EUVD-2022-55962

Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability in the execution of user-configured external applications that allows a local attacker to execute arbitrary binaries. Due to insufficient path sanitization, an attacker can place a malicious binar...

CVE-2020-37216

CVE-2020-37216 affects Hirschmann Industrial HiVision, specifically versions 08.1.03 before 08.1.04 and 08.2.00 . The issue is an untrusted search path vulnerability that lets local attackers execute arbitrary binaries by placing a malicious binary in the path of a configured external application...

CVE-2022-4987 Hirschmann Industrial HiVision External Application Path Hijacking Leading to Arbitrary Code Execution

Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability in the execution of user-configured external applications that allows a local attacker to execute arbitrary binaries. Due to insufficient path sanitization, an attacker can place a malicious binar...

CVE-2026-0870 GIGABYTE｜MacroHub - Local Privilege Escalation

MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges...

CVE-2025-10569 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to create a denial of service condition by providing crafted responses to external API calls...

EUVD-2020-0373

Malware in sbrugna...

EUVD-2020-26682

Malware in sbrugna...

EUVD-2023-29656

Malicious code in bioql PyPI...

EUVD-2025-19087

Malicious code in bioql PyPI...

CVE-2025-6431 The prompt in Firefox for Android that asks before opening a link in an external application could be bypassed

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. This bug only affects...

Security Vulnerabilities fixed in Firefox 140 — Mozilla

A use-after-free in FontFaceSet resulted in a potentially exploitable crash. An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. Th...

CVE-2020-5519

The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration External App" screen...

RRC Signaling Storm Detection in O-RAN

The Open Radio Access Network O-RAN marks a significant shift in the mobile network industry. By transforming a traditionally vertically integrated architecture into an open, data-driven one, O-RAN promises to enhance operational flexibility and drive innovation. In this paper, we harness O-RAN's...

CVE-2025-25374

Technical details about CVE-2025-25374 are not publicly available in the provided connected documents. Monitor for updates if more specifics on affected products, impact, and fixes are released.

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 136 that originates from external application launch spoofing...

mozilla: Firefox did not ask before openings news: links in an external application

The Mozilla Foundation's Security Advisory: Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating...

PT-2024-25924 · O Ran · O-Ran Near-Rt Ric

Name of the Vulnerable Software and Affected Versions: O-RAN Near-RT RIC I-Release affected versions not specified Description: An issue was discovered in appmgr, allowing an attacker to register an unintended RMR message type during xApp registration, which could disrupt other service components...

Tutanota Input Validation Error Vulnerability

Tutanota is a very security- and privacy-conscious email service from Tuta that encrypts email, contacts, and calendar entries on all devices. An input validation error vulnerability exists in versions prior to Tutanota 3.118.12, which stems from allowing a user to open a link in an email in an...

CVE-2023-25749

Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch an external application before doing so. This bug only affects Firefox for Android. Other version...

CVE-2021-34743 Cisco Webex Software Application Authorization Bypass Vulnerability

A vulnerability in the application integration feature of Cisco Webex Software could allow an unauthenticated, remote attacker to authorize an external application to integrate with and access a user's account without that user's express consent. This vulnerability is due to improper validation o...