52 matches found
CVE-2026-11209
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
IBM WebSphere Application Server Security Feature Issue Vulnerability (CNVD-2026-19182)
IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server WAS suffers from a...
IBM WebSphere Application Server 安全特征问题漏洞
IBM WebSphere Application Server WAS is an application server product from International Business Machines IBM. The product is a platform for JavaEE and Web services applications and is the foundation of the IBM WebSphere software platform. IBM WebSphere Application Server WAS suffers from a...
CVE-2021-22138
In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature. When specifying a trusted server CA certificate Logstash would not properly verify the certificate returned by the monitoring server. This could result in a man in...
EUVD-2021-25555
Malware in sbrugna...
EUVD-2015-9147
Malware in sbrugna...
EUVD-2025-19724
Malicious code in bioql PyPI...
CVE-2025-52983
A UI Discrepancy for Security Feature vulnerability in the UI of Juniper Networks Junos OS on VM Host systems allows a network-based, unauthenticated attacker to access the device. On VM Host Routing Engines RE, even if the configured public key for root has been removed, remote users which are i...
CVE-2025-52983
A UI Discrepancy for Security Feature vulnerability in the UI of Juniper Networks Junos OS on VM Host systems allows a network-based, unauthenticated attacker to access the device. On VM Host Routing Engines RE, even if the configured public key for root has been removed, remote users which are i...
CVE-2025-5264
Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbir...
CVE-2022-24682
An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 update 1, as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing...
Linux Distros Unpatched Vulnerability : CVE-2022-49273
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc...
CVE-2025-0475
The CVE-2025-0475 affects GitLab CE/EE versions 15.10 up to 17.7.6, 17.8 up to 17.8.4, and 17.9 up to 17.9.1. A proxy feature could allow unintended content rendering and cross-site scripting (XSS) under specific conditions. Remediation: upgrade to GitLab 17.7.6, 17.8.4, or 17.9.1 (the fixed rele...
CVE-2025-0475 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. A proxy feature could potentially allow unintended content rendering leading to XSS under specific circumstances...
CVE-2024-56138
notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. This issue was identified during Quarkslab's audit of the timestamp feature. During the timestamp signature generation, the revocation status of the certificates used to...
TP-LINK TL-WR940N Security Feature Issue Vulnerability
The TP-LINK TL-WR940N is a wireless router from China P&L TP-LINK. The TP-Link TL-WR940N suffers from a Security Feature Issue vulnerability that stems from a lack of sufficient randomness in the serial number used for session management. An attacker could exploit the vulnerability to bypass...
TP-LINK TL-WR940N 安全特征问题漏洞
The TP-LINK TL-WR940N is a wireless router from China P&L TP-LINK. The TP-Link TL-WR940N suffers from a Security Feature Issue vulnerability that stems from a lack of sufficient randomness in the serial number used for session management. An attacker could exploit the vulnerability to bypass...
Mozilla Firefox Security Feature Issue Vulnerability (CNVD-2023-05206)
Mozilla Firefox is an open source Web browser from the Mozilla Foundation. Mozilla Firefox is vulnerable to a security feature issue that stems from a lack of security checks in the sourceMapURL feature of devtools. A remote attacker could use the vulnerability to trick a victim into performing...
Mozilla Firefox 安全特征问题漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox has a security signature issue vulnerability that can be exploited by remote attackers to perform privilege escalation...
Cisco Unified IP Phones Security Feature Issue Vulnerability
Cisco Unified IP Phones is a series of IP phones from Cisco, U.S.A. A security feature issue vulnerability exists in Cisco Unified IP Phones, which stems from the failure to properly generate keys during the manufacturing process resulting in the installation of duplicate manufacturing keys on...