Cisco Talos Blog

December 19, 2024 13:53

Acrobat out-of-bounds and Foxit use-after-free PDF reader vulnerabilities found

Cisco Talos’ Vulnerability Research team recently disclosed three out-of-bounds read vulnerabilities in Adobe Acrobat Reader, and two use-after-free vulnerabilities in Foxit Reader.   These vulnerabilities exist in Adobe Acrobat Reader and Foxit Reader, two of the most popular a

December 9, 2024 14:30

MC LR Router and GoCast unpatched vulnerabilities

Cisco Talos' Vulnerability Research team recently discovered two vulnerabilities in MC Technologies LR Router and three vulnerabilities in the GoCast service.  These vulnerabilities have not been patched at time of this posting.  For Snort coverage that can detect the explo

October 31, 2024 11:29

NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities

Cisco Talos' Vulnerability Research team recently discovered five Nvidia out-of-bounds access vulnerabilities in shader processing, as well as eleven LevelOne router vulnerabilities spanning a range of possible exploits. For Snort coverage that can detect the exploitation of

April 3, 2023 11:08

Vulnerability Spotlight: Buffer overflow vulnerability in ADMesh library

A specially crafted STL file can lead to a heap buffer overflow.

January 19, 2023 15:01

Vulnerability Spotlight: XSS vulnerability in Ghost CMS

Dave McDaniel of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a cross-site scripting (XSS) vulnerability in Ghost CMS. Ghost is a content management system with tools to build a website, publish content and send newsletters. Ghost offers paid subsc

January 13, 2023 11:58

Vulnerability Spotlight: Integer and buffer overflow vulnerabilities found in QT QML

Emma Reuter and Theo Morales of ASIG and Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Cisco ASIG and Cisco Talos recently discovered code execution vulnerabilities in QT QML. Qt is a popular software suite primarily used to create graphical user interface

December 21, 2022 12:39

Vulnerability Spotlight: Authentication bypass and enumeration vulnerabilities in Ghost CMS

Dave McDaniel and other members of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two vulnerabilities in Ghost CMS, one authentication bypass vulnerability and one enumeration vulnerability. Ghost is a content management system with tools to build