Lucene search
K

8 matches found

CVE
CVE
added 2026/05/11 4:55 p.m.33 views

CVE-2026-41431

Zen Browser ships a MAR updater (org.mozilla.updater) with signature verification removed, leaving MAR files unsigned and the updater without verification code. Prior to version 1.19.9b, this enables arbitrary unsigned updates if the update server or GitHub release pipeline is compromised. The is...

8CVSS6AI score0.00199EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/04/11 9:16 a.m.25 views

Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages

Cybersecurity researchers have detailed the inner workings of the cryptocurrency stealer malware that was distributed via 13 malicious NuGet packages as part of a supply chain attack targeting .NET developers. The sophisticated typosquatting campaign, which was uncovered by JFrog late last month,...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/09/19 12:0 a.m.3 views

PT-2022-25421

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker suitably positioned on the network could intercept the update request and deliver a...

6.4AI score0.00274EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2014/01/21 2:9 p.m.6 views

Google Pulls Adware Extensions from Chrome Store

Two Chrome extensions went from legitimate browsing ad-ons to adware-spewing nuisances in the blink of a legitimate transaction. Google recently took action against the Add to Feedly and Tweet this Page extensions, removing both from the Chrome Store after they were sold to adware brokers and fou...

0.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2012/04/25 2:30 p.m.15 views

Firefox 12 Debuts With Silent Update Mechanism

Mozilla has released version 12 of Firefox and the big change in the popular browser is the inclusion of a new update mechanism that will allow users to enable automatic updates that won’t require user interaction. The mechanism is similar to what Google Chrome has and is part of a trend toward...

0.5AI score
Exploits0References2
securityvulns
securityvulns
added 2011/12/19 12:0 a.m.73 views

[MATTA-2011-003] Restorepoint Remote root command execution vulnerability - CVE-2011-4201 CVE-2011-4202

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matta Consulting - Matta Advisory https://www.trustmatta.com Restorepoint Remote root command execution vulnerability Advisory ID: MATTA-2011-003 CVE reference: CVE-2011-4201 - Code injection vulnerability CVE-2011-4202 - Privilege escalation through...

9.3CVSS1.2AI score0.02381EPSS
Exploits1
Packet Storm
Packet Storm
added 2011/12/08 12:0 a.m.56 views

Restorepoint 3.2-Evaluation Remote Root Command Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matta Consulting - Matta Advisory https://www.trustmatta.com Restorepoint Remote root command execution vulnerability Advisory ID: MATTA-2011-003 CVE reference: CVE-2011-4201 - Code injection vulnerability CVE-2011-4202 - Privilege escalation through...

9.3CVSS0.3AI score0.02381EPSS
Exploits1
ThreatPost
ThreatPost
added 2011/04/14 2:47 p.m.9 views

Adobe to Patch Flash Zero Day on Windows, Mac on Friday

Adobe is planning to patch the recently disclosed Flash Player vulnerability on Friday for users on Windows, Mac OS X and Linux. The vulnerability is being used in targeted attacks right now that use malicious Word documents. Adobe said on Wednesday night that it plans to push out the Flash Playe...

1AI score
Exploits0References3
Rows per page
Query Builder