11 matches found
Astra Linux – Vulnerability in Firefox
If a user saved a response from the Network tab in Devtools using the “Save As” context menu option, the file might not have been saved with the .download file extension. This could have allowed the user to run a malicious executable inadvertently. This vulnerability has been fixed in Firefox 140...
CVE-2025-6435
If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox 140 and...
CVE-2025-6435
If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox 140 and...
CVE-2025-6435
If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in Firefox 140 and...
Mozilla Thunderbird Security Advisory (MFSA2023-15) - Mac OS X
Thunderbird is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...
WordPress Plugin WP-Syntax Download Extension Database Backup Leakage Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A database backup disclosure vulnerability exists in WordPress plugin WP-Syntax Download Extension. An attacker can exploit t...
Cromos - Download and Inject code into Google Chrome extensions
Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application and more cromos create executable files to force installation via PowerShell for example, and also upload files to dropbox to host the malicious files. Download...
Sql injection
SQL injection vulnerability in the Documents download rtgfiles extension before 1.5.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4701
SQL injection vulnerability in the Myth download mythdownload extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-4701
SQL injection vulnerability in the Myth download mythdownload extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2004-2083
Summary: Opera Web Browser 7.0–7.23 is affected by a file-download extension spoofing flaw. When a malicious site provides a downloadable file, the filename may embed a CLSID that makes the file appear as a trusted type, tricking users into executing it. This can lead to arbitrary code execution ...