Stable Channel Update for Desktop

The Stable channel has been updated to 148.0.7778.216/217 for Windows and 148.0.7778.215/216 Mac and 148.0.7778.215 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and...

Microsoft Excel 安全漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A security vulnerability exists in Microsoft Excel. An attacker could exploit the vulnerability to remotely execute code...

Microsoft Office 资源管理错误漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. Commonly used components of this product include Word, Excel, Access, Powerpoint, FrontPage, and others. A resource management error vulnerability exists in Microsoft Office. An attacker can exploi...

CVE-2025-53594

CVE-2025-53594 is a path-traversal vulnerability affecting QNAP products. A local attacker who has a user account can exploit the issue to read contents of unexpected files or system data. The vulnerability is reported across Qfinder Pro Mac, Qsync for Mac, and QVPN Device Client for Mac, with fi...

Microsoft Excel 缓冲区错误漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information leakage vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on the system...

EUVD-2010-3803

Malware in sbrugna...

EUVD-2022-36917

Malicious code in bioql PyPI...

EUVD-2025-11474

Malicious code in bioql PyPI...

PT-2025-23068 · Fortinet · Forticlient

Name of the Vulnerable Software and Affected Versions: FortiClient Mac versions 7.0.0 through 7.0.14 FortiClient Mac versions 7.2.0 through 7.2.8 FortiClient Mac versions 7.4.0 through 7.4.2 Description: The issue is related to an Incorrect Authorization vulnerability that may allow a local...

PT-2025-35158 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.2 Description: An application may be able to record the screen without a visible indicator. This issue was addressed with improved checks. Recommendations: Update to macOS version 15.2...

PT-2023-29442 · 1E · 1E Client Mac +1

Name of the Vulnerable Software and Affected Versions: 1E Client versions prior to the version with patch Q23094 1E Client Mac versions prior to v8.1.2.62 1E Client Mac versions between v8.1 and v23.11 exclusive Description: In the affected version of the 1E Client, an ordinary user could subvert...

PT-2023-28972 · Withsecure · Withsecure Elements Endpoint Protection +5

Name of the Vulnerable Software and Affected Versions: WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure...

Mouse cursor disappears in the double dop scenario

The mouse cursor disappears in certain double-hop scenarios or when using the VirtualBox client. There appears to be a bug in the VirtualBox client rendering of 32-bit color cursors, which causes the mouse cursor to disappear. Double-hop scenarios where CWA for Linux versions prior to 2309 and CW...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome, which stems from an improper implementation of the full-screen API that allows remote attackers to execute an incorrect security UI via a crafted HTML page, and affects the following products and...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome, which stems from an improper implementation of the file system API that allows remote attackers to bypass file system restrictions via a crafted HTML page, and affects the following products and...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser by Google, Inc. A security vulnerability exists in Google Chrome, which originates from a heap buffer overflow in libphonenumber that allows remote attackers to potentially exploit heap corruption via a crafted HTML page, and affects the following products and...

VulnCheck KEV: CVE-2011-0097

Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary...

CVE-2017-10888

BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an attacker to access local files via unspecified vectors...

UBUNTU-CVE-2015-8067

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

flash-plugin: code execution flaw (APSB12-18)

Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted SWF content, as exploited in the wild in August 2012 with SWF...