Astra Linux - уязвимость в firefox, thunderbird

A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution within the PDF.js context. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

MiracleLinux 8 : thunderbird-115.11.0-1.el8_10.ML.1 (AXSA:2024-8467:14)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8467:14 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

CVE-2025-23943

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aruvi PDF.js Shortcode pdfjs-shortcode allows Stored XSS.This issue affects PDF.js Shortcode: from n/a through = 1.0...

Google Chrome < 19.0.0.245 Vulnerability

The version of Google Chrome installed on the remote Windows host is prior to 19.0.0.245. It is, therefore, affected by a vulnerability as referenced in the 201511stable-channel-update advisory. - The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages an...

EUVD-2015-2833

Malware in sbrugna...

EUVD-2021-11671

Malware in sbrugna...

EUVD-2013-5438

Malware in sbrugna...

EUVD-2025-3557

Malicious code in bioql PyPI...

EUVD-2024-45838

Malicious code in bioql PyPI...

EUVD-2021-31877

Malicious code in bioql PyPI...

EUVD-2024-1513

Malicious code in bioql PyPI...

EUVD-2024-28186

Malicious code in bioql PyPI...

Improper Input Validation

Overview local-deep-research is an AI-powered research assistant with deep, iterative analysis using LLMs and web searches Affected versions of this package are vulnerable to Improper Input Validation via the HTML entity decoding logic in the client-side PDF export pipeline. An attacker can explo...

Linux Distros Unpatched Vulnerability : CVE-2021-45086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 because a server's suggestedfilename is used as the pdfname value in PDF.js...

Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

CVE-2024-4367 POC for PDF.js POC for PDF.js' CVE-2024-4367 vu...

TencentOS Server 4: firefox (TSSA-2024:0424)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0424 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 2: firefox (TSSA-2024:0250)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0250 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

TencentOS Server 4: thunderbird (TSSA-2024:0469)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0469 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2024-52300

macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The width parameter of the PDF viewer macro isn't properly escaped, allowing XSS for any user who can edit a page. XSS can impact the confidentiality, integrity and availability of the whole XWiki installation when an admin...

CVE-2024-6938

A vulnerability has been found in SiYuan 3.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PDF.js of the component PDF Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been...