Astra Linux - уязвимость в chromium

Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass the trusted types policy through a crafted HTML page...

Astra Linux - уязвимость в chromium

The inappropriate implementation of the HTML parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

Astra Linux - уязвимость в chromium

Inappropriate implementations of the Extensions API in Google Chrome prior to version 101.0.4951.41 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data through a crafted Chrome Extension...

EUVD-2026-9367

A Reflected Cross-Site Scripting XSS vulnerability in the /IDCLogging/index.cgi endpoint of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 allows a remote attacker to execute arbitrary web scripts or HTML. The vulnerability is...

CVE-2026-28774

An OS Command Injection vulnerability exists in the web-based Traceroute diagnostic utility of International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101. An authenticated attacker can inject arbitrary shell metacharacters such as the pip...

CVE-2026-28769

A path traversal vulnerability exists in the /IDCLogging/checkifdone.cgi script in International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web management portal version 101. An authenticated attacker can manipulate the file parameter to traverse directories and enumerate...

CVE-2026-28772

CVE-2026-28772 describes a Reflected XSS in the IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface (version 101) affecting the /IDC_Logging/index.cgi endpoint. The vulnerability arises when the submitType parameter is reflected into the DOM without proper escaping, allowing an at...

CVE-2026-28771 Reflected XSS In /index.cgi Endpoint On IDC Satellite Receiver Web Management Interface Version 101

A Reflected Cross-Site Scripting XSS vulnerability exists in the /index.cgi endpoint of International Datacasting Corporation IDC SFX Series SuperFlex Satellite Receiver Web Management Interface version 101. The application fails to adequately sanitize user-supplied input provided via the cat...

International Datacasting SFX Series SuperFlex Satellite Receiver Web management interface 安全漏洞

The International Datacasting SFX Series SuperFlex Satellite Receiver Web management interface is a web-based management backend for the satellite receiver devices produced by the International Datacasting company. Version 101 of the International Datacasting SFX Series SuperFlex Satellite Receiv...

International Datacasting SFX Series SuperFlex Satellite Receiver Web management interface 安全漏洞

The International Datacasting SFX Series SuperFlex Satellite Receiver Web management interface is a web-based management backend for the satellite receiver devices produced by the International Datacasting company. Version 101 of the International Datacasting SFX Series SuperFlex Satellite Receiv...

EUVD-2022-37440

Malicious code in bioql PyPI...

D-Link GO-RT-AC750 Security Vulnerability

The D-Link GO-RT-AC750 is a wireless dual-band simple router from China-based AUO D-Link. A security vulnerability exists in the D-Link GO-RT-AC750 GORTAC750A1FWv101b03 version, which stems from the use of hard-coded passwords. An attacker could exploit this vulnerability to gain root access via ...

CVE-2022-31738

When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...

UBUNTU-CVE-2022-1479

Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2022-1499

Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

CVE-2022-1497

Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to spoof the contents of cross-origin websites via a crafted HTML page...

Mozilla: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11

The Mozilla Foundation Security Advisory describes this flaw as: The Mozilla Fuzzing Team reporting potential vulnerabilities present in Firefox 101 and Firefox ESR 91.10. Some of these bugs showed evidence of memory corruption, and we presume that with enough effort, some of these could have bee...

Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume th...

Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume th...

Mozilla: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10

The Mozilla Foundation Security Advisory describes this flaw as: Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume th...