RLSA-2025:10074 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Content-Disposition header ignored when a file is included in an embed or object tag CVE-2025-6430 firefox: Use-after-free in FontFaceSet CVE-2025-6424 firefox:...

CVE-2025-42956

SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to create a malicious link which they can make publicly available. When an authenticated victim clicks on this malicious link, injected input data will be used by the web site page generation to create...

Browser content redirection is supported for Citrix Workspace app 2402 LTSR now

Browser content redirection is supported for Citrix Workspace appCWA 2402 LTSR...

Malicious code in hwieiur (npm)

The package contains obfuscated code to load content from a suspicious external domain in the user's browser...

Malicious code in ywoeuwe (npm)

The package contains obfuscated code to load content from a suspicious external domain in the user's browser...

CVE-2020-16861

A cross site scripting vulnerability exists when Microsoft Dynamics 365 on-premises does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics...

Exclusion of Citrix embedded browser from the Citrix Workspace app 1912 LTSR for Windows

The Citrix Workspace app Long Term Service Release LTSR is released on a less frequent cadence with an extended lifecycle than the Workspace app Current Releases CR, offering predictability and less changes to the product. The Citrix Workspace app LTSR offers Cumulative Updates CU that contain...

Take a screenshot of browser content when Browser Content Redirection is active

When Browser Content Redirection is active, pressing the Print Screen button or using Win+Shift+S to capture a screenshot will only capture the frame of the Internet Explorer or Chrome window. This is a limitation of the feature, as the screenshot will be captured within the session, but the BCR...

How to Troubleshoot Browser Content Redirection

This article provides an overview of the Browser content redirection BCR feature and use cases before providing general troubleshooting guidelines. It is highly recommended that you first read through the Browser content redirection and Browser content redirection policy settings sections of the...

CVE-2017-11876

Microsoft Project Server and Microsoft SharePoint Enterprise Server 2016 allow an attacker to use cross-site forgery to read content that they are not authorized to read, use the victim's identity to take actions on the web application on behalf of the victim, such as change permissions and delet...

MSRT September 2016 release feature: Prifou

As part of our ongoing effort to provide better malware protection, the Microsoft Malicious Software Removal Tool MSRT release this September includes detections for: BrowserModifier:Win32/Prifou TrojanClicker:Win32/NightClick Trojan:Win32/Suweezy Trojan:Win32/Xadupi This blog discusses...

Microsoft Windows NetBIOS Spoofing Vulnerability

Microsoft Windows is the popular computer operating system. Certain versions of Windows have a spoofing vulnerability in the NetBIOS authentication response, which can be exploited by a remote attacker to hijack network traffic, bypass Enhanced Protected Mode or Application Container Protection...

Opera Stored Cross Site Scripting Vulnerability

====================================================== ================= = Opera Stored Cross Site Scripting Vulnerability = = Vendor Website: = http://www.opera.com = = Affected Version: = -- All desktop versions = = Public disclosure on 22nd October 2008 =...

Spoofing using custom cursor and CSS3 hotspot — Mozilla

David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using a large, mostly transparent, custom cursor and adjusting the CSS3 hotspot property so that the visible part of the cursor floated outside the browser content area...