CVE-2025-6431

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. This bug only affects...

CVE-2025-6431

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. This bug only affects...

CVE-2025-6431

The connected documents confirm CVE-2025-6431 affects Firefox for Android and describes a bypass where the prompt to open a link in an external application could be bypassed, potentially exposing users to security/privacy risks in external apps. The vulnerability is limited to Firefox for Android...

CVE-2025-6431

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. This bug only affects...

CVE-2012-6431

Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly encoded string...

CVE-2024-6431

creationtimestamp| type| source ---|---|--- 2024-07-27 04:55:00+00:00| seen| https://t.me/cvedetector/1744...

CVE-2024-6431 Media.net Ads Manager <= 2.10.13 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload

The Media.net Ads Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and missing capability check in the 'sendMail' function in all versions up to, and including, 2.10.13. This makes it possible for authenticated attackers, with subscriber-lev...

CVE-2023-6431 Cross-site Scripting vulnerability in BigProf products

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/categoriesview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user t...

CVE-2023-6431 Cross-site Scripting vulnerability in BigProf products

A vulnerability has been discovered in BigProf Online Invoicing System 2.6, which does not sufficiently encode user-controlled input, resulting in persistent XSS through /inventory/categoriesview.php, in the FirstRecord parameter. Exploitation of this vulnerability could allow an attacking user t...

CVE-2023-6431

BigProf Online Invoicing System 2.6 contains a persistent XSS flaw due to insufficient encoding of user-controlled input in the FirstRecord parameter of /inventory/categories_view.php. This could allow storing JavaScript payloads that execute when the page loads. Documented in CVE-2023-6431 and c...

RHEL 9 : libfastjson (RHSA-2023:6431)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6431 advisory. The libfastjson library provides essential JavaScript Object Notation JSON handling functions. The library enables users to construct JSON objects in...

Ubuntu 22.04 LTS / 23.04 : iperf3 vulnerability (USN-6431-2)

The remote Ubuntu 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6431-2 advisory. USN-6431-1 fixed a vulnerability in iperf3. This update provides the corresponding update for Ubuntu 22.04 LTS and Ubuntu 23.04. Tenable has extracted the...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : iperf3 vulnerabilities (USN-6431-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6431-1 advisory. It was discovered that iperf3 did not properly manage certain inputs, which could lead to a crash. A remote attacker could possibly use th...

Ubuntu: Security Advisory (USN-6431-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 ESM : iperf3 vulnerability (USN-6431-3)

The remote Ubuntu 22.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6431-3 advisory. USN-6431-1 fixed a vulnerability in iperf3. This update provides the corresponding update for Ubuntu 22.04 LTS. Tenable has extracted the preceding description...

Mageia: Security Advisory (MGASA-2020-0174)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4714-1 : chromium - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2020-6423 A use-after-free issue was found in the audio implementation. - CVE-2020-6430 Avihay Cohen discovered a type confusion issue in the v8 JavaScript library. - CVE-2020-6431 Luan Herrera discovered a policy...

Fedora: Security Advisory for chromium (FEDORA-2020-b82a634e27)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Important: Red Hat Security Advisory: chromium-browser security update

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

openSUSE: Security Advisory for chromium (openSUSE-SU-2020:0519-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...