37346 matches found
Cisco IOS XE WLC - Arbitrary File Upload
A vulnerability in the Out-of-Band Access Point AP Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.This vulnerability is due to the presence of a hard-coded JSON Web...
CVE-2026-58617
Technical details about CVE-2026-58617 are not publicly available in the provided documents. Monitor for updates from sources (Microsoft, NVD, CIRCL, EUVD, CVE Catalog) for affected components, impact, and fixes.
CVE-2026-58595 Microsoft Bing App for IOS Spoofing Vulnerability
...
CVE-2026-14906
Pages with malicious titles could potentially allow saved PDF content to overwrite PDF files or bundled content within the Firefox for iOS application sandbox. This vulnerability was fixed in Firefox for iOS 152.4...
CVE-2026-14906
The vulnerability CVE-2026-14906 affects Firefox for iOS. Pages with malicious titles could cause saved webpages-as-PDF content to overwrite existing PDF files or bundled content within the Firefox for iOS app sandbox. Affected component is the PDF-saving process; root cause details are not expli...
Cisco IOS XE Web UI - Command Injection
A vulnerability in the web UI component of Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system. This vulnerability is due to improper input validation in the web UI. An attacker could exploit...
Cisco IOS HTTP Configuration - Authentication Bypass
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. id: CVE-2001-0537 info: name: Cisco IOS HTTP Configuration - Authentication Bypass author:...
Chromium: CVE-2026-14136 Incorrect security UI in Chrome for iOS
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-0277
An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...
EUVD-2026-42689
An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...
CVE-2026-0277
An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...
CVE-2026-0277
The CVE covers Prisma Access Agent for iOS with an improper certificate validation weakness enabling a man-in-the-middle to intercept VPN traffic. Other platforms (Windows, macOS, Linux, Android, ChromeOS) are not affected. Root cause: improper certificate validation in iOS client. Impact is desc...
Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 DoS (cisco-sa-multiprod-ikev2-dos-gPctUqv2)
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and...
CVE-2026-13356
A malicious webpage could interrupt a pending navigation by enqueuing a synchronous JavaScript dialog, causing the browser UI to display the destination origin in the address bar while continuing to render attacker-controlled content. This vulnerability was fixed in Firefox for iOS 152.3...
EUVD-2026-40761
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40590
Inappropriate implementation in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-40588
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-40529
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
EUVD-2026-40533
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
EUVD-2026-40536
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code inside a sandbox via a malicious file. Chromium security severity: High...