Vulnerability Research

July 10, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Antenna House Vulnerabilities

1 min read

Cisco Talos has identified six vulnerabilities in the Antenna House Office Server Document Converter (OSDC). These vulnerabilities can be used to remotely execute code on a vulnerable system.

July 10, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Adobe Acrobat DC Remote Code Execution Vulnerabilties

1 min read

Today, Talos is releasing details of a new vulnerabilities within Adobe Acrobat Reader DC that tricks a user into visiting a malicious web page.

June 29, 2018

THREAT RESEARCH

Vulnerability Spotlight: VMWare Workstation DoS Vulnerability

1 min read

Today, Talos is disclosing a vulnerability in VMWare Workstation that could result in Denial of Service.  VMWare Workstation is a widely used virtualization platform designed to run alongside a...

April 10, 2018

THREAT RESEARCH

Beers with Talos EP26: Talos is Holding a Conference, and the Evolving Battle at the Edge

1 min read

    Beers with Talos (BWT) Podcast Episode 26 is now available.  Download this episode and subscribe to Beers...

March 1, 2018

THREAT RESEARCH

Vulnerability Spotlight: Simple DirectMedia Layer’s SDL2_Image

1 min read

Overview Talos is disclosing several vulnerabilities identified in Simple DirectMedia Layer's SDL2_Image library that could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low...

January 17, 2018

THREAT RESEARCH

Vulnerability Spotlight: Tinysvcmdns Multi-label DNS DoS Vulnerabilility

1 min read

Overview Talos is disclosing a single NULL pointer dereference vulnerability in the tinysvcmdns library. Tinysvcmdns is a tiny MDNS responder implementation for publishing services. This is essentially a mini and embedded version of Avahi or Bonjour. Read More >>

December 19, 2017

THREAT RESEARCH

Vulnerability Spotlight: VMWare VNC Vulnerabilities

1 min read

Today, Talos is disclosing a pair of vulnerabilities in the VNC implementation used in VMWare’s products that could result in code execution. VMWare implements VNC for its remote management, remote access, and automation purposes in VMWare products including Workstation, Player, and ESXi which share a common VMW VNC code base. The vulnerabilities manifest themselves in […]

November 15, 2017

THREAT RESEARCH

Vulnerability Spotlight: Multiple Remote Code Execution Vulnerabilities Within libxls

1 min read

Talos is releasing seven new vulnerabilities discovered within the libxls library. These vulnerabilities result in remote code execution using specially crafted XLS files.

October 10, 2017

THREAT RESEARCH

Vulnerability Spotlight: Arbitrary Code Execution Bugs in Simple DirectMedia Layer Fixed

1 min read

Today, Talos is disclosing two vulnerabilities that have been identified in the Simple DirectMedia Layer library. Simple DirectMedia Layer (SDL) is a cross-platform development library designed for use in video playback software, emulators, and games by providing low level access to audio, keyboard, mouse, joystick, and graphics hardware. SDL, via its SDL_image library, also has […]