2204 matches found
The Biosig Project libbiosig sopen_FAMOS_read integer overflow to out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2024-1921 The Biosig Project libbiosig sopenFAMOSread integer overflow to out-of-bounds write vulnerability February 20, 2024 CVE Number CVE-2024-21812 SUMMARY An integer overflow vulnerability exists in the sopenFAMOSread functionality of The Biosig Project...
The Biosig Project libbiosig sopen_FAMOS_read NULL calloc out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2024-1925 The Biosig Project libbiosig sopenFAMOSread NULL calloc out-of-bounds write vulnerability February 20, 2024 CVE Number CVE-2024-23606 SUMMARY An out-of-bounds write vulnerability exists in the sopenFAMOSread functionality of The Biosig Project libbiosig...
Weston Embedded uC-HTTP HTTP Server heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1843 Weston Embedded uC-HTTP HTTP Server heap-based buffer overflow vulnerability February 20, 2024 CVE Number CVE-2023-45318 SUMMARY A heap-based buffer overflow vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP git commit...
The Biosig Project libbiosig BrainVisionMarker Parsing Out-of-bounds Write vulnerability
Talos Vulnerability Report TALOS-2024-1918 The Biosig Project libbiosig BrainVisionMarker Parsing Out-of-bounds Write vulnerability February 20, 2024 CVE Number CVE-2024-23305 SUMMARY An out-of-bounds write vulnerability exists in the BrainVisionMarker Parsing functionality of The Biosig Project...
The Biosig Project libbiosig .egi parsing heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-1920 The Biosig Project libbiosig .egi parsing heap-based buffer overflow vulnerability February 20, 2024 CVE Number CVE-2024-21795 SUMMARY A heap-based buffer overflow vulnerability exists in the .egi parsing functionality of The Biosig Project libbiosig 2.5...
The Biosig Project libbiosig BrainVision Header Parsing double-free vulnerability
Talos Vulnerability Report TALOS-2024-1917 The Biosig Project libbiosig BrainVision Header Parsing double-free vulnerability February 20, 2024 CVE Number CVE-2024-22097 SUMMARY A double-free vulnerability exists in the BrainVision Header Parsing functionality of The Biosig Project libbiosig Maste...
Imaging Data Commons libdicom DICOM File Meta Information Parsing Use-After-Free vulnerabilities
Talos Vulnerability Report TALOS-2024-1931 Imaging Data Commons libdicom DICOM File Meta Information Parsing Use-After-Free vulnerabilities February 20, 2024 CVE Number CVE-2024-24793,CVE-2024-24794 SUMMARY A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imagi...
Weston Embedded uC-TCP-IP ICMP/ICMPv6 parsing denial of service vulnerabilities
Talos Vulnerability Report TALOS-2023-1828 Weston Embedded uC-TCP-IP ICMP/ICMPv6 parsing denial of service vulnerabilities February 20, 2024 CVE Number CVE-2023-39540,CVE-2023-39541 SUMMARY A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded...
Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1890 Adobe Acrobat Reader Annot3D object zoom event use-after-free vulnerability February 15, 2024 CVE Number CVE-2024-20729 SUMMARY A use-after-free vulnerability exists in the Annot3D functionality of Adobe Acrobat Reader 2023.006.20380. A specially crafted...
Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1905 Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20735 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.2038...
Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1909 Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20748 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.20380. A...
Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1908 Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20747 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.20380. ...
Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability
Talos Vulnerability Report TALOS-2023-1901 Adobe Acrobat Reader FileAttachment PDAnnot destroy use-after-free vulnerability February 15, 2024 CVE Number CVE-2024-20731 SUMMARY A use-after-free vulnerability exists in the FileAttachment PDAnnot object processing in Adobe Acrobat Reader...
Adobe Acrobat Reader Font CPAL integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1906 Adobe Acrobat Reader Font CPAL integer overflow vulnerability February 15, 2024 CVE Number CVE-2024-20730 SUMMARY An integer overflow vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.20380. A specially craft...
Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1910 Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20749 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader...
TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP global config Command injection Vulnerability
Talos Vulnerability Report TALOS-2023-1856 TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP global config Command injection Vulnerability February 6, 2024 CVE Number CVE-2023-42664 SUMMARY A post authentication command injection vulnerability exists when setting up the PPTP global configuratio...
TP-Link ER7206 Omada Gigabit VPN Router uhttpd Wireguard VPN command injection vulnerability
Talos Vulnerability Report TALOS-2023-1857 TP-Link ER7206 Omada Gigabit VPN Router uhttpd Wireguard VPN command injection vulnerability February 6, 2024 CVE Number CVE-2023-46683 SUMMARY A post authentication command injection vulnerability exists when configuring the wireguard VPN functionality ...
TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP client Command injection Vulnerability
Talos Vulnerability Report TALOS-2023-1853 TP-Link ER7206 Omada Gigabit VPN Router uhttpd PPTP client Command injection Vulnerability February 6, 2024 CVE Number CVE-2023-36498 SUMMARY A post-authentication command injection vulnerability exists in the PPTP client functionality of Tp-Link ER7206...
TP-Link ER7206 Omada Gigabit VPN Router uhttpd GRE command injection vulnerability
Talos Vulnerability Report TALOS-2023-1855 TP-Link ER7206 Omada Gigabit VPN Router uhttpd GRE command injection vulnerability February 6, 2024 CVE Number CVE-2023-47167 SUMMARY A post authentication command injection vulnerability exists in the GRE policy functionality of Tp-Link ER7206 Omada...
TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability
Talos Vulnerability Report TALOS-2023-1850 TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability February 6, 2024 CVE Number CVE-2023-43482 SUMMARY A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VP...
TP-Link ER7206 Omada Gigabit VPN Router uhttpd web group command injection vulnerability
Talos Vulnerability Report TALOS-2023-1858 TP-Link ER7206 Omada Gigabit VPN Router uhttpd web group command injection vulnerability February 6, 2024 CVE Number CVE-2023-47617 SUMMARY A post authentication command injection vulnerability exists when configuring the web group member of Tp-Link ER72...
TP-Link ER7206 Omada Gigabit VPN Router uhttpd web filtering Command injection Vulnerability
Talos Vulnerability Report TALOS-2023-1859 TP-Link ER7206 Omada Gigabit VPN Router uhttpd web filtering Command injection Vulnerability February 6, 2024 CVE Number CVE-2023-47618 SUMMARY A post authentication command execution vulnerability exists in the web filtering functionality of Tp-Link...
TP-Link ER7206 Omada Gigabit VPN Router uhttpd ipsec command injection vulnerability
Talos Vulnerability Report TALOS-2023-1854 TP-Link ER7206 Omada Gigabit VPN Router uhttpd ipsec command injection vulnerability February 6, 2024 CVE Number CVE-2023-47209 SUMMARY A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada...
WWBN AVideo checkLoginAttempts login attempt restriction bypass vulnerability
Talos Vulnerability Report TALOS-2023-1898 WWBN AVideo checkLoginAttempts login attempt restriction bypass vulnerability January 10, 2024 CVE Number CVE-2023-49810 SUMMARY A login attempt restriction bypass vulnerability exists in the checkLoginAttempts functionality of WWBN AVideo dev master...
WWBN AVideo aVideoEncoderReceiveImage.json.php image upload information disclosure vulnerability
Talos Vulnerability Report TALOS-2023-1880 WWBN AVideo aVideoEncoderReceiveImage.json.php image upload information disclosure vulnerability January 10, 2024 CVE Number CVE-2023-49864,CVE-2023-49863,CVE-2023-49862 SUMMARY An information disclosure vulnerability exists in the...
