37 matches found
XSSaudit
XSSAudit v2.0 — Advanced XSS Vulnerability Scanner For au...
happy-dom 安全漏洞
Happy-Dom is a JavaScript implementation of a web browser without a graphical interface, developed by David Ortner. Versions of Happy-Dom prior to 20.8.9 contained a security vulnerability. This vulnerability stemmed from the fetch function, which might attach cookies originating from the current...
CVE-2026-28725
Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
EUVD-2026-9960
Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
CVE-2026-28725
Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
CVE-2026-28725
Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
Acronis Cyber Protect 安全漏洞
Acronis Cyber Protect is an enterprise-oriented integrated network protection solution developed by the Swiss company Acronis. It combines features such as backup, anti-malware, network security, and endpoint management e.g., vulnerability assessment, URL filtering, patch management, etc.. A...
CVE-2026-28725
Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
CVE-2026-28725
CVE-2026-28725 affects Acronis Cyber Protect 17 (Linux and Windows) prior to build 41186. The issue is a sensitive information disclosure caused by improper configuration of a headless browser. The CVE’s impact is described as High confidentiality risk with no impact to integrity or availability,...
CVE-2026-28725
Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
CVE-2026-28725
Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...
PT-2026-23599
Name of the Vulnerable Software and Affected Versions Acronis Cyber Protect 17 versions prior to build 41186 Description A sensitive information disclosure can occur due to an improper configuration of a headless browser. Recommendations Update Acronis Cyber Protect to build 41186 or later...
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication MFA protections. It's advertised as a cybercrime platform by a threat group calling itself Jinkusu, granting customers access to a...
injectproof
InjectProof The SQL injection scanner that finds what sqlma...
EUVD-2019-0292
Malware in sbrugna...
UBUNTU-CVE-2025-27406
Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act...
CVE-2025-27406
Technical details (affected products, versions, root cause, exploit vectors) are not provided in the connected documents. Monitor for updates.
CVE-2024-3149
A Server-Side Request Forgery SSRF vulnerability exists in the upload link feature of mintplex-labs/anything-llm. This feature, intended for users with manager or admin roles, processes uploaded links through an internal Collector API using a headless browser. An attacker can exploit this by...
Sensitive Information Exposure
org.graylog:graylog-parent is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper handling of concurrent report rendering requests, where a shared headless browser instance may return the report of one user to another, potentially exposing sensitive data...
CVE-2024-52506
Graylog is a free and open log management platform. The reporting functionality in Graylog allows the creation and scheduling of reports which contain dashboard widgets displaying individual log messages or metrics aggregated from fields of multiple log messages. This functionality, as included i...