139 matches found
firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume th...
EUVD-2021-26519
Malware in sbrugna...
EUVD-2008-6964
Malware in sbrugna...
EUVD-2017-15990
Malware in sbrugna...
EUVD-2013-7270
Malware in sbrugna...
EUVD-2018-12146
Malware in sbrugna...
EUVD-2018-2038
Malware in sbrugna...
EUVD-2018-1826
Malware in sbrugna...
EUVD-2021-25785
Malware in sbrugna...
EUVD-2022-6497
Malicious code in bioql PyPI...
EUVD-2022-24817
Malicious code in bioql PyPI...
EUVD-2023-49832
Malicious code in bioql PyPI...
EUVD-2025-9770
Malicious code in bioql PyPI...
Liferay Portal CAPTCHA Bypass for Gogo Shell
The vulnerable code can bypass the Captcha check in Liferay Portal 7.4.3.80 through 7.4.3.132, and Liferay DXP 2024.Q1.1 through 2024.Q1.19, 2024.Q2.0 through 2024.Q2.13, 2024.Q3.0 through 2024.Q3.13, 2024.Q4.0 through 2024.Q4.7, 2025.Q1.0 through 2025.Q1.15 and 7.4 update 80 through update 92 an...
CVE-2021-21307
Lucee Server is a dynamic, Java based JSR-223, tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unauthenticated remote code exploit. This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a...
Alibaba Cloud Linux 3 : 0003: java-11-openjdk (ALINUX3-SA-2022:0003)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0003 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-35550: Vulnerability in the Java...
PT-2025-19906 · Peprodev · Peprodev Ultimate Profile Solutions
Name of the Vulnerable Software and Affected Versions: PeproDev Ultimate Profile Solutions versions 1.9.1 through 7.5.2 Description: The issue is related to the lack of proper authentication in the handel ajax req function, specifically with the change user meta functionality. This allows attacke...
SAP Netweaver Unauthorized Access Vulnerability
SAP NetWeaver is SAP's integrated technology platform. An unauthorized access vulnerability exists in SAP Netweaver that stems from an authorization check bypass and can be exploited by an attacker to gain unauthorized access to ABAP code...
📄 NEWS-BUZZ 1.0 SQL Injection
NEWS-BUZZ version 1.0 suffers from a remote SQL injection vulnerability. Exploit Title: NEWS-BUZZ News Management System - SQL Injection Google Dork: N/A Exploit Author: egsec Date: 2024-11-03 Vendor Homepage: https://code-projects.org Software Link:...
Mobile Security Framework (MobSF) has a SSRF Vulnerability fix bypass on assetlinks_check with DNS Rebinding
Summary The latest deployed fix for the SSRF vulnerability is through the use of the call validhost. The code available at lines /ae34f7c055aa64fca58e995b70bc7f19da6ca33a/mobsf/MobSF/utils.pyL907-L957 is vulnerable to SSRF abuse using DNS rebinding technique. PoC The following proof of concept:...