3419 matches found
CVE-2026-7325
Improper authorization in the Active Directory browsing feature in Devolutions Server allows a low-privileged authenticated user to obtain authentication material associated with a stored PAM provider service account via authentication relay to an attacker-controlled server. This issue affects :...
CVE-2026-7325
The CVE-2026-7325 entry applies to Devolutions Server, with affected versions 2026.1.6.0–2026.1.16.0 and 2025.3.20.0 and earlier. The issue is an improper authorization in the Active Directory browsing feature that lets a low-privileged authenticated user obtain authentication material associated...
CVE-2026-7325
Improper authorization in the Active Directory browsing feature in Devolutions Server allows a low-privileged authenticated user to obtain authentication material associated with a stored PAM provider service account via authentication relay to an attacker-controlled server. This issue affects :...
Astra Linux – Vulnerability in Chromium
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Before version 104.0.5112.79, using "After Free" in Safe Browsing in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Insufficient validation of untrusted input in Google Chrome’s Safe Browsing feature before version 127.0.6533.72 allowed a remote attacker who convinced a user to perform certain UI gestures to bypass discretionary access control through a malicious file. Chromium security severity: Low...
Astra Linux – Vulnerability in WebKit2GTK
The issue was resolved by adding additional restrictions on CSS compositing. This issue has been fixed in tvOS 15, watchOS 8, iOS 15, and iPadOS 15. Visiting a maliciously crafted website may reveal a user’s browsing history...
Astra Linux – Vulnerability in Chromium
Before version 98.0.4758.80, using "After Free" in Safe Browsing in Google Chrome allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Firefox and Thunderbird
When checking whether the Browsing Context was discarded in HttpBaseChannel, if the load group was not available, it was assumed that the Browsing Context had already been discarded. However, this assumption was not always true for private channels after the private session ended. This...
Astra Linux – Vulnerability in Chromium
Before version 99.0.4844.74, using Safe Browsing in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Firefox and Thunderbird
If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files are not properly deleted when the window is closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...
Astra Linux – Vulnerability in Chromium
Before the release of 87.0.4280.141, users who were browsing safely in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Firefox
Service Workers did not correctly detect Private Browsing Mode in all cases, which could result in Service Workers being written to disk for websites visited in Private Browsing Mode. This would not preserve them in a state where they would run again, but it would allow Private Browsing Mode...
Astra Linux – Vulnerability in Chromium
Before version 106.0.5249.119, using “After Free” in Safe Browsing in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted Chrome Extension. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass Safe Browsing warnings through a malicious file. Chromium security severity: Medium...
Astra Linux – Vulnerability in Firefox
“EncryptingOutputStream” was vulnerable to exposing uninitialized data. This issue could only be exploited by writing data to a local disk, which may have implications for private browsing mode. This vulnerability affects Firefox ESR 115.6 and Firefox 121...
Astra Linux – Vulnerability in Chromium
Before version 87.0.4280.141, using free resources in safe browsing in Google Chrome allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Firefox
Firefox used to cache the last filename used for printing a file. When generating a filename for printing, Firefox usually suggests the web page title. The combination of caching and suggestion techniques may have led to the title of a website visited during private browsing mode being stored on...
Astra Linux – Vulnerability in Chromium
Before version 97.0.4692.99, using "After Free" in Safe Browsing in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Firefox
Under certain circumstances, the offline cache of a ServiceWorker may have been leaked to the file system when using private browsing mode. This vulnerability affects Firefox versions earlier than 111...