113 matches found
EUVD-2020-29162
Malware in sbrugna...
EUVD-2019-8204
Malware in sbrugna...
EUVD-2023-44235
Malicious code in bioql PyPI...
EUVD-2022-4243
Malicious code in bioql PyPI...
EUVD-2023-55941
Malicious code in bioql PyPI...
EUVD-2022-34635
Malicious code in bioql PyPI...
EUVD-2025-26615
Malicious code in bioql PyPI...
SUSE CVE-2025-59161
Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...
Apple多款产品 安全漏洞
Apple Safari is a web browser that is the default browser that comes with the Mac OS X and iOS operating systems.Apple iOS is a suite of operating systems developed for mobile devices.Apple iPadOS is a suite of operating systems for the iPad tablet computer. A security vulnerability exists in...
CVE-2025-20291
A vulnerability in Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to redirect a targeted Webex Meetings user to an untrusted website. Cisco has addressed this vulnerability in the Cisco Webex Meetings service, and no customer action is needed. This vulnerability exist...
CVE-2024-34405
Improper deep link validation in McAfee Security: Antivirus VPN for Android before 8.3.0 could allow an attacker to launch an arbitrary URL within the app...
CVE-2023-30743
Due to improper neutralization of input in SAPUI5 - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, UI700 200, sap.m.FormattedText SAPUI5 control allows injection of untrusted CSS. This blocks user’s interaction with the application. Further, in the absence of URL validation by th...
CVE-2023-51219
A deep link validation issue in KakaoTalk 10.4.3 allowed a remote adversary to direct users to run any attacker-controlled JavaScript within a WebView. The impact was further escalated by triggering another WebView that leaked its access token in a HTTP request header. Ultimately, this access tok...
CVE-2023-2793
Mattermost fails to validate links on external websites when constructing a preview for a linked website, allowing an attacker to cause a denial-of-service by a linking to a specially crafted webpage in a message...
rsync: --safe-links option bypass leads to path traversal
A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the...
CVE-2025-3649
The LightPress Lightbox WordPress plugin before 2.3.4 does not check download links point to valid, non-Javascript URLs, allowing users with at least the contributor role to conduct Stored XSS attacks...
The software client’s vulnerability for providing remote access with SonicWall NetExtender allows a intruder to upload any files they want.
The vulnerability of the software client for remote access support provided by SonicWall NetExtender is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability could allow attackers to upload arbitrary files...
tarteaucitron.js 跨站脚本漏洞
tarteaucitron.js is a cookie manager for the Amauri CHAMPEAUX individual developer. A cross-site scripting vulnerability exists in tarteaucitron.js that stems from insufficient URL validation and could lead to arbitrary JavaScript execution...
Apple macOS 安全漏洞
Apple macOS is a specialized operating system developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that stems from insufficient symbolic link validation, which could lead to user elevation of privileges...
CVE-2024-58062 wifi: iwlwifi: mvm: avoid NULL pointer dereference
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference When iterating over the links of a vif, we need to make sure that the pointer is valid in other words - that the link exists before dereferncing it. Use foreachvifactivelink that...