Lucene search
+L

88 matches found

SUSE Linux
SUSE Linux
added 2026/03/30 5:34 p.m.3 views

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.0: CVE-2023-43010: processing maliciously crafted web content may lead to memory corruption bsc1259950. CVE-2025-31223: processing maliciously crafted web content may lead to memory corruption bsc1259949. CVE-2025-3127...

8.8CVSS7.1AI score0.01481EPSS
Exploits2References84
SUSE CVE
SUSE CVE
added 2026/03/20 12:29 a.m.5 views

SUSE CVE-2026-20676

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

5.3CVSS5.7AI score0.00222EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/02/13 1:31 a.m.9 views

CVE-2026-20676

A flaw was found in WebKitGTK. A malicious website can track users through web extensions due to improper state management. Mitigation Do not visit untrusted websites. Also, do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require...

6.5CVSS5.8AI score0.00222EPSS
Exploits0References4
NVD
NVD
added 2026/02/11 11:16 p.m.7 views

CVE-2026-20676

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

5.3CVSS0.00222EPSS
Exploits0References4
OSV
OSV
added 2026/02/11 11:16 p.m.3 views

DEBIAN-CVE-2026-20676

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

5.3CVSS7.7AI score0.00222EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 11:16 p.m.12 views

UBUNTU-CVE-2026-20676

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

5.3CVSS7.2AI score0.00222EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/11 10:58 p.m.34 views

CVE-2026-20676

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

0.00222EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/11 10:58 p.m.15 views

CVE-2026-20676

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

5.3CVSS5.8AI score0.00222EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/14 3:31 p.m.5 views

EUVD-2025-34198

Starting in Firefox 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox 144 and Thunderbird 144...

5.9AI score0.00331EPSS
Exploits0References4
OSV
OSV
added 2025/10/14 1:15 p.m.5 views

CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability affects Firefox 144 and Thunderbird 144...

9.8CVSS5.8AI score0.00331EPSS
Exploits0References3
NVD
NVD
added 2025/10/14 1:15 p.m.6 views

CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

9.8CVSS0.00331EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/10/14 12:27 p.m.2 views

CVE-2025-11719

Starting in Thunderbird 143, the use of the native messaging API by web extensions on Windows could lead to crashes caused by use-after-free memory corruption. This vulnerability was fixed in Firefox 144 and Thunderbird 144...

9.8CVSS5.8AI score0.00331EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2002-0479

Malware in sbrugna...

5CVSS6.4AI score0.02144EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-30460

Malicious code in bioql PyPI...

4.3CVSS7AI score0.00329EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 12:45 a.m.7 views

CVE-2022-32868

A logic issue was addressed with improved state management. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. A website may be able to track users through Safari web extensions...

4.3CVSS5.7AI score0.00848EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/03/13 7:11 a.m.9 views

firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was...

7.3CVSS6.7AI score0.00413EPSS
Exploits0References7
The Hacker News
The Hacker News
added 2025/03/10 2:47 p.m.40 views

Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials

Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on. "The polymorphic extensions create a pixel perfect replica of the target's icon, HTML popup, workflows and even temporarily disables the legitimate...

6.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/03/10 6:17 a.m.7 views

firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was...

7.3CVSS6.7AI score0.00413EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/03/10 6:14 a.m.4 views

firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was...

7.3CVSS6.7AI score0.00413EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/03/10 6:13 a.m.7 views

firefox: Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was...

7.3CVSS6.7AI score0.00413EPSS
Exploits0References7
Rows per page
Query Builder