WWBN AVideo import.json.php temporary copy unrestricted php file upload vulnerability
Talos Vulnerability Report TALOS-2023-1885 WWBN AVideo import.json.php temporary copy unrestricted php file upload vulnerability January 10, 2024 CVE Number CVE-2023-49715 SUMMARY A unrestricted php file upload vulnerability exists in the import.json.php temporary copy functionality of WWBN AVide...
WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability
Talos Vulnerability Report TALOS-2023-1869 WWBN AVideo aVideoEncoder.json.php chunkFile path information disclosure vulnerability January 10, 2024 CVE Number CVE-2023-47171 SUMMARY An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path functionality of WWBN...
WWBN AVideo userRecoverPass.php recoverPass generation insufficient entropy vulnerability
Talos Vulnerability Report TALOS-2023-1896 WWBN AVideo userRecoverPass.php recoverPass generation insufficient entropy vulnerability January 10, 2024 CVE Number CVE-2023-49589 SUMMARY An insufficient entropy vulnerability exists in the userRecoverPass.php recoverPass generation functionality of...
WWBN AVideo image404Raw.php information disclosure vulnerability
Talos Vulnerability Report TALOS-2023-1881 WWBN AVideo image404Raw.php information disclosure vulnerability January 10, 2024 CVE Number CVE-2023-49738 SUMMARY An information disclosure vulnerability exists in the image404Raw.php functionality of WWBN AVideo dev master commit 15fed957fb. A special...
WWBN AVideo salt generation insufficient entropy vulnerability
Talos Vulnerability Report TALOS-2023-1900 WWBN AVideo salt generation insufficient entropy vulnerability January 10, 2024 CVE Number CVE-2023-49599 SUMMARY An insufficient entropy vulnerability exists in the salt generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially...
WWBN AVideo channelBody.php user name cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2023-1884 WWBN AVideo channelBody.php user name cross-site scripting XSS vulnerability January 10, 2024 CVE Number CVE-2023-47861 SUMMARY A cross-site scripting xss vulnerability exists in the channelBody.php user name functionality of WWBN AVideo 11.6 and dev...
WWBN AVideo navbarMenuAndLogo.php user name cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2023-1882 WWBN AVideo navbarMenuAndLogo.php user name cross-site scripting XSS vulnerability January 10, 2024 CVE Number CVE-2023-48730 SUMMARY A cross-site scripting xss vulnerability exists in the navbarMenuAndLogo.php user name functionality of WWBN AVideo dev...
WWBN AVideo functiongetOpenGraph videoName cross-site scripting (XSS) vulnerability
Talos Vulnerability Report TALOS-2023-1883 WWBN AVideo functiongetOpenGraph videoName cross-site scripting XSS vulnerability January 10, 2024 CVE Number CVE-2023-48728 SUMMARY A cross-site scripting xss vulnerability exists in the functiongetOpenGraph videoName functionality of WWBN AVideo 11.6 a...
WWBN AVideo getLanguageFromBrowser local file inclusion vulnerability
Talos Vulnerability Report TALOS-2023-1886 WWBN AVideo getLanguageFromBrowser local file inclusion vulnerability January 10, 2024 CVE Number CVE-2023-47862 SUMMARY A local file inclusion vulnerability exists in the getLanguageFromBrowser functionality of WWBN AVideo dev master commit 15fed957fb. ...
WWBN AVideo userRecoverPass.php captcha validation recovery notification bypass vulnerability
Talos Vulnerability Report TALOS-2023-1897 WWBN AVideo userRecoverPass.php captcha validation recovery notification bypass vulnerability January 10, 2024 CVE Number CVE-2023-50172 SUMMARY A recovery notification bypass vulnerability exists in the userRecoverPass.php captcha validation functionali...
GTKWave EVCD var len parsing improper array index validation vulnerability
Talos Vulnerability Report TALOS-2023-1803 GTKWave EVCD var len parsing improper array index validation vulnerability January 8, 2024 CVE Number CVE-2023-34087 SUMMARY An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially...
