Vulnerability Spotlight: Information disclosure vulnerability in D-LINK DIR-3040 mesh router
Dave McDaniel of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable information disclosure vulnerability in the D-LINK DIR-3040 smart WiFi mesh router that could allow an adversary to eventually turn off the device or remove other connected
Vulnerability Spotlight: Code execution vulnerability in Nitro Pro PDF
A Cisco Talos team member discovered these vulnerabilities. Cisco Talos recently discovered a vulnerability in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application. Nitro Pro PDF is part of Nitro Software’s Productivity Suite.
Vulnerability Spotlight: Heap buffer overflow vulnerability in Ribbonsoft dxflib library
Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Ribbonsoft’s dxflib library that could lead to code execution. The dxflib library is a C++ library utilized by digital desig
Vulnerability Spotlight: Memory corruption vulnerability in Daemon Tools Pro
Piotr Bania of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a memory corruption vulnerability in Disc Soft Ltd.'s Daemon Tools Pro. Daemon Tools Pro is a professional emulation software that works with disc images and virtual drives. It allows
Vulnerability Spotlight: Multiple integer overflow vulnerabilities in GPAC Project on Advanced Content
A Cisco Talos team member discovered these vulnerabilities. Cisco Talos recently discovered multiple integer overflow vulnerabilities in the GPAC Project on Advanced Content that could lead to memory corruption. The GPAC Project on Advanced Content is an open-source cross-platf
Vulnerability Spotlight: Multiple vulnerabilities in AT&T Labs’ Xmill utility
Carl Hurd of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in AT&T Labs’ Xmill utility. An attacker could take advantage of these issues to carry out a variety of malicious actions, including corrupting the application
Vulnerability Spotlight: Code execution vulnerability in Mozilla Firefox
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a use-after-free vulnerability in Mozilla Firefox that could lead to code execution. Firefox is a widely used web browser available on many operating systems. This specific vulne
Vulnerability Spotlight: Use-after-free vulnerability in tinyobjloader
Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered that a specific function of tinyobjloader does not properly validate array indexes. An adversary could trick a user into opening a specially crafted file, causing an index out-of-bound
Vulnerability Spotlight: Memory corruption vulnerability in PowerISO’s DMG handler
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a memory corruption vulnerability in PowerISO’s handler that deals with DMG files. PowerISO is a CD/DVD/BD image file processing tool, which allows users to open, extr