CVE-2025-27426

Malicious websites utilizing a server-side redirect to an internal error page could result in a spoofed website URL This vulnerability affects Firefox for iOS 136...

CVE-2024-40720

The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a user visits a spoofed website, unauthenticated remote attackers can modify the HKEYCURRENTUSER registry to execute arbitrary commands...

PT-2024-29002 · Changing Information Technology · Hwataiservisign Windows Version

Name of the Vulnerable Software and Affected Versions: HWATAIServiSign Windows Version from CHANGING Information Technology affected versions not specified Description: The issue arises from improper validation of the length of server-side inputs in a specific API. This can be exploited by...

Product Explained: Memcyco's Real-Time Defense Against Website Spoofing

Hands-On Review: Memcyco's Threat Intelligence Solution Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious actors clone legitimate websites to trick customers, leading to financial scams and data theft causing...

Jupyter Server Input Validation Error Vulnerability

Jupyter Server is a Jupyter community application used to provide back-end services for Jupyter web applications. A security vulnerability exists in Jupyter Server versions prior to 1.0.6 that stems from an open redirection vulnerability. A maliciously created link to the jupyter server could...

PYSEC-2020-215

Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are technically affected, however, these maliciously crafted links can only be reasonably made for know...

Apple-iPhone-and-iPod-Touch

Successfully exploiting these issues may allow attackers to execute arbitrary code, crash the affected application, obtain sensitive information, or direct unsuspecting victims to a spoofed site; other attacks are also possible. These issues affect iPhone 1.0 through 1.1.4 and iPod touch 1.1...

Fake H1N1 E-mail Alerts Lead to Malware

Malicious hackers are using fake alerts around H1N1 Swine Flu vaccines to trick end users into installing malware on Windows computers, according to warnings issued by computer security firms. The latest malware campaign begins with e-mail messages offering information regarding the H1N1...

Firefox self signed certificate flaw

Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also...

CVE-2004-0779

The vulnerability affects Mozilla 1.6, Firebird 0.7, and Firefox 0.8, where cached passwords for SSL sites are not properly restricted to SSL sessions. This allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site. Root cause: insufficient verification of SSL-...

CVE-2004-0779

The 1 Mozilla 1.6, 2 Firebird 0.7 and 3 Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site...