vulnerability spotlight
Vulnerability Spotlight: Multiple Simple DirectMedia Layer Vulnerabilities
Discovered by Lilith Wyatt of Cisco Talos Overview Talos is disclosing several vulnerabilities identified in Simple DirectMedia Layer’s SDL2_Image library that could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to a…
Vulnerability Spotlight: Multiple Computerinsel PhotoLine PSD Code Execution Vulnerabilities
Discovered by Tyler Bohan of Cisco Talos Overview Today, Cisco Talos is disclosing a vulnerability within Computerinsel PhotoLine’s PSD-parsing functionality. Photoline is an image processing tool used to modify and edit images, as well as other graphic-related material. This product has a lar…
Vulnerability Spotlight: Simple DirectMedia Layer’s SDL2_Image
Overview Talos is disclosing several vulnerabilities identified in Simple DirectMedia Layer’s SDL2_Image library that could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to audio, keyboard, mouse, joystick, and graph…
Vulnerability Spotlight: Tinysvcmdns Multi-label DNS DoS Vulnerabilility
Overview Talos is disclosing a single NULL pointer dereference vulnerability in the tinysvcmdns library. Tinysvcmdns is a tiny MDNS responder implementation for publishing services. This is essentially a mini and embedded version of Avahi or Bonjour. Read More >>…
Vulnerability Spotlight: VMWare VNC Vulnerabilities
Today, Talos is disclosing a pair of vulnerabilities in the VNC implementation used in VMWare’s products that could result in code execution. VMWare implements VNC for its remote management, remote access, and automation purposes in VMWare products including Workstation, Player, and ESXi which…
Vulnerability Spotlight: Multiple Remote Code Execution Vulnerabilities Within libxls
Vulnerabilities discovered by Marcin Noga of Cisco Talos Talos is releasing seven new vulnerabilities discovered within the libxls library: TALOS-2017-0403, TALOS-2017-0404, TALOS-2017-0426, TALOS-2017-0460, TALOS-2017-0461, TALOS-2017-0462, and TALOS-2017-0463. These vulnerabilities result in remo…
Vulnerability Spotlight: The Circle of a Bug’s Life
Cisco Talos is disclosing several vulnerabilities identified in Circle with Disney. Circle with Disney is a network device designed to monitor the Internet use of children on a given network. Circle pairs wirelessly, with your home Wi-Fi and allows you to manage every device on the network, tablet,…
Vulnerability Spotlight: Multiple Vulnerabilities in Cesanta Mongoose Server
These vulnerabilities were discovered by Aleksandar Nikolic of Cisco Talos Today, Talos is disclosing several vulnerabilities that have been identified in Cesanta Mongoose server. Cesanta Mongoose is a library implementing a number of networking protocols, including HTTP, MQTT, MDNS and others. It i…
Vulnerability Spotlight: Apache OpenOffice Vulnerabilities
Today, Talos is releasing details of three new vulnerabilities discovered within Apache OpenOffice application. The first vulnerability, TALOS-2017-0295 within OpenOffice Writer, the second TALOS-2017-0300 in the Draw application, and the third TALOS-2017-0301 discovered in the Writer application. A…