DEBIAN-CVE-2026-20691

An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able to fingerprint the user...

CVE-2020-37096

Edimax EW-7438RPn 1.13 contains a cross-site request forgery vulnerability in the MAC filtering configuration interface. Attackers can craft malicious web pages to trick users into adding unauthorized MAC addresses to the device's filtering rules without their consent...

EUVD-2024-2787

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-27838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed by adding additional logic. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14....

UBUNTU-CVE-2025-24143

The issue was addressed with improved access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, visionOS 2.3. A maliciously crafted webpage may be able to fingerprint the user...

MGASA-2021-0400 Updated webkit2 packages fix security vulnerabilities

Updated webkit2 packages fix security vulnerabilities: A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A specially crafted web page can lead to a potential information leak and further memory corruption. In order to...

RHEL 8 : firefox (RHSA-2021:1362)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:1362 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

CVE-2021-21330

An open redirect flaw was found in python-aiohttp. This flaw allows a remote, unauthenticated attacker to trick users into visiting a malicious webpage, disguised as a legitimate webpage and affects applications using the normalizepathmiddleware functionality. The highest threat from this...

CVE-2020-1492

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an...

Hackers Hijack Routers to Spread Malware Via Coronavirus Apps

Cybercriminals are hijacking routers and changing Domain Name System DNS settings, in order to redirect victims to attacker controlled sites promoting fake coronavirus information apps. If victims download these apps, they are infected with information-stealing Oski malware. This latest attack...

Apple iOS webkit memory corruption vulnerability (CNVD-2017-05607)

Apple iOS is an operating system for Apple smart devices. A memory corruption vulnerability exists in Webkit used by Apple iOS, which allows attackers to exploit the vulnerability to build malicious web pages that can be clicked on by users, which can crash the application or execute arbitrary co...

迅雷5 pplayer.dll 组件漏洞

出现严重0-Day漏洞，病毒作者可利用该漏洞编写恶意网页，当用于浏览这些网页的时候，就会感染病毒，进而该病毒可以盗窃用户的帐号和密码，从而使用户遭受到损失。 与上次的不同，这次有漏洞的程序出现在迅雷看看（Thunder KanKan）上，pplayer.dll 组件版本号：1.2.3.49，CLSID:F3E70CEA-956E-49CC-B444-73AFE593AD7F. 该组件内的一个函数FlvPlayerUrl上，存在边界检查不严格的问题，当向其传递过长参数时，会导致程序溢出。病毒作者可以利用这个缺陷，精心编写Shellcode，溢出，然后可以下载任意恶意病毒文件。 迅雷5...

SiteBar 3.3.8 - integrator.php?lang Cross-Site Scripting

SiteBar 3.3.8 - integrator.php?lang Cross-Site Scripting source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability -...

SiteBar 3.3.8 - index.php?target Cross-Site Scripting

SiteBar 3.3.8 - index.php?target Cross-Site Scripting source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple...

SiteBar 3.3.8 - translator.php?updcmdActionedit Arbitrary PHP Code Execution

SiteBar 3.3.8 - translator.php?updcmdActionedit Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include...

MS03-041: Vulnerability in Authenticode Verification Could Allow Remote Code Execution (823182)

The remote host contains a version of the Authenticode Verification module that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page. An attacker may also be able to exploit the vulnerability by sendin...

Microsoft Internet Explorer 6.0 Mozilla 0.9.6 Opera 5.1 - Image Count Denial of Service

Microsoft Internet Explorer 6.0 Mozilla 0.9.6 Opera 5.1 - Image Count Denial of Service source: https://www.securityfocus.com/bid/3684/info An issue which affects users of multiple web browsers on Microsoft Windows platforms has been discovered. An unusually high image count may cause a denial of...

Netscape Communicator 4.06/4.5/4.6/4.51/4.61 - EMBED Buffer Overflow

/ source: https://www.securityfocus.com/bid/618/info In several versions of Netscape Communicator, there is an unchecked buffer in the code that handles EMBED tags. The buffer is in the 'plugins page' option. This vulnerability can be exploited by a malicious webpage. / // /Netscape communicator...