CVE-2020-3833

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.5. Visiting a malicious website may lead to address bar spoofing...

CVE-2019-8654

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 13.0.1. Visiting a malicious website may lead to user interface spoofing...

CVE-2019-8667

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.6. The encryption status of a Time Machine backup may be incorrect...

CVE-2019-19284

A vulnerability has been identified in XHQ All Versions 6.1. The web interface could allow Cross-Site Scripting XSS attacks if an attacker is able to modify content of particular web pages, causing the application to behave in unexpected ways for legitimate users...

CVE-2017-18409

In cPanel before 67.9999.103, the backup interface could return a backup archive with all MySQL databases SEC-283...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

AlmaLinux 9 : thunderbird (ALSA-2025:4229)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:4229 advisory. thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-28...

CVE-2025-2770

CVE-2025-2770 is linked to BEC Technologies Multiple Routers. The vulnerability arises from storing credentials in a recoverable (cleartext) format in the web-based user interface, allowing a remote attacker to disclose stored passwords after authentication. Exploitation details, affected models/...

CVE-2024-41789

Siemens SENTRON 7KT PAC1260 Data Manager (all versions) is affected by an OS command injection vulnerability caused by inadequate sanitization of the language parameter in certain POST requests, enabling an authenticated attacker to execute arbitrary code with root privileges. Multiple sources (N...

CVE-2023-52998

In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing rx buffers The pagepoolreleasepage was used when freeing rx buffers, and this function just unmaps the page if mapped and does not recycle the page. So after hundreds of down/up the...

CVE-2025-1960

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a system’s default password credentials have not been changed on first use. The default username is not displayed correctly in the WebHMI interfa...

Linux Distros Unpatched Vulnerability : CVE-2025-21776

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference...

Linux Distros Unpatched Vulnerability : CVE-2025-21725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn't guaranteed that...

Linux Distros Unpatched Vulnerability : CVE-2024-46766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ice: move netifqueuesetnapi to rtnl-protected sections Currently, netifqueuesetnapi is calle...

Linux Distros Unpatched Vulnerability : CVE-2024-36928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding...

Linux Distros Unpatched Vulnerability : CVE-2018-4300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web...

Security Vulnerabilities fixed in Firefox 136 — Mozilla

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could...

CVE-2025-1872 SQL injection vulnerability in 101news

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "sadminusername" parameter in admin/add-subadmins.php...

CVE-2024-3976

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose via the UI the confidential issues title and description from a public project to...

CVE-2024-45571

Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface...