2218 matches found
Catdoc utilities OLE Document DIFAT Parser integer underflow vulnerability
Talos Vulnerability Report TALOS-2024-2132 Catdoc utilities OLE Document DIFAT Parser integer underflow vulnerability June 2, 2025 CVE Number CVE-2024-54028 SUMMARY An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malform...
High-Logic FontCreator GSUB subtable Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2157 High-Logic FontCreator GSUB subtable Out-Of-Bounds Read Vulnerability June 2, 2025 CVE Number CVE-2025-20001 SUMMARY An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this...
Catdoc xls2csv utility Shared String Table Record Parser memory corruption vulnerability
Talos Vulnerability Report TALOS-2024-2128 Catdoc xls2csv utility Shared String Table Record Parser memory corruption vulnerability June 2, 2025 CVE Number CVE-2024-48877 SUMMARY A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility...
Catdoc utilities OLE Document Parser File Allocation Table 32-bit integer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2131 Catdoc utilities OLE Document Parser File Allocation Table 32-bit integer overflow vulnerability June 2, 2025 CVE Number CVE-2024-52035 SUMMARY An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of...
NVIDIA cuobjdump ELF Section Parsing Integer Overflow Vulnerability
Talos Vulnerability Report TALOS-2025-2151 NVIDIA cuobjdump ELF Section Parsing Integer Overflow Vulnerability June 2, 2025 CVE Number CVE-2025-23247 SUMMARY An integer overflow vulnerability exists in the ELF Section Parsing functionality of NVIDIA cuobjdump 12.8.55. A specially crafted fatbin...
Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability
Talos Vulnerability Report TALOS-2024-2104 Eclipse ThreadX NetX Duo HTTP server chunked PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2259 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX D...
Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability
Talos Vulnerability Report TALOS-2024-2098 Eclipse ThreadX NetX Duo HTTP server denial of service vulnerability April 14, 2025 CVE Number CVE-2025-2260,None SUMMARY A denial of service vulnerability exists in the NetX HTTP server functionality of Eclipse ThreadX NetX Duo git commit 6c8e9d1. A...
Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability
Talos Vulnerability Report TALOS-2024-2105 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2258 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX Du...
STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server chunked PUT request integer underflow vulnerability
Talos Vulnerability Report TALOS-2024-2102 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server chunked PUT request integer underflow vulnerability April 2, 2025 CVE Number CVE-2024-50594,CVE-2024-50595 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of...
STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server single PUT request integer underflow vulnerability
Talos Vulnerability Report TALOS-2024-2103 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server single PUT request integer underflow vulnerability April 2, 2025 CVE Number CVE-2024-50596,CVE-2024-50597 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of...
STMicroelectronics X-CUBE-AZRTOS-F7 FileX Internal RAM interface buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2096 STMicroelectronics X-CUBE-AZRTOS-F7 FileX Internal RAM interface buffer overflow vulnerability April 2, 2025 CVE Number CVE-2024-45064 SUMMARY A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics...
STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server denial of service vulnerability
Talos Vulnerability Report TALOS-2024-2097 STMicroelectronics X-CUBE-AZRTOS-F7 HTTP server denial of service vulnerability April 2, 2025 CVE Number CVE-2024-50384,CVE-2024-50385 SUMMARY A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics...
Adobe Acrobat Reader Font hMetric Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2134 Adobe Acrobat Reader Font hMetric Out-Of-Bounds Read Vulnerability March 12, 2025 CVE Number CVE-2025-27163 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2024.005.20320. A specially crafted font file...
Adobe Acrobat Reader Font VariationStore itemVariationDataCount Uninitialized Pointer Vulnerability
Talos Vulnerability Report TALOS-2025-2135 Adobe Acrobat Reader Font VariationStore itemVariationDataCount Uninitialized Pointer Vulnerability March 12, 2025 CVE Number CVE-2025-27158 SUMMARY A memory corruption vulnerability exists due to the use of an uninitialized pointer in the Font...
Adobe Acrobat Reader Font numGlyphs Out-Of-Bounds Read Vulnerability
Talos Vulnerability Report TALOS-2025-2136 Adobe Acrobat Reader Font numGlyphs Out-Of-Bounds Read Vulnerability March 12, 2025 CVE Number CVE-2025-27164 SUMMARY An out-of-bounds read vulnerability exists in the Font functionality of Adobe Acrobat Reader 2024.005.20320. A specially crafted font fi...
miniaudio ma_dr_flac__decode_samples__lpc out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2024-2063 miniaudio madrflacdecodesampleslpc out-of-bounds write vulnerability March 4, 2025 CVE Number CVE-2024-41147 SUMMARY An out-of-bounds write vulnerability exists in the madrflacdecodesampleslpc functionality of Miniaudio miniaudio v0.11.21. A specially...
NVIDIA nvJPEG2000 Coding Style Component index out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2024-2095 NVIDIA nvJPEG2000 Coding Style Component index out-of-bounds write vulnerability February 11, 2025 CVE Number CVE-2024-0143 SUMMARY A memory corruption vulnerability exists in the Coding Style Component handling of the NVIDIA nvJPEG2000 library version...
NVIDIA nvJPEG2000 Ndecomp heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2108 NVIDIA nvJPEG2000 Ndecomp heap-based buffer overflow vulnerability February 11, 2025 CVE Number CVE-2024-0144 SUMMARY A heap-based buffer overflow vulnerability exists in the Ndecomp field handling of NVIDIA nvJPEG2000 0.8.0. A specially crafted JPEG2000...
NVIDIA nvJPEG2000 cSIZ out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2024-2080 NVIDIA nvJPEG2000 cSIZ out-of-bounds write vulnerability February 11, 2025 CVE Number CVE-2024-0142 SUMMARY A memory corruption vulnerability exists in the Image Decoding functionality of NVIDIA nvJPEG2000 0.8.0. A specially crafted .jp2 file can lead to...
NVIDIA nvJPEG2000 Default Coding Styles Ndecomp buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2113 NVIDIA nvJPEG2000 Default Coding Styles Ndecomp buffer overflow vulnerability February 11, 2025 CVE Number CVE-2024-0145 SUMMARY A heap based buffer overflow vulnerability exists in the way Ndecomp parameter is used when parsing JPEG2000 files in NVIDIA...
ClearML Vault API disabled vaults retrieval vulnerability
Talos Vulnerability Report TALOS-2024-2112 ClearML Vault API disabled vaults retrieval vulnerability February 6, 2025 CVE Number CVE-2024-43779 SUMMARY An information disclosure vulnerability exists in the Vault API functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP...
ClearML dataset upload XSS vulnerability
Talos Vulnerability Report TALOS-2024-2110 ClearML dataset upload XSS vulnerability February 6, 2025 CVE Number CVE-2024-39272 SUMMARY A cross-site scripting xss vulnerability exists in the dataset upload functionality of ClearML Enterprise Server 3.22.5-1533. A specially crafted HTTP request can...
Observium vlan html code injection vulnerability
Talos Vulnerability Report TALOS-2024-2091 Observium vlan html code injection vulnerability January 15, 2025 CVE Number CVE-2024-47002 SUMMARY A html code injection vulnerability exists in the vlan management part of Observium CE 24.4.13528. A specially crafted HTTP request can lead to an arbitra...
Observium mapname cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2024-2092 Observium mapname cross-site scripting XSS vulnerability January 15, 2025 CVE Number CVE-2024-45061 SUMMARY A cross-site scripting xss vulnerability exists in the weather map editor functionality of Observium CE 24.4.13528. A specially crafted HTTP reque...
Observium add_alert_check cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2024-2090 Observium addalertcheck cross-site scripting XSS vulnerability January 15, 2025 CVE Number CVE-2024-47140 SUMMARY A cross-site scripting xss vulnerability exists in the addalertcheck page of Observium CE 24.4.13528. A specially crafted HTTP request can...
Wavlink AC3000 login.cgi set_sys_init() command injection vulnerabilities
Talos Vulnerability Report TALOS-2024-2018 Wavlink AC3000 login.cgi setsysinit command injection vulnerabilities January 14, 2025 CVE Number CVE-2024-39759,CVE-2024-39761,CVE-2024-39760 SUMMARY Multiple OS command injection vulnerabilities exist in the login.cgi setsysinit functionality of Wavlin...
Wavlink AC3000 adm.cgi rep_as_router() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2024 Wavlink AC3000 adm.cgi repasrouter buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39756 SUMMARY A buffer overflow vulnerability exists in the adm.cgi repasrouter functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...
Wavlink AC3000 fw_check.sh Firmware Upload vulnerability
Talos Vulnerability Report TALOS-2024-2037 Wavlink AC3000 fwcheck.sh Firmware Upload vulnerability January 14, 2025 CVE Number CVE-2024-39273 SUMMARY A firmware update vulnerability exists in the fwcheck.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can...
Wavlink AC3000 wctrls static login vulnerability
Talos Vulnerability Report TALOS-2024-2034 Wavlink AC3000 wctrls static login vulnerability January 14, 2025 CVE Number CVE-2024-39754 SUMMARY A static login vulnerability exists in the wctrls functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted set of network packets can lead ...
Wavlink AC3000 adm.cgi set_TR069() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2029 Wavlink AC3000 adm.cgi setTR069 buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-37357 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setTR069 functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 adm.cgi set_TR069() command injection vulnerability
Talos Vulnerability Report TALOS-2024-2028 Wavlink AC3000 adm.cgi setTR069 command injection vulnerability January 14, 2025 CVE Number CVE-2024-21797 SUMMARY A command execution vulnerability exists in the adm.cgi setTR069 functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HT...
Wavlink AC3000 internet.cgi set_add_routing() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2021 Wavlink AC3000 internet.cgi setaddrouting buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39288 SUMMARY A buffer overflow vulnerability exists in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A...
Wavlink AC3000 nas.cgi add_dir() command injection vulnerabilities
Talos Vulnerability Report TALOS-2024-2058 Wavlink AC3000 nas.cgi adddir command injection vulnerabilities January 14, 2025 CVE Number CVE-2024-39784,CVE-2024-39785 SUMMARY Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A...
Wavlink AC3000 adm.cgi sch_reboot() OS command injection vulnerabilities
Talos Vulnerability Report TALOS-2024-2033 Wavlink AC3000 adm.cgi schreboot OS command injection vulnerabilities January 14, 2025 CVE Number CVE-2024-39781,CVE-2024-39783,CVE-2024-39782 SUMMARY Multiple OS command injection vulnerabilities exist in the adm.cgi schreboot functionality of Wavlink...
Wavlink AC3000 touchlist_sync.cgi main() arbitrary code execution vulnerability
Talos Vulnerability Report TALOS-2024-1999 Wavlink AC3000 touchlistsync.cgi main arbitrary code execution vulnerability January 14, 2025 CVE Number CVE-2022-2488 SUMMARY An arbitrary code execution vulnerability exists in the touchlistsync.cgi main functionality of Wavlink AC3000...
Wavlink AC3000 openvpn.cgi openvpn_client_setup() Configuration Control Vulnerability
Talos Vulnerability Report TALOS-2024-2051 Wavlink AC3000 openvpn.cgi openvpnclientsetup Configuration Control Vulnerability January 14, 2025 CVE Number CVE-2024-38666 SUMMARY An external config control vulnerability exists in the openvpn.cgi openvpnclientsetup functionality of Wavlink AC3000...
Wavlink AC3000 nas.cgi set_smb_cfg() Configuration Control Vulnerability
Talos Vulnerability Report TALOS-2024-2055 Wavlink AC3000 nas.cgi setsmbcfg Configuration Control Vulnerability January 14, 2025 CVE Number CVE-2024-39280 SUMMARY An external config control vulnerability exists in the nas.cgi setsmbcfg functionality of Wavlink AC3000 M33A8.V5030.210505. A special...
