51 matches found
EUVD-2019-8783
Malware in sbrugna...
EUVD-2022-51551
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-6614
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution ...
DEBIAN-CVE-2025-24143
The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user...
UBUNTU-CVE-2025-24143
The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user...
About the security content of macOS Ventura 13.7.3
About the security content of macOS Ventura 13.7.3 This document describes the security content of macOS Ventura 13.7.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
About the security content of Safari 18.3
About the security content of Safari 18.3 This document describes the security content of Safari 18.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...
ROS-20250109-07
A vulnerability in the Downloads component of Microsoft Edge and Google Chrome browsers is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity, and availability of protected information...
SUSE CVE-2024-11117
Inappropriate implementation in FileSystem in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Low...
GHSA-VV6C-69R6-CHG9 Go-Landlock in best-effort mode did not restrict TCP bind and connect operations correctly
Impact When using the recommended "best-effort" mode, Go-Landlock did not restrict the TCP bind and connect operations any more when they were requested. This affects Go-Landlock users to whom both of the following conditions apply: They use Landlock rulesets that are supposed to restrict...
Fedora 37 : chromium (2023-6c8de2cd15)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-6c8de2cd15 advisory. update to 115.0.5790.170. Fixes several security issues Tenable has extracted the preceding description block directly from the Fedora security...
DEBIAN-CVE-2023-0140
Inappropriate implementation in in File System API in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2023-0140
Inappropriate implementation in in File System API in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. Chromium security severity: Low...
Design/Logic Flaw
Inappropriate implementation in in File System API in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2023-0140
Inappropriate implementation in in File System API in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2022-4190
Insufficient data validation in Directory in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-4190
Insufficient data validation in Directory in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-4190
Insufficient data validation in Directory in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-4193
Insufficient policy enforcement in File System API in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-4190
CVE-2022-4190 affects Google Chrome/Chromium prior to version 108.0.5359.71, due to insufficient data validation in Directory. A remote attacker could bypass file system restrictions via a crafted HTML page. The Chrome blog release notes document fixes for this and related CVEs; chromium/chrome m...