EUVD-2026-30363

Due to improper input handling under certain conditions, SAP NetWeaver Application Server ABAP allows an attacker to inject custom Cascading Style Sheets CSS data into a web page served by the application. When a user accesses or clicks the affected page, the injected CSS is executed. As a result...

CVE-2026-3909

CVE-2026-3909 is a Google Chrome/Skia vulnerability: an out-of-bounds write in Skia could allow a remote attacker to trigger out-of-bounds memory access via a crafted HTML page. Affects Chrome before 146.0.7680.75; exploits are known to exist in the wild. Chrome/Chromium advisories note that fixe...

CVE-2019-25252

Teradek VidiU Pro 3.0.3 contains a cross-site request forgery vulnerability that allows attackers to change administrative passwords without proper request validation. Attackers can craft malicious web pages that automatically submit password change requests to the device when a logged-in...

Google Chrome Code Problem Vulnerability (CNVD-2025-29239)

Google Chrome is Google's web browser. A security vulnerability exists in Google Chrome versions prior to 134.0.6998.35, which stems from an inadequate validation mechanism for the web application installation process. The vulnerability can be exploited by an attacker to conduct an interface...

EUVD-2009-2193

Malware in sbrugna...

EUVD-2018-1831

Malware in sbrugna...

EUVD-2005-2144

Malware in sbrugna...

EUVD-2021-23145

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-6109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - readAsText can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to...

CVE-2023-23851

SAP Business Planning and Consolidation - versions 200, 300, allows an attacker with business authorization to upload any files including web pages without the proper file format validation. If other users visit the uploaded malicious web page, the attacker may perform actions on behalf of the...

CVE-2011-2602

The NVIDIA Geforce 310 driver 6.14.12.7061 on Windows XP SP3 allows remote attackers to cause a denial of service system crash via a crafted web page that is visited with Google Chrome or Mozilla Firefox, as demonstrated by the lots-of-polys-example.html test page in the Khronos WebGL SDK...

CVE-2024-34577

Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, WRC-X3000GS2A-B and WRC-X3000GST2-B due to improper processing of input values in easysetup.cgi. If a user views a malicious web page while logged in to the product, an arbitrary script may be executed on the user's web...

PT-2019-3006 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: The issue is related to errors in handling objects in memory by the Chakra JavaScript engine in Microsoft Edge. This could allow a remote attacker to execute arbitrary code using a...

PT-2019-3254 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling specially crafted embedded fonts in the Windows font library. Exploitation of this issue could allow a remote attacker to execute arbitrary code a...

Unspecified Vulnerability in Sony BRAVIA Smart TVs

Sony BRAVIA Smart TVs is a smart TV from Sony Japan. A security vulnerability exists in Sony BRAVIA Smart TVs. The vulnerability can be exploited by an attacker to cause the TV to jam with the help of a specially crafted web page...

AZL-41613 CVE-2019-10638 affecting package hyperv-daemons for versions less than 6.6.35.1-1

In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP. When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions of indices to the counter...

Cross-Site Scripting Vulnerability in Laravel PHP Framework

Laravel PHP Framework is a CMS system based on the php language. A cross-site scripting vulnerability exists in Laravel PHP Framework. The program fails to filter user-supplied input, which allows an attacker to construct a malicious web page and trick users into parsing it to execute arbitrary...

CVE-2016-6426

The jspringsecurityswitchuser function in Cisco Unified Intelligence Center CUIC 8.5.4 through 9.11, as used in Unified Contact Center Express 10.01 through 11.01, allows remote attackers to create user accounts by visiting an unspecified web page, aka Bug IDs CSCuy75027 and CSCuy81653...

Google Chrome pdfium Heap Memory Misreference Vulnerability

Google Chrome is an open source WEB browser. Google Chrome pdfium handling suffers from a heap memory misreference vulnerability that allows an attacker to construct a malicious WEB page and trick the user into parsing it, which can crash the application or execute arbitrary code...

Mozilla Firefox and Firefox ESR 'ReadbackResultWriterD3D11::Run' Buffer Overflow Vulnerability

Mozilla Firefox is an open source web browser. A security vulnerability exists in the Mozilla Firefox 'ReadbackResultWriterD3D11::Run' function, which allows attackers to construct a malicious WEB page and trick the user into parsing it, which can crash the application or execute arbitrary code...