PT-2026-7178

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to 20260208.1, the application fails to filter the phar:// protocol in URL validation, allowing attackers to upload a malicious Phar Polyglot file disguised as JPEG via the image...

EUVD-2014-9097

Malware in sbrugna...

EUVD-2025-7440

Malicious code in bioql PyPI...

EUVD-2022-27891

Malicious code in bioql PyPI...

EUVD-2022-27882

Malicious code in bioql PyPI...

EUVD-2022-7280

Malicious code in bioql PyPI...

EUVD-2022-53468

Malicious code in bioql PyPI...

SUSE CVE-2025-47933

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.13.8, 2.14.13, and 3.0.4, an attacker can perform arbitrary actions on behalf of the victim via the API. Due to the improper filtering of URL protocols in the repository page, an attacker can achieve...

Cross-Site Scripting (XSS)

github.com/argoproj/argo-cd is vulnerable to cross-site scripting XSS. The vulnerability is due to improper URL protocol filtering on the repository page, allowing attackers to perform actions such as creating, modifying, and deleting Kubernetes resources via the API...

CVE-2024-44206

An issue in the handling of URL protocols was addressed with improved logic. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. A user may be able to bypass some web content restrictions...

CVE-2025-1935

A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

CVE-2025-1935

A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability affects Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

CVE-2025-1935 Clickjacking the registerProtocolHandler info-bar

A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

CVE-2025-1935

CVE-2025-1935 is described in connected advisories as a UI/protocol-handler spoof affecting Firefox and Thunderbird before versions 136 (Firefox) / 128.8 (Firefox ESR) and before 136 (Thunderbird) / 128.8 (Thunderbird). The issue allows a malicious web page to coax a user into setting that site a...

CVE-2025-1935 Clickjacking the registerProtocolHandler info-bar

A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

CVE-2025-1935

A web page could trick a user into setting that site as the default handler for a custom URL protocol. This vulnerability was fixed in Firefox 136, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

PT-2025-9660 · Mozilla +10 · Firefox +10

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 136 Firefox ESR versions prior to 128.8 Description: A web page could trick a user into setting that site as the default handler for a custom URL protocol. Recommendations: For Firefox versions prior to 136, update t...

Security Vulnerabilities fixed in Thunderbird 136 — Mozilla

Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which instead contained an OpenPGP signed message, were wrongly shown as being encrypted. When requesting an OpenPGP key from a WKD server, an incorrect padding size was used and a network observer could hav...

Security Vulnerabilities fixed in Firefox ESR 128.8 — Mozilla

In resizeToAtLeast of SkRegion.cpp, there was a possible out of bounds write due to an integer overflow On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. It was possibl...

CVE-2020-15258

In Wire before 3.20.x, shell.openExternal was used without checking the URL. This vulnerability allows an attacker to execute code on the victims machine by sending messages containing links with arbitrary protocols. The victim has to interact with the link and sees the URL that is opened. The...