64 matches found
CVE-2026-9078 Firefox iOS RTL Domain Rendering Issue in Link Preview
Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...
Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data
Cybersecurity researchers have disclosed a new set of vulnerabilities impacting OpenAI's ChatGPT artificial intelligence AI chatbot that could be exploited by an attacker to steal personal information from users' memories and chat histories without their knowledge. The seven vulnerabilities and...
EUVD-2007-1646
Malware in sbrugna...
EUVD-2006-4378
Malware in sbrugna...
EUVD-2002-1572
Malware in sbrugna...
EUVD-2005-1189
Malware in sbrugna...
EUVD-2025-24216
Malicious code in bioql PyPI...
EUVD-2024-44589
Malicious code in bioql PyPI...
CVE-2025-42934
SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. An attacker with user-level privileges can bypass the allowlist and insert untrusted sites into the 'Trusted Sites' configuration by injecting line feed LF characters into application inputs. This vulnerability has a low impact on the...
CVE-2025-42934
SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. An attacker with user-level privileges can bypass the allowlist and insert untrusted sites into the 'Trusted Sites' configuration by injecting line feed LF characters into application inputs. This vulnerability has a low impact on the...
CVE-2025-42934
Context: CVE-2025-42934 affects SAP S/4HANA Supplier invoice. What’s vulnerable: CRLF injection in inputs that bypasses the allowlist, enabling injection of untrusted sites into the Trusted Sites configuration. Affects SAP S/4HANA Supplier invoice functionality; root cause described as LF-based i...
CVE-2025-42934 CRLF Injection vulnerability in SAP S/4HANA (Supplier invoice)
SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. An attacker with user-level privileges can bypass the allowlist and insert untrusted sites into the 'Trusted Sites' configuration by injecting line feed LF characters into application inputs. This vulnerability has a low impact on the...
CVE-2025-42934 CRLF Injection vulnerability in SAP S/4HANA (Supplier invoice)
SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. An attacker with user-level privileges can bypass the allowlist and insert untrusted sites into the 'Trusted Sites' configuration by injecting line feed LF characters into application inputs. This vulnerability has a low impact on the...
PT-2025-32600 · Sap · Sap S/4Hana
Name of the Vulnerable Software and Affected Versions: SAP S/4HANA affected versions not specified Description: SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. An attacker with user-level privileges can bypass the allowlist and insert untrusted sites into the 'Trusted Sites'...
Security update for git
This update for git fixes the following issues: CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites bsc1235600. CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers bsc1235601. Patch Instructions: To install this SUSE update use the SUSE...
Security update for git
This update for git fixes the following issues: CVE-2024-32002: Fix recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion. bsc1224168 CVE-2024-32004: Fixed arbitrary code execution during local clones. bsc1224170 CVE-2024-32020: Fix file...
SUSE SLES15 Security Update : git (SUSE-SU-2025:0144-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0144-1 advisory. - CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites bsc1235600. - CVE-2024-52006: Carriage Returns via t...
firefox: thunderbird: Permission leak via embed or object elements
The Mozilla Foundation's Security Advisory: A permission leak could occur from a trusted site to an untrusted site via embed or object elements...
CVE-2024-10458
A permission leak could have occurred from a trusted site to an untrusted site via embed or object elements. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...
Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks
Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic. The end goal of the campaigns are broad and varied, allowing threat actors to compromis...