10 matches found
PT-2026-5952
ERPNext thru 15.88.1 does not sanitize or remove certain HTML tags specifically hyperlinks in fields that are intended for plain text. Although JavaScript is blocked preventing XSS, the HTML is still preserved in the generated PDF document. As a result, an attacker can inject malicious clickable...
EUVD-2023-49963
Malicious code in bioql PyPI...
Security update for MozillaFirefox, MozillaFirefox-branding-SLE
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: MozillaFirefox is updated to the 140ESR series. Firefox Extended Support Release 140.0esr ESR: General Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacing,...
SUSE-SU-2025:02529-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLE
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: MozillaFirefox is updated to the 140ESR series. Firefox Extended Support Release 140.0esr ESR: General - Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacin...
Security update for MozillaFirefox, MozillaFirefox-branding-SLE
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: This is the Firefox Extended Support Release 140.0esr ESR Major changes: General: Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacing, and text alignment...
SUSE-SU-2025:02339-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLE
This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: This is the Firefox Extended Support Release 140.0esr ESR Major changes: General: - Reader View now has an enhanced Text and Layout menu with new options for character spacing, word spacing, and text alignment...
Fake hotel reservation phishing scam uses PDF links to spread MrAnon Stealer
By Waqas Received an email about a hotel reservation you didn't book? It's likely a phishing attempt delivering the MrAnon Stealer malware. This is a post from HackRead.com Read the original post: Fake hotel reservation phishing scam uses PDF links to spread MrAnon Stealer...
Okular: Local restricted command execution
Background Okular is a universal document viewer based on KPDF. Description A logic error was discovered in Okular, which results in trusting action links within a PDF, possibly allowing execution of a binary. Impact A remote attacker could entice a user to open a specially crafted PDF using...
CVE-2017-3115
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an information disclosure vulnerability when handling links in a PDF document...
Fake IRS Spam Campaign Pushing Zeus Bot
There is a large scale spam campaign underway right now in which attackers are using fairly well-crafted emails that appear to come from the IRS to infect victims with the Zeus bot. The attack has been ongoing for a couple of weeks now, and researchers say that although the attackers have taken...