scripting xss vulnerability exists in the userLogin cancelUri parameter functionality of WWBN AVideo 14.4 and de...

WWBN AVideo videoNotFound 404ErrorMsg parameter cross-site scripting (XSS) vulnerability

Talos Vulnerability Report TALOS-2025-2207 WWBN AVideo videoNotFound 404ErrorMsg parameter cross-site scripting XSS vulnerability July 24, 2025 CVE Number CVE-2025-50128 SUMMARY A cross-site scripting xss vulnerability exists in the videoNotFound 404ErrorMsg parameter functionality of WWBN AVideo...

WWBN AVideo aVideoEncoder.json.php unzip race condition vulnerability

Talos Vulnerability Report TALOS-2025-2212 WWBN AVideo aVideoEncoder.json.php unzip race condition vulnerability July 24, 2025 CVE Number CVE-2025-25214 SUMMARY A race condition vulnerability exists in the aVideoEncoder.json.php unzip functionality of WWBN AVideo 14.4 and dev master commit...

Bloomberg Comdb2 CDB2SQLQUERY Protocol Buffer Message null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2025-2201 Bloomberg Comdb2 CDB2SQLQUERY Protocol Buffer Message null pointer dereference vulnerability July 22, 2025 CVE Number CVE-2025-35966 SUMMARY A null pointer dereference vulnerability exists in the CDB2SQLQUERY protocol buffer message handling of Bloomberg...

Bloomberg Comdb2 net_connectmsg Protocol Buffer Message null pointer dereference vulnerability

Talos Vulnerability Report TALOS-2025-2197 Bloomberg Comdb2 netconnectmsg Protocol Buffer Message null pointer dereference vulnerability July 22, 2025 CVE Number CVE-2025-36520 SUMMARY A null pointer dereference vulnerability exists in the netconnectmsg Protocol Buffer Message functionality of...

Bloomberg Comdb2 Distributed Transaction Coordination Fields denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2199 Bloomberg Comdb2 Distributed Transaction Coordination Fields denial of service vulnerability July 22, 2025 CVE Number CVE-2025-48498 SUMMARY A null pointer dereference vulnerability exists in the Distributed Transaction component of Bloomberg Comdb2 8.1...

Bloomberg Comdb2 Distributed Transaction Heartbeat denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2200 Bloomberg Comdb2 Distributed Transaction Heartbeat denial of service vulnerability July 22, 2025 CVE Number CVE-2025-36512 SUMMARY A denial of service vulnerability exists in the Bloomberg Comdb2 8.1 database when handling a distributed transaction...

Bloomberg Comdb2 Distributed Transaction Commit/Abort Operation denial of service vulnerability

Talos Vulnerability Report TALOS-2025-2198 Bloomberg Comdb2 Distributed Transaction Commit/Abort Operation denial of service vulnerability July 22, 2025 CVE Number CVE-2025-46354 SUMMARY A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality o...

Asus Armoury Crate AsIO3.sys authorization bypass vulnerability

Talos Vulnerability Report TALOS-2025-2150 Asus Armoury Crate AsIO3.sys authorization bypass vulnerability June 16, 2025 CVE Number CVE-2025-3464 SUMMARY An authorization bypass vulnerability exists in the AsIO3.sys functionality of Asus Armoury Crate 5.9.13.0. A specially crafted hard link can...

Asus Armoury Crate AsIO3.sys stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2144 Asus Armoury Crate AsIO3.sys stack-based buffer overflow vulnerability June 16, 2025 CVE Number CVE-2025-1533 SUMMARY A stack-based buffer overflow vulnerability exists in the AsIO3.sys kernel driver of Asus Armoury Crate 5.9.13.0. A specially crafted I/...

Adobe Acrobat Reader Font CFF2 PrivateDict vsindex Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2159 Adobe Acrobat Reader Font CFF2 PrivateDict vsindex Out-Of-Bounds Read Vulnerability June 11, 2025 CVE Number CVE-2025-43578 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2025.001.20435. A specially...

Adobe Acrobat Reader Annotation Destroy Use-After-Free Vulnerability

Talos Vulnerability Report TALOS-2025-2170 Adobe Acrobat Reader Annotation Destroy Use-After-Free Vulnerability June 11, 2025 CVE Number CVE-2025-43576 SUMMARY A use-after-free vulnerability exists in the annotation object processing functionality of Adobe Acrobat Reader 2025.001.20435. A special...

Parallels Desktop prl_disp_service Snapshots.xml Hard Link Privilege Escalation

Talos Vulnerability Report TALOS-2024-2124 Parallels Desktop prldispservice Snapshots.xml Hard Link Privilege Escalation June 3, 2025 CVE Number CVE-2024-54189 SUMMARY A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 build 55740...

Parallels Desktop prl_vmarchiver Unarchive Hard Link Privilege Escalation

Talos Vulnerability Report TALOS-2024-2126 Parallels Desktop prlvmarchiver Unarchive Hard Link Privilege Escalation June 3, 2025 CVE Number CVE-2024-36486 SUMMARY A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac...

Parallels Desktop prl_disp_service Snapshots SymLink Change Ownership Privilege Escalation

Talos Vulnerability Report TALOS-2024-2123 Parallels Desktop prldispservice Snapshots SymLink Change Ownership Privilege Escalation June 3, 2025 CVE Number CVE-2024-52561 SUMMARY A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1...

Parallels Desktop prl_packer_inplace PVMP Unpack Directory Traversal Privilege Escalation

Talos Vulnerability Report TALOS-2025-2160 Parallels Desktop prlpackerinplace PVMP Unpack Directory Traversal Privilege Escalation June 3, 2025 CVE Number CVE-2025-31359 SUMMARY A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac...