EUVD-2006-3452

Malware in sbrugna...

EUVD-2022-43484

Malicious code in bioql PyPI...

CVE-2022-40181

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

InstallEmbeddedBrowser=N param is not honored by CWA 2403

The installation process for Citrix Workspace App for Windows 2403 is unable to honor command line parameters correctly, causing Citrix Enterprise Browser CEB to be installed even when the switch “InstallEmbeddedBrowser” is set to “N” Example : CitrixWorkspaceApp.exe /silent InstallEmbeddedBrowse...

Design/Logic Flaw

A CWE-693 “Protection Mechanism Failure” vulnerability in the embedded Chromium browser concerning the handling of alternative URLs, other than “ http://localhost” http://localhost” allows a physical attacker to read arbitrary files on the file system, alter the configuration of the embedded...

AiLux imx6 Security Vulnerability

AiLux imx6 is a computing module from AiLux. AiLux imx6 A security vulnerability exists in versions prior to imx6 imx61.0.7-2, which stems from a failure of a protection mechanism that allows a physical attacker to read arbitrary files on the system, change the configuration of the embedded...

CVE-2023-37856

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser...

CVE-2023-37855

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser...

Multiple Siemens products open to redirection vulnerabilities

Siemens Desigo PX is a building automation control system from Siemens Germany. Several Siemens products have an open redirection vulnerability, which stems from the fact that the device's embedded browser does not prevent interaction with an alternate URI scheme when the Web application code...

CVE-2022-40181

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

CVE-2022-40182

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

CVE-2022-40181

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

Race condition

A vulnerability has been identified in Desigo PXM30-1 All versions V02.20.126.11-41, Desigo PXM30.E All versions V02.20.126.11-41, Desigo PXM40-1 All versions V02.20.126.11-41, Desigo PXM40.E All versions V02.20.126.11-41, Desigo PXM50-1 All versions V02.20.126.11-41, Desigo PXM50.E All versions...

PT-2022-25262 · Siemens · Desigo Pxm40-1 +9

Name of the Vulnerable Software and Affected Versions: Desigo PXM30-1 versions prior to V02.20.126.11-41 Desigo PXM30.E versions prior to V02.20.126.11-41 Desigo PXM40-1 versions prior to V02.20.126.11-41 Desigo PXM40.E versions prior to V02.20.126.11-41 Desigo PXM50-1 versions prior to...

CVE-2020-8240

A vulnerability in the Pulse Secure Desktop Client 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is configured with the...

CVE-2020-8240

CVE-2020-8240 affects the Pulse Secure Desktop Client prior to 9.1R9. The issue allows a restricted user on Windows to obtain system-level privileges when the Embedded Browser is configured with Credential Provider (affecting Windows PDC only). The vulnerability is part of a set of issues in Puls...

CVE-2020-8240

A vulnerability in the Pulse Secure Desktop Client 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is configured with the...

Exclusion of Citrix embedded browser from the Citrix Workspace app 1912 LTSR for Windows

The Citrix Workspace app Long Term Service Release LTSR is released on a less frequent cadence with an extended lifecycle than the Workspace app Current Releases CR, offering predictability and less changes to the product. The Citrix Workspace app LTSR offers Cumulative Updates CU that contain...

Apple iTunes security vulnerabilities

Buffer overflow on .m3u parsing, buffer overflow in embedded browser...

Sony Playstation 3内嵌浏览器多个拒绝服务漏洞

Sony Playstation 3（PS3）是索尼公司推出的新一代游戏机。 PS3内嵌的NetFront浏览器实现上存在漏洞，攻击者可能利用此漏洞导致设备不可用。 PS3中内嵌了NetFront作为其内部浏览器显示XMB图形用户界面，这个浏览器中存在多个漏洞。如果用户受骗打开了恶意的WEB页面的话，就可能触发缓冲区溢出，导致游戏机崩溃，必须硬件重启才能恢复操作。 Sony Playstation 3 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.playstation.com/...