16 matches found
EUVD-2013-0936
Malware in sbrugna...
EUVD-2011-1817
Malware in sbrugna...
EUVD-2020-7934
Malware in sbrugna...
EUVD-2019-15351
Malware in sbrugna...
EUVD-2016-2753
Malware in sbrugna...
EUVD-2016-2795
Malware in sbrugna...
EUVD-2021-8619
Malicious code in bioql PyPI...
EUVD-2025-23909
Malicious code in bioql PyPI...
EUVD-2024-51523
Malicious code in bioql PyPI...
CVE-2025-1936 Adding %00 and a fake extension to a jar: URL changed the interpretation of the contents
jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was used to determine the type of content. This could have been used to hide code in a web extension...
PYSEC-2025-19
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not...
CVE-2025-0446
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...
Moderate: Red Hat Security Advisory: libtar security update
An update for libtar is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Mozilla: Extensions could have opened external schemes without user knowledge
The Mozilla Foundation Security Advisory describes this flaw as: Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such...
chromium-browser: Excessive permissions for private API in Extensions
Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page...
CVE-2000-0413
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path...