Lucene search
K

11 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox

If a user saved a response from the Network tab in Devtools using the “Save As” context menu option, the file might not have been saved with the .download file extension. This could have allowed the user to run a malicious executable inadvertently. This vulnerability has been fixed in Firefox 140...

8.1CVSS7.3AI score0.00372EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/06/24 1:15 p.m.4 views

CVE-2025-6435

If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox 140 and...

8.1CVSS6.6AI score0.00372EPSS
Exploits0References4
OSV
OSV
added 2025/06/24 1:15 p.m.5 views

CVE-2025-6435

If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability affects Firefox 140 and...

8.1CVSS7.3AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/06/24 12:28 p.m.3 views

CVE-2025-6435

If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the .download file extension. This could have led to the user inadvertently running a malicious executable. This vulnerability was fixed in Firefox 140 and...

8.1CVSS5.8AI score0.00372EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/04/12 12:0 a.m.24 views

Mozilla Thunderbird Security Advisory (MFSA2023-15) - Mac OS X

Thunderbird is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

9.8CVSS7.7AI score0.00974EPSS
Exploits0References1
CNVD
CNVD
added 2019/01/03 12:0 a.m.2 views

WordPress Plugin WP-Syntax Download Extension Database Backup Leakage Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A database backup disclosure vulnerability exists in WordPress plugin WP-Syntax Download Extension. An attacker can exploit t...

6.4AI score
Exploits0References1
Kitploit
Kitploit
added 2017/11/08 1:21 p.m.14 views

Cromos - Download and Inject code into Google Chrome extensions

Cromos is a tool for downloading legitimate extensions of the Chrome Web Store and inject codes in the background of the application and more cromos create executable files to force installation via PowerShell for example, and also upload files to dropbox to host the malicious files. Download...

7AI score
Exploits0References1
Prion
Prion
added 2012/02/14 5:55 p.m.12 views

Sql injection

SQL injection vulnerability in the Documents download rtgfiles extension before 1.5.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9.1AI score0.01337EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2010/03/15 9:30 p.m.19 views

CVE-2009-4701

SQL injection vulnerability in the Myth download mythdownload extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.01021EPSS
Exploits0References1
Cvelist
Cvelist
added 2010/03/15 9:0 p.m.23 views

CVE-2009-4701

SQL injection vulnerability in the Myth download mythdownload extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

8.4AI score0.01021EPSS
Exploits0References1
CVE
CVE
added 2005/05/19 4:0 a.m.64 views

CVE-2004-2083

Summary: Opera Web Browser 7.0–7.23 is affected by a file-download extension spoofing flaw. When a malicious site provides a downloadable file, the filename may embed a CLSID that makes the file appear as a trusted type, tricking users into executing it. This can lead to arbitrary code execution ...

2.6CVSS6.6AI score0.02555EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder