Lucene search
K

55 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 5:24 a.m.6 views

Malicious code in @ibrahim1337/baksen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea195bd44e54cd1051fc279a0e871b02c15eea04f65c80979d756fa767f541b4 Package @ibrahim1337/baksen ships a Windows x64 infostealer toolkit that targets Chromium-family browsers Chrome, Brave, Edge, Opera, Opera GX on the...

6AI score
Exploits0References19
OSV
OSV
added 2026/06/29 5:24 a.m.7 views

MAL-2026-6575 Malicious code in @ibrahim1337/baksen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea195bd44e54cd1051fc279a0e871b02c15eea04f65c80979d756fa767f541b4 Package @ibrahim1337/baksen ships a Windows x64 infostealer toolkit that targets Chromium-family browsers Chrome, Brave, Edge, Opera, Opera GX on the...

6AI score
Exploits0References12
Malwarebytes
Malwarebytes
added 2026/05/18 10:42 a.m.18 views

Microsoft is changing Edge’s plaintext password behavior

Microsoft said it will change Edge’s password handling as a “defense‑in‑depth” measure. Originally, Edge decrypted the entire saved‑password store on startup and kept all credentials resident in process memory in clear text for the whole browser session, regardless of whether a given credential w...

5.8AI score
Exploits0
HackRead
HackRead
added 2026/05/07 3:4 p.m.17 views

Researcher Shows Edge Browser Stores Saved Passwords in Plaintext

Cybersecurity expert Tom Rønning finds Microsoft Edge loads all saved passwords into computer memory as cleartext, making them easy for hackers to steal...

5.8AI score
Exploits0
UbuntuCve
UbuntuCve
added 2026/03/18 6:16 p.m.5 views

CVE-2026-32634

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, Glances stores both the Zeroconf-advertised server name and the discovered IP address for dynamic servers, but later builds connection URIs from the untrusted advertised name instead ...

8.1CVSS5.9AI score0.00282EPSS
Exploits1References4
OSV
OSV
added 2026/03/18 6:16 p.m.13 views

UBUNTU-CVE-2026-32634

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, Glances stores both the Zeroconf-advertised server name and the discovered IP address for dynamic servers, but later builds connection URIs from the untrusted advertised name instead ...

8.1CVSS5.8AI score0.00282EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/18 5:55 p.m.29 views

CVE-2026-32634 Glances Central Browser Autodiscovery Leaks Reusable Credentials to Zeroconf-Spoofed Servers

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, Glances stores both the Zeroconf-advertised server name and the discovered IP address for dynamic servers, but later builds connection URIs from the untrusted advertised name instead ...

8.1CVSS0.00282EPSS
Exploits1References3
HackRead
HackRead
added 2025/12/23 5:47 p.m.14 views

New MacSync Stealer Disguised as Trusted Mac App Hunts Saved Passwords

Jamf security experts have found a new version of MacSync Stealer. Disguised as a zk-call app, it uses official notarization to bypass security and steal your saved passwords...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-7658

Malware in sbrugna...

3.1CVSS4.3AI score0.00488EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-7334

Malware in sbrugna...

4.9CVSS4.9AI score0.01281EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-40948

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.0486EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-11703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox 13...

5.7CVSS7.2AI score0.00208EPSS
Exploits0References2
OSV
OSV
added 2025/03/31 11:15 p.m.3 views

CVE-2025-24245

This issue was addressed by adding a delay between verification code attempts. This issue is fixed in macOS Sequoia 15.4. A malicious app may be able to access a user's saved passwords...

9.8CVSS5.8AI score0.00614EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 3:3 a.m.12 views

CVE-2024-44204

A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver...

5.5CVSS5.8AI score0.0486EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/11/27 4:4 a.m.3 views

SUSE CVE-2024-11703

On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox 133...

5.3CVSS8.5AI score0.00208EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/11/26 11:50 p.m.13 views

CVE-2024-11703

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication...

5.3CVSS6.5AI score0.00208EPSS
Exploits0References5
OSV
OSV
added 2024/11/26 2:15 p.m.4 views

CVE-2024-11703

On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox 133...

5.7CVSS5.8AI score0.00208EPSS
Exploits0References2
CVE
CVE
added 2024/11/26 1:33 p.m.291 views

CVE-2024-11703

CVE-2024-11703 affects Firefox on Android, where a vulnerability could allow viewing saved passwords without the required device PIN authentication in Firefox versions older than 133. The CVE entry notes the impact is high for confidentiality and integrity, with exploitation described as requirin...

5.7CVSS6.3AI score0.00208EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/11/26 1:33 p.m.16 views

CVE-2024-11703

On Android, Firefox may have inadvertently allowed viewing saved passwords without the required device PIN authentication. This vulnerability affects Firefox 133...

5.7CVSS5.7AI score0.00208EPSS
Exploits0
CNNVD
CNNVD
added 2024/11/26 12:0 a.m.4 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security bypass vulnerability exists in Mozilla Firefox, which can be exploited by an attacker to view saved passwords without performing the required device PIN authentication...

5.7CVSS6.5AI score0.00208EPSS
Exploits0References4
Rows per page
Query Builder