100 matches found
CVE-2026-44259
efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the previewServlet serves files with their detected MIME type based on file extension, without any content sanitization or security headers. Files with .html, .htm, or .svg extensions are served as text/html or image/svg+xml...
CVE-2026-6835
CVE-2026-6835 concerns the a+HCM product developed by aEnrich, which is vulnerable to an Arbitrary File Upload . The issue allows unauthenticated remote attackers to upload arbitrary files to arbitrary paths, including HTML documents, creating a potential XSS-like effect . The available sources c...
Mozilla Firefox for iOS Information Disclosure Vulnerability
Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. An information disclosure vulnerability exists in Mozilla Firefox for iOS, which is caused due to incorrect sharing of cookie storage for non-HTML temporary documents with normal browsing content...
EUVD-2009-3097
Malware in sbrugna...
EUVD-2009-1830
Malware in sbrugna...
EUVD-2011-2915
Malware in sbrugna...
EUVD-2022-3140
Malicious code in bioql PyPI...
CVE-2025-10859
Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs This vulnerability affects Firefox for iOS 143.1...
CVE-2025-10859
Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs. This vulnerability was fixed in Firefox for iOS 143.1...
CVE-2025-10859
Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs. This vulnerability was fixed in Firefox for iOS 143.1...
CVE-2025-10859 Data stored in cookies for non-HTML content while browsing Incognito could be viewed after closing private tabs
Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs. This vulnerability was fixed in Firefox for iOS 143.1...
CVE-2025-10859
Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing content, allowing information from private tabs to escape Incognito mode even after the user closed all tabs. This vulnerability was fixed in Firefox for iOS 143.1...
PT-2025-39982
Name of the Vulnerable Software and Affected Versions Firefox for iOS versions prior to 143.1 Description A flaw existed in how Firefox for iOS handled cookie storage for non-HTML temporary documents. This resulted in incorrect sharing of cookie storage between non-HTML temporary documents and...
OESA-2025-1607 yelp security update
Yelp is the help viewer in GNOME. It natively views Mallard, DocBook, man, info, and HTML documents. It can locate documents according to the freedesktop.org help system specification. Security Fixes: A flaw was found in Yelp. The Gnome user help application allows the help document to execute...
CVE-2019-19496
Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTML document...
Debian dla-3868 : ruby-nokogiri - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-3868 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3868-1 [email protected] https://www.debian.org/lts/security/...
USN-6683-1 libhtmlcleaner-java vulnerability
It was discovered that HtmlCleaner incorrectly handled certain html documents. An attacker could possibly use this issue to cause a denial of service via application crash...
M-Files Web Security Vulnerability
M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A security vulnerability exists in M-Files Web versions prior to 23.8 that stems from the presence of a stored cross-site scripting XSS vulnerability tha...
CVE-2023-2325
Stored XSS Vulnerability in M-Files Classic Web versions before 23.10 and LTS Service Release Versions before 23.2 LTS SR4 and 23.8 LTS SR1allows attacker to execute script on users browser via stored HTML document...
M-Files Cross-Site Scripting Vulnerability
M-Files is an innovative metadata-driven document management platform from M-Files, Inc. A cross-site scripting vulnerability exists in M-Files Classic Web prior to 23.10, M-Files LTS Service Release prior to 23.2 LTS SR4, and 23.8 LTS SR1, which originates from a vulnerability that could allow a...