10 matches found
EUVD-2026-39559
A CRL critical extension bypass exists in ParseCRLExtensions where critical extensions are not properly enforced, allowing a crafted CRL with an unhandled critical extension to be accepted. This only affects builds with CRL support enabled and where a crafted CRL had a trusted signature when pars...
PT-2026-52585
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A critical extension bypass exists in the ParseCRL Extensions function. The issue occurs when critical extensions in a Certificate Revocation List CRL—a list of...
CVE-2026-40488
Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, the product custom option file upload in OpenMage LTS uses an incomplete...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the Extensions component’s policies, which could allow attackers to bypass access...
PT-2025-53436
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.23.0 Description A flaw exists that enables attackers to add attachments with file extensions that are normally prohibited. This is achieved by modifying the attachment name through the attachment API. The affected AP...
EUVD-2010-2097
Malware in sbrugna...
PT-2025-4135 · Cockpit Hq · Cockpit
Name of the Vulnerable Software and Affected Versions: cockpit-hq/cockpit versions prior to 2.4.1 Description: The issue allows for Arbitrary File Upload, where an attacker can bypass the upload filter by using different extensions. Recommendations: For cockpit-hq/cockpit versions prior to 2.4.1,...
Security update for Chromium (important)
Chromium was updated to 53.0.2785.89 to fix a number of security issues. The following vulnerabilities were fixed: boo996648 - CVE-2016-5147: Universal XSS in Blink. - CVE-2016-5148: Universal XSS in Blink. - CVE-2016-5149: Script injection in extensions. - CVE-2016-5150: Use after free in Blink....
Google Chrome < 53.0.2785.89 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 53.0.2785.89. It is, therefore, affected by multiple vulnerabilities as referenced in the 201608stable-channel-update-for-desktop31 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.89 o...
Google Chrome < 53.0.2785.89 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 53.0.2785.89. It is, therefore, affected by multiple vulnerabilities as referenced in the 201608stable-channel-update-for-desktop31 advisory. - Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.89 on...