Wavlink AC3000 touchlist_sync.cgi touchlistsync() command injection vulnerability
Talos Vulnerability Report TALOS-2024-2000 Wavlink AC3000 touchlistsync.cgi touchlistsync command injection vulnerability January 14, 2025 CVE Number CVE-2024-34166 SUMMARY An os command injection vulnerability exists in the touchlistsync.cgi touchlistsync functionality of Wavlink AC3000...
Wavlink AC3000 login.cgi Goto_chidx() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2019 Wavlink AC3000 login.cgi Gotochidx buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36290 SUMMARY A buffer overflow vulnerability exists in the login.cgi Gotochidx functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...
Wavlink AC3000 adm.cgi set_wzdap() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2027 Wavlink AC3000 adm.cgi setwzdap buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39358 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setwzap functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 nas.cgi add_dir() Directory Traversal Vulnerabilities
Talos Vulnerability Report TALOS-2024-2057 Wavlink AC3000 nas.cgi adddir Directory Traversal Vulnerabilities January 14, 2025 CVE Number CVE-2024-39786,CVE-2024-39787 SUMMARY Multiple directory traversal vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.21050...
Wavlink AC3000 wireless.cgi set_wifi_basic() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2041 Wavlink AC3000 wireless.cgi setwifibasic buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-36493 SUMMARY A stack-based buffer overflow vulnerability exists in the wireless.cgi setwifibasic functionality of Wavlink AC3000...
Wavlink AC3000 adm.cgi rep_as_bridge() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2025 Wavlink AC3000 adm.cgi repasbridge buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-37184 SUMMARY A buffer overflow vulnerability exists in the adm.cgi repasbridge functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...
Wavlink AC3000 adm.cgi set_wzdgw4G() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2026 Wavlink AC3000 adm.cgi setwzdgw4G buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39294 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setwzdgw4G functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HT...
Wavlink AC3000 internet.cgi set_add_routing() command injection vulnerabilities
Talos Vulnerability Report TALOS-2024-2020 Wavlink AC3000 internet.cgi setaddrouting command injection vulnerabilities January 14, 2025 CVE Number CVE-2024-39764,CVE-2024-39765,CVE-2024-39763,CVE-2024-39762 SUMMARY Multiple OS command injection vulnerabilities exist in the internet.cgi...
Wavlink AC3000 nas.cgi set_nas() proftpd Configuration Control Vulnerabilities
Talos Vulnerability Report TALOS-2024-2053 Wavlink AC3000 nas.cgi setnas proftpd Configuration Control Vulnerabilities January 14, 2025 CVE Number CVE-2024-39793,CVE-2024-39795,CVE-2024-39794 SUMMARY Multiple external config control vulnerabilities exist in the nas.cgi setnas proftpd functionalit...
Wavlink AC3000 firewall.cgi iptablesWebsFilterRun() command injection vulnerability
Talos Vulnerability Report TALOS-2024-2023 Wavlink AC3000 firewall.cgi iptablesWebsFilterRun command injection vulnerability January 14, 2025 CVE Number CVE-2024-39367 SUMMARY An os command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun functionality of Wavlink AC3000...
Wavlink AC3000 adm.cgi set_MeshAp() arbitrary code execution vulnerability
Talos Vulnerability Report TALOS-2024-2031 Wavlink AC3000 adm.cgi setMeshAp arbitrary code execution vulnerability January 14, 2025 CVE Number CVE-2024-39370 SUMMARY An arbitrary code execution vulnerability exists in the adm.cgi setMeshAp functionality of Wavlink AC3000 M33A8.V5030.210505. A...
Wavlink AC3000 adm.cgi set_sys_adm() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2030 Wavlink AC3000 adm.cgi setsysadm buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39774 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setsysadm functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP...
Wavlink AC3000 testsave.sh Information Disclosure vulnerability
Talos Vulnerability Report TALOS-2024-2035 Wavlink AC3000 testsave.sh Information Disclosure vulnerability January 14, 2025 CVE Number CVE-2024-39773 SUMMARY An information disclosure vulnerability exists in the testsave.sh functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...