33 matches found
CVE-2026-0558
A vulnerability in parisneo/lollms, up to and including version 2.2.0, allows unauthenticated users to upload and process files through the /api/files/extract-text endpoint. This endpoint does not enforce authentication, unlike other file-related endpoints, and lacks the Dependsgetcurrentactiveus...
CVE-2026-0558 Unauthenticated File Upload in parisneo/lollms
A vulnerability in parisneo/lollms, up to and including version 2.2.0, allows unauthenticated users to upload and process files through the /api/files/extract-text endpoint. This endpoint does not enforce authentication, unlike other file-related endpoints, and lacks the Dependsgetcurrentactiveus...
AWS VDP: Password Reuse Vulnerability on AWS Sign-in Page via Password Reset Flow leads to Security Policy Violation
Asset URL: ██████ Summary: The AWS sign-in page allows users to reuse old passwords when resetting their password, which violates security best practices outlined in OWASP Authentication Cheat Sheet and NIST 800-63B Digital Identity Guidelines. This misconfiguration could potentially weaken accou...
EUVD-2006-4024
Malware in sbrugna...
EUVD-1999-1337
Malware in sbrugna...
EUVD-2016-6978
Malware in sbrugna...
EUVD-2022-27888
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-22745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 9...
Mozilla Firefox Information Disclosure Vulnerability (CNVD-2023-59952)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from an information disclosure vulnerability that stems from a Securitypolicyviolation event that could disclose cross-domain URLs, which could be exploited by an attacker to...
CVE-2022-22745
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
CVE-2022-22745
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
CVE-2022-22745
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
Mageia: Security Advisory (MGASA-2022-0019)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: MozillaFirefox / MozillaFirefox-devel / etc (SUSE-SU-2022:0137-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0137-1 advisory. - CVE-2021-4140: Fixed iframe sandbox bypass with XSLT bsc1194547. - CVE-2022-22737: Fixed race condition when playing audio files...
CVE-2022-22745
Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
Mozilla: Leaking cross-origin URLs through securitypolicyviolation event
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...
Mozilla: Leaking cross-origin URLs through securitypolicyviolation event
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...
Mozilla: Leaking cross-origin URLs through securitypolicyviolation event
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...
Mozilla: Leaking cross-origin URLs through securitypolicyviolation event
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...
Mozilla: Leaking cross-origin URLs through securitypolicyviolation event
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: Securitypolicyviolation events could have leaked cross-origin information for frame-ancestors violations...