4934 matches found
Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution
Micro Focus Operations Bridge Manager in versions 2020.05 and below is vulnerable to remote code execution via UCMDB. The vulnerability allows remote attackers to execute arbitrary code on affected installations of Data Center Automation. An attack requires network access and authentication as a...
EUVD-2026-33273
Mautic Focus component Vulnerable to SSRF...
[SECURITY] Fedora 43 Update: nginx-1.30.3-1.fc43
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
Astra Linux – Vulnerability in Firefox
Memory safety bugs exist in Firefox 111. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Andro...
GHSA-MPC8-JXJH-QPGH OpenClaw: Focus command could miss controlScope enforcement
Summary Focus command could miss controlScope enforcement. In affected versions, a caller able to trigger the focus command could run the command without enforcing the expected control scope. This advisory is scoped to the named feature and configuration. It does not change OpenClaw's...
CVE-2026-53850
OpenClaw before 2026.4.25 contains a control scope enforcement bypass vulnerability in the focus command that allows authenticated callers to execute the command without proper authorization checks. Attackers can trigger the focus command to change focus state outside intended caller authority,...
CVE-2026-53850
OpenClaw is affected by CVE-2026-53850, a control scope enforcement bypass in the focus command present in versions prior to 2026.4.25. The vulnerability allows authenticated callers to bypass authorization checks and change focus state outside their intended authority, potentially enabling unaut...
PT-2026-49767
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.25 Description A control scope enforcement bypass exists in the focus command. This allows authenticated callers to execute the command without proper authorization checks, enabling them to change the focus...
CVE-2026-11799
UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...
CVE-2026-11799
UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...
EUVD-2026-35837
UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...
CVE-2026-11799 UXSS in Focus for iOS / Klar Webkit navigation
UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...
CVE-2026-11799 UXSS in Focus for iOS / Klar Webkit navigation
UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...
CVE-2026-11799
CVE-2026-11799 concerns a UXSS flaw in Focus for iOS and Klar WebKit navigation. The affected components are Focus for iOS and Klar for iOS, with a root cause not explicitly detailed in the provided documents beyond the UXSS classification. The vulnerability is rated HIGH (CVSS 3.1: AV:N/AC:L/PR:...
PT-2026-48265
Name of the Vulnerable Software and Affected Versions Focus for iOS versions prior to 151.3.1 Klar for iOS versions prior to 151.3.1 Description Universal Cross-Site Scripting UXSS exists in the Webkit navigation of Focus for iOS and Klar for iOS. UXSS is a security flaw that allows an attacker t...
Mozilla Focus for iOS和Mozilla Klar for iOS 安全漏洞
Mozilla Focus for iOS and Mozilla Klar for iOS are mobile web browsers designed with privacy protection in mind by the American Mozilla Foundation. Both browsers have cross-site scripting vulnerabilities. These vulnerabilities arise due to improper input validation during the Webkit navigation...
Security Vulnerabilities fixed in Focus for iOS / Klar 151.3.1 — Mozilla
CVE-2026-11799: UXSS in Focus for iOS / Klar Webkit navigation Reporter Renwa Hiwa Impact high References Bug 1975667...
CVE-2026-8945
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in Firefox and Firefox Focus for Android...
CVE-2026-9557
A Server-Side Request Forgery SSRF vulnerability exists in Mautic's Focus component. Due to insufficient validation of user-supplied URLs, an authenticated user can trigger outbound HTTP requests from the hosting server, enabling internal network reconnaissance or forcing requests to arbitrary...
Incorrect Authorization
Overview mautic/plugin-focus is a Focus Plugin Affected versions of this package are vulnerable to Incorrect Authorization in the enforcement of owner-scope permissions such as viewown or editown. An attacker can gain unauthorized access or modify resources belonging to other users by exploiting...