429 matches found
Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages
Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a malicious website silently install a browser add-on and use it to lift specific data from the pages a victim visits. In a proof of concept, they reconstructed a signed-in user's full Gmail address fr...
MAL-2026-6480 Malicious code in gx-npm-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e919710d2f28ec776b8165821ebe2fbe480c1e432ec9416c7b73bd1315ee6a6e Package published at version 99.99.99 under a generic name gx-npm-lib — the canonical dependency-confusion shape used to overshadow internal packages...
MAL-2026-6481 Malicious code in gx-npm-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04e5ac6b8b24f2c158c37d3d6ac268bbf7f472433660064491538ee468cfcfcb Package published at version 99.99.99 under the gx-npm- namespace, a shape designed to win npm version resolution against private internal packages o...
Malicious code in gx-npm-feature-flags (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fcad1b944d9ceb92389673398df9f471911a788fe608774a3298c69900bb1c7 [email protected] is a dependency-confusion squat max-semver 99.99.99 on a gx--prefixed name to outrank a private internal package that...
CVE-2026-45431
This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...
CVE-2026-45433
This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...
CVE-2026-45432
This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...
CVE-2026-45432
This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...
CVE-2026-45433
This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...
CVE-2026-45433 Hardcoded Cryptographic Key Vulnerability in GX Earth ONT Models
This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...
CVE-2026-45433 Hardcoded Cryptographic Key Vulnerability in GX Earth ONT Models
This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...
CVE-2026-45433
CVE-2026-45433 affects GX Earth 2022 ONT models. The issue is a hardcoded RSA private key embedded in device firmware, enabling a remote attacker to extract the key and potentially decrypt HTTPS traffic, enabling MITM attacks on the affected devices. The connected CVE listing documents this root ...
CVE-2026-45432
This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...
CVE-2026-45432 Cleartext Transmission of Credentials Vulnerability in GX Earth ONT Models
This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...
CVE-2026-45432 Cleartext Transmission of Credentials Vulnerability in GX Earth ONT Models
This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...
CVE-2026-45432
The CVE-2026-45432 entry describes a vulnerability in GX Earth ONT models where user credentials are transmitted in cleartext over HTTP in the device’s web management interface. This allows a remote attacker who can intercept network traffic to obtain sensitive authentication data, potentially le...
CVE-2026-45431
This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...
CVE-2026-45431 Command Injection Vulnerability in GX Earth ONT Models
This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands on the targeted...
CVE-2026-45431
CVE-2026-45431 affects GX Earth ONT models. The issue stems from improper handling of user-supplied input in multiple diagnostic functions within the web management interface, enabling an authenticated remote attacker to inject commands and achieve remote code execution with root privileges. The ...
PT-2026-46195
This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information, which could lead ...