EUVD-2019-0755

Malware in sbrugna...

EUVD-2007-5866

Malware in sbrugna...

CVE-2025-50538

Flowise before version 3.0.5 is affected by an XSS vulnerability where an unfiltered IFRAME element allows an attacker to inject scripts when an admin views the chat log. Affected product: Flowise (FlowiseAI) prior to 3.0.5. Root cause: unfiltered IFRAME in the chat log view, enabling cross-site ...

EUVD-2022-24802

Malicious code in bioql PyPI...

EUVD-2022-1872

Malicious code in bioql PyPI...

EUVD-2022-2431

Malicious code in bioql PyPI...

CVE-2021-34435

In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE. But with the way it is made it is possible for a previewed HTML file to trigger an RCE. This exploit only happens if a user previews a malicious file...

CVE-2019-3635

Exfiltration of Data in McAfee Web Gateway MWG 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe...

CVE-2006-7065

Microsoft Internet Explorer allows remote attackers to cause a denial of service crash via an IFRAME with a certain XML file and XSL stylesheet that triggers a crash in mshtml.dll when a refresh is called, probably a null pointer dereference...

CVE-2002-2100

Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content...

CVE-2005-3630

Fedora Directory Server before 10 allows remote attackers to obtain sensitive information, such as the password from adm.conf via an IFRAME element, probably involving an Apache httpd.conf configuration that orders "allow" directives before "deny" directives...

CVE-2024-55889 phpMyFAQ Vulnerable to Unintended File Download Triggered by Embedded Frames

phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10, a vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an element without user interaction or explicit consent...

CVE-2024-10941

A malicious website could have included an iframe with an malformed URI resulting in a non-exploitable browser crash. This vulnerability affects Firefox 126...

SUSE CVE-2013-1698

The getUserMedia permission implementation in Mozilla Firefox before 22.0 references the URL of a top-level document instead of the URL of a specific page, which makes it easier for remote attackers to trick users into permitting camera or microphone access via a crafted web site that uses IFRAME...

CVE-2022-34468

An iframe that was not permitted to run scripts could do so if the user clicked on a javascript: link. This vulnerability affects Firefox 102, Firefox ESR 91.11, Thunderbird 102, and Thunderbird 91.11...

Google Chrome PopupBlocker Permission License and Access Control Issues Vulnerability

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A permission-permit and access-control issue vulnerability exists in versions prior to Google Chrome PopupBlocker 91.0.4472.77, which can be exploited by remote...

Exploit for Use After Free in Google Chrome

PoC exploit for CVE-2019-5786, a FileReader Use-After-Free UAF vulnerability in Chrome 72.0.3626.119 stable for Windows 7 x86. The exploit uses site-isolation to brute-force the vulnerability. The target is the FileReader object, which is used to read files from the local file system. The exploit...

Mozilla Thunderbird 1.5 - Multiple Remote Information Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16881/info Mozilla Thunderbird is susceptible to multiple remote information-disclosure vulnerabilities. These issues are due to the application's failure to properly enforce the restriction for downloading remote content...

Bofra Virus Detection

The remote host seems to have been infected with the Bofra virus or one of its variants, which infects machines via an Internet Explorer IFRAME exploit. It is very likely this system has been compromised. OpenVAS Vulnerability Test $Id: bofradetect.nasl 6053 2017-05-01 09:02:51Z teissa $...

Bofra Virus Detection

The remote host seems to have been infected with the Bofra virus or one of its variants, which infects machines via an Internet Explorer IFRAME exploit. It is very likely this system has been compromised. SPDX-FileCopyrightText: 2005 Brian Smith-Sweeney Some text descriptions might be excerpted...