n8n: Same-Origin XSS in Respond to Webhook Node

Impact An authenticated user with workflow edit access could configure a Respond to Webhook node to serve binary content with an attacker-controlled Content-Type. The binary response path bypassed the central Content-Security-Policy sandbox header, allowing a public webhook to execute JavaScript ...

SUSE CVE-2026-11038

Insufficient policy enforcement in Subresource Integrity in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via malicious network traffic. Chromium security severity: Medium...

EUVD-2019-5082

Malware in sbrugna...

EUVD-2004-0161

Malware in sbrugna...

EUVD-2003-1004

Malware in sbrugna...

Mozilla Thunderbird ESR Security Update (mfsa_2025-71) - Mac OS X

Mozilla Thunderbird ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

AlmaLinux 8 : thunderbird (ALSA-2025:13676)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:13676 advisory. firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox...

SUSE CVE-2025-6556

Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...

Apple多款产品安全特征问题漏洞

Apple tvOS and others are products of Apple Inc.Apple tvOS is an operating system for smart TVs.Apple watchOS is an operating system for smart watches.Apple iPadOS is an operating system for iPad tablets. A vulnerability exists in various Apple products due to a security signature issue, which...

chromium-browser: Insufficient policy enforcement in Blink

Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page...

GLSA-201801-03 : Chromium, Google Chrome: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201801-03 Chromium, Google Chrome: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Chromium and Google Chrome. Please review the CVE identifiers referenced below for details. Impact : A remote attacker...

Security update for chromium (important)

This update to Chromium 63.0.3239.84 fixes the following security issues: - CVE-2017-5124: UXSS with MHTML - CVE-2017-5125: Heap overflow in Skia - CVE-2017-5126: Use after free in PDFium - CVE-2017-5127: Use after free in PDFium - CVE-2017-5128: Heap overflow in WebGL - CVE-2017-5129: Use after...

USN-3477-3 firefox regressions

USN-3477-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafte...

chromium-browser content security bypass vulnerability

chromium-browser is an open source web browser project started by Google to provide source code for the proprietary Google Chrome browser. A content security bypass vulnerability exists in chromium-browser. An attacker can exploit the vulnerability to bypass security restrictions and perform...

openSUSE: Security Advisory for chromium (openSUSE-SU-2017:2902-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

FreeBSD : chromium -- multiple vulnerabilities (a692bffe-b6ad-11e7-a1c2-e8e0b747a45a)

Google Chrome Releases reports : 35 security fixes in this release, including : - 762930 High CVE-2017-5124: UXSS with MHTML. Reported by Anonymous on 2017-09-07 - 749147 High CVE-2017-5125: Heap overflow in Skia. Reported by Anonymous on 2017-07-26 - 760455 High CVE-2017-5126: Use after free in...

USN-2992-1 oxide-qt vulnerabilities

An unspecified security issue was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2016-1673 An issue was discovered with Document reattachment in Blink in some circumstances. ...

CVE-2004-0051

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as 1 uuencode, 2 mac-binhex40, and 3 yenc, which may be interpreted differently by...