132 matches found
[SECURITY] Fedora 43 Update: thunderbird-149.0.1-3.fc43
Mozilla Thunderbird is a standalone mail and newsgroup client...
`rpc-check` was removed from crates.io for malicious code
This is part of an ongoing campaign to attempt to typosquat crates in the polymarket-client-sdk ecosystem to exfiltrate user credentials. The malicious crate had 6 versions published from 2026-02-20 onwards and had no evidence of actual usage. There were no crates depending on this crate on...
EUVD-2005-2598
Malware in sbrugna...
EUVD-2017-8193
Malware in sbrugna...
EUVD-2024-50350
Malicious code in bioql PyPI...
EUVD-2023-24420
Malicious code in bioql PyPI...
EUVD-2024-18189
Malicious code in bioql PyPI...
EUVD-2023-24419
Malicious code in bioql PyPI...
NVIDIA App 安全漏洞
NVIDIA App is a client software from NVIDIA Corporation USA. A security vulnerability exists in NVIDIA App that stems from a file that can be modified during the FrameviewSDK installation process, which could result in elevated privileges...
SSH-Passkeys: Leveraging Web Authentication for Passwordless SSH
We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the user and offer strong security guarantees. Passwords rema...
[SECURITY] Fedora 42 Update: tigervnc-1.15.0-6.fc42
Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...
The vulnerability of the Nomad Module component of the 1E Client software allows a hacker to delete any files on the device.
The vulnerability of the Nomad Module component of the 1E Client software lies in the improper handling of symbolic links before accessing files. Exploiting this vulnerability could allow an attacker to delete any files on the device...
CVE-2024-20474
A vulnerability in Internet Key Exchange version 2 IKEv2 processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service DoS of Cisco Secure Client. This vulnerability is due to an integer underflow condition. An attacker could exploit this...
CVE-2023-20241
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...
[SECURITY] Fedora 42 Update: tigervnc-1.15.0-2.fc42
Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...
Mozilla Thunderbird 安全漏洞
Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation in the United States that is separate from the Mozilla Application Suite. The software supports the IMAP and POP mail protocols as well as the HTML mail format. A security vulnerability exists in Mozilla...
CVE-2024-9044
A XML External Entity XXE vulnerability has been identified in Easy Tax Client Software 2023 1.2 and earlier across multiple platforms, including Windows, Linux, and macOS...
CVE-2024-9044 XML External Entity (XXE) Vulnerability in EasyTax
A XML External Entity XXE vulnerability has been identified in Easy Tax Client Software 2023 1.2 and earlier across multiple platforms, including Windows, Linux, and macOS...
PT-2024-39386 · Unknown · Easy Tax Client
Name of the Vulnerable Software and Affected Versions: Easy Tax Client Software 2023 versions 1.2 and earlier Description: A XML External Entity XXE vulnerability has been identified in Easy Tax Client Software across multiple platforms, including Windows, Linux, and macOS. Recommendations: For...
The vulnerability of VPN-client microprogramming software for Cisco Adaptive Security Appliances (ASA) and Cisco Firepower Threat Defense (FTD) allows attackers to execute cross-site scripting attacks.
The vulnerability of Cisco Adaptive Security Appliance ASA and Cisco Firepower Threat Defense FTD microprogramming software clients relates to the failure to remove script-related HTML tags from web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...