Astra Linux - уязвимость в webkit2gtk

A cookie management issue has been resolved through improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5. Processing maliciously crafted web content may disclose sensitive user information...

Astra Linux - уязвимость в webkit2gtk

A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. A malicious website may exfiltrate data cross-origin...

CVE-2018-4293

A cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6...

When AI Takes the Wheel: Security Analysis of Framework-Constrained Program Generation

In recent years, the AI wave has grown rapidly in software development. Even novice developers can now design and generate complex framework-constrained software systems based on their high-level requirements with the help of Large Language Models LLMs. However, when LLMs gradually "take the whee...

EUVD-2005-0150

Malware in sbrugna...

EUVD-2012-5516

Malware in sbrugna...

EUVD-2016-4551

Malware in sbrugna...

EUVD-2018-16079

Malware in sbrugna...

EUVD-2009-1995

Malware in sbrugna...

EUVD-2025-12102

Malicious code in bioql PyPI...

EUVD-2022-27807

Malicious code in bioql PyPI...

EUVD-2024-41208

Malicious code in bioql PyPI...

EUVD-2024-54257

Malicious code in bioql PyPI...

Security Bulletin: A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, which affects IBM watsonx.data

Summary A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apache HttpClient team. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-27820 DESCRIPTION: A bug in PSL validation...

Linux Distros Unpatched Vulnerability : CVE-2025-27820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discovered by the Apach...

Linux Distros Unpatched Vulnerability : CVE-2024-54467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18,...

Important: webkitgtk4

Issue Overview: A cookie management issue was addressed with improved state management. This issue is fixed in watchOS 11, macOS Sequoia 15, Safari 18, visionOS 2, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. CVE-2024-54467 The issue was addressed with...

Atlassian Confluence 9.2.4 < 9.2.6 / 9.4.x < 9.5.2 (CONFSERVER-100164)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-100164 advisory. - A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie management and host name verification. Discover...

Atlassian Jira Service Management Data Center and Server 5.12.23 < 5.12.24 / 10.3.x < 10.3.8 / 10.5.x < 10.7.2 (JSDSERVER-16269)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16269 advisory. - A bug in PSL validation logic in Apache HttpClient 5.4.x disables domain checks, affecting cookie...

CVE-2025-8037 Nameless cookies shadow secure cookies

Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the Secure attribute. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1...