firefox: thunderbird: Same-origin policy bypass in the Networking: JAR component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: JAR component...

firefox: thunderbird: Incorrect boundary conditions in the Networking: JAR component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Networking: JAR component...

firefox: thunderbird: Incorrect boundary conditions in the Networking: JAR component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Networking: JAR component...

PT-2026-22207

Name of the Vulnerable Software and Affected Versions Junrar versions prior to 7.5.8 Description Junrar is an open source java RAR archive library. A path traversal flaw exists in the LocalFolderExtractor component. When processing a specially crafted RAR archive on Linux/Unix systems, an attacke...

firefox: thunderbird: Same-origin policy bypass in the Networking: JAR component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: JAR component...

firefox: thunderbird: Incorrect boundary conditions in the Networking: JAR component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Networking: JAR component...

firefox: thunderbird: Incorrect boundary conditions in the Networking: JAR component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Networking: JAR component...

SUSE CVE-2026-2790

Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2790

Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

EUVD-2026-8499

Incorrect boundary conditions in the Networking: JAR component. This vulnerability affects Firefox 148 and Firefox ESR 140.8...

Apache Tika JAR Detection

Binary data apachetikajardetect.nbin...

Apache Commons FileUpload JAR Detection

Binary data apachecommonsfileuploadjardetect.nbin...

Arbitrary Code Execution in NLTK StanfordSegmenter via untrusted JAR loading

This report is not public...

Bloody Wolf Expands Java-based NetSupport RAT Attacks in Kyrgyzstan and Uzbekistan

The threat actor known as Bloody Wolf has been attributed to a cyber attack campaign that has targeted Kyrgyzstan since at least June 2025 with the goal of delivering NetSupport RAT. As of October 2025, the activity has expanded to also single out Uzbekistan, Group-IB researchers Amirbek Kurbanov...

Exploit for Improper Access Control in Adobe Coldfusion

PoC exploit for CVE-2023-26360, a Remote Code Execution vulnerab...

EUVD-2005-1083

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-10181

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature...

NetScout nGeniusONE 安全漏洞

NetScout nGeniusONE is a centralized application management and network performance solution from NetScout, Inc. A security vulnerability exists in NetScout nGeniusONE versions prior to 6.4.0 b2350, which stems from the presence of hard-coded credentials in a JAR file...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sequoia that stems from a malicious JAR file that could bypass Gatekeeper checks...

firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was...