2403 matches found
Google Chrome < 144.0.7559.109 Vulnerability
The version of Google Chrome installed on the remote macOS host is prior to 144.0.7559.109. It is, therefore, affected by a vulnerability as referenced in the 202601stable-channel-update-for-desktop27 advisory. - Inappropriate implementation in Background Fetch API in Google Chrome prior to...
Google Chrome < 144.0.7559.109 Vulnerability
The version of Google Chrome installed on the remote Windows host is prior to 144.0.7559.109. It is, therefore, affected by a vulnerability as referenced in the 202601stable-channel-update-for-desktop27 advisory. - Inappropriate implementation in Background Fetch API in Google Chrome prior to...
chromium -- security fix
Chrome Releases reports: This update includes 1 security fix: 474435504 High CVE-2026-1504: Inappropriate implementation in Background Fetch API. Reported by Luan Herrera @lbherrera on 2026-01-09...
libpng: LIBPNG buffer overflow
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...
libpng: LIBPNG buffer overflow
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...
CVE-2026-0593
The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the processBackgroundAction function in all versions up to, and including, 10.0.04. This makes it possible for authenticated attackers, with...
CVE-2026-0593
The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the processBackgroundAction function in all versions up to, and including, 10.0.04. This makes it possible for authenticated attackers, with...
CVE-2026-0593 WP Go Maps (formerly WP Google Maps) <= 10.0.04 - Missing Authorization to Authenticated (Subscriber+) Map Engine Setting Modification
The WP Go Maps formerly WP Google Maps plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the processBackgroundAction function in all versions up to, and including, 10.0.04. This makes it possible for authenticated attackers, with...
WordPress plugin WP Go Maps has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2025-47666
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image FullScreen Background: from n/a through = 1.6.7...
Malicious code in tableates (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c69d9a3e244227f4e4146b60829ead907656c47989b3b83e1e5f56a2c06064ff Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
MAL-2026-492 Malicious code in tableates (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c69d9a3e244227f4e4146b60829ead907656c47989b3b83e1e5f56a2c06064ff Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
Malicious code in tabletes (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b0e46bf0a52fee42a54e122a61b6da920b8d08234f109ab1da45c7f6c7042ef2 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
MAL-2026-490 Malicious code in tabletes (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b0e46bf0a52fee42a54e122a61b6da920b8d08234f109ab1da45c7f6c7042ef2 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...
libpng: LIBPNG buffer overflow
A buffer overflow flaw has been discovered in libpng. An out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALPHA enabled. The palette compositing code in pnginitreadtransformations incorrectly applies background compositing during...
CVE-2025-47666
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...
CVE-2025-47666
CVE-2025-47666 is a reflected Cross-Site Scripting vulnerability in LambertGroup Image&Video FullScreen Background (lbg_fullscreen_fullwidth_slider) affecting versions through 1.6.7. The issue, described in multiple sources, arises from improper input neutralization during web page generation and...
CVE-2025-47666 WordPress Image&Video FullScreen Background plugin <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...
CVE-2025-47666 WordPress Image&Video FullScreen Background plugin <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image&Video FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image&Video FullScreen Background: from n/a through = 1.6.7...
CVE-2025-47666
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Image FullScreen Background lbgfullscreenfullwidthslider allows Reflected XSS.This issue affects Image FullScreen Background: from n/a through = 1.6.7...