DEBIAN-CVE-2026-10010

Inappropriate implementation in Input in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

CVE-2026-10010

Inappropriate implementation in Input in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

CVE-2026-40383 Joomla! Core - [20260509] - LFI in HTMLView layout parameter

An improper validation of user-supplied input leads to a local file inclusion vulnerability...

EUVD-2026-31303

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in ics205.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the frmaddstr POST parameter directly into an HTML form hidden input value attribute...

CVE-2026-8003

An insufficient validation of untrusted input flaw was found in the TabGroups component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495985532...

SUSE CVE-2026-5884

Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

Debian dsa-6147 : python-pil-doc - security update

The remote Debian 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6147 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6147-1 [email protected] https://www.debian.org/security/ Moritz...

CVE-2026-2320

Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2322

Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

Multiple vulnerabilities in Cybozu Garoon

Overview Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. CyVDB-3687Cross-site scripting vulnerability in E-mail CWE-79 - CVE-2026-20711 CyVDB-3689Cross-site scripting vulnerability in Message CWE-79 - CVE-2026-22881 CyVDB-3995Improper input verification in...

PT-2026-4832

Name of the Vulnerable Software and Affected Versions Shaarli versions prior to 0.16.0 Description Shaarli is a personal bookmarking service susceptible to a cross-site scripting XSS issue. A malicious tag beginning with a double quote " can prematurely terminate the tag on the start page, enabli...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001329)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001329 advisory. The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state, which...

CVE-2025-34409 MailEnable < 10.54 Reflected XSS in Failed Parameter of MAI/AddRecipientsResult.aspx

MailEnable versions prior to 10.54 contain a reflected cross-site scripting XSS vulnerability in the Failed parameter of /Mondo/lang/sys/Forms/MAI/AddRecipientsResult.aspx. The Failed value is not properly sanitized when processed via a GET request and is reflected in the response, allowing an...

CVE-2025-23361

NVIDIA NeMo Framework for all platforms contains a vulnerability in a script, where malicious input created by an attacker may cause improper control of code generation. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and da...

EUVD-2024-32347

Malicious code in bioql PyPI...

EUVD-2021-8697

Malicious code in bioql PyPI...

EUVD-2025-3964

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-2971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by negative object number in indirect reference in the input PDF file. CVE-2024-2971 Note that...

CVE-2025-30056

Technical details about CVE-2025-30056 are not provided in the connected documents. Monitor for updates to identify affected products, root cause, impact, and remediation.

Linux Distros Unpatched Vulnerability : CVE-2025-3070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a...