GTKWave LXT2 num_time_table_entries out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1819 GTKWave LXT2 numtimetableentries out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-34436 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 numtimetableentries functionality of GTKWave 3.3.115. A specially crafted .lxt2...
GTKWave FST fstReaderIterBlocks2 VCDATA parsing heap-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1785 GTKWave FST fstReaderIterBlocks2 VCDATA parsing heap-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-35956,CVE-2023-35957,CVE-2023-35958,CVE-2023-35955 SUMMARY Multiple heap-based buffer overflow vulnerabilities exist in the...
GTKWave FST fstReaderIterBlocks2 fstWritex len heap-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1793 GTKWave FST fstReaderIterBlocks2 fstWritex len heap-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-36747,CVE-2023-36746 SUMMARY Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len...
GTKWave LXT2 num_dict_entries integer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1820 GTKWave LXT2 numdictentries integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-39316,CVE-2023-39317 SUMMARY Multiple integer overflow vulnerabilities exist in the LXT2 numdictentries functionality of GTKWave 3.3.115. A specially crafted...
GTKWave FST FST_BL_GEOM parsing maxhandle integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1777 GTKWave FST FSTBLGEOM parsing maxhandle integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-32650 SUMMARY An integer overflow vulnerability exists in the FSTBLGEOM parsing maxhandle functionality of GTKWave 3.3.115, when compiled as a 32-b...
GTKWave FST fstReaderIterBlocks2 chain_table parsing heap-based buffer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1789 GTKWave FST fstReaderIterBlocks2 chaintable parsing heap-based buffer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-35969,CVE-2023-35970 SUMMARY Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chaintab...
GTKWave VCD get_vartoken realloc use-after-free vulnerabilities
Talos Vulnerability Report TALOS-2023-1806 GTKWave VCD getvartoken realloc use-after-free vulnerabilities January 8, 2024 CVE Number CVE-2023-37576,CVE-2023-37577,CVE-2023-37573,CVE-2023-37578,CVE-2023-37575,CVE-2023-37574 SUMMARY Multiple use-after-free vulnerabilities exist in the VCD getvartok...
GTKWave VZT longest_len value allocation integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1816 GTKWave VZT longestlen value allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35004 SUMMARY An integer overflow vulnerability exists in the VZT longestlen value allocation functionality of GTKWave 3.3.115. A specially crafted...
ManageEngine OpManager uploadMib directory traversal vulnerability
Talos Vulnerability Report TALOS-2023-1851 ManageEngine OpManager uploadMib directory traversal vulnerability January 8, 2024 CVE Number CVE-2023-47211 SUMMARY A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP...
GTKWave LXT2 lxt2_rd_iter_radix shift operation integer underflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1824 GTKWave LXT2 lxt2rditerradix shift operation integer underflow vulnerabilities January 8, 2024 CVE Number CVE-2023-39413,CVE-2023-39414 SUMMARY Multiple integer underflow vulnerabilities exist in the LXT2 lxt2rditerradix shift operation functionality of...
GTKWave VZT vzt_rd_process_block autosort out-of-bounds write vulnerabilities
Talos Vulnerability Report TALOS-2023-1817 GTKWave VZT vztrdprocessblock autosort out-of-bounds write vulnerabilities January 8, 2024 CVE Number CVE-2023-39235,CVE-2023-39234 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the VZT vztrdprocessblock autosort functionality of GTKWave...
GTKWave LXT2 zlib block allocation integer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1822 GTKWave LXT2 zlib block allocation integer overflow vulnerability January 8, 2024 CVE Number CVE-2023-35989 SUMMARY An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 fil...
GTKWave VZT vzt_rd_block_vch_decode dict parsing integer overflow vulnerabilities
Talos Vulnerability Report TALOS-2023-1815 GTKWave VZT vztrdblockvchdecode dict parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-38653,CVE-2023-38652 SUMMARY Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode dict parsing functionality of...
GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1823 GTKWave LXT2 zlib block decompression out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-38657 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially craft...