9 matches found
CVE-2026-7686
A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...
PT-2026-36689
A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...
CVE-2021-43083
Apache PLC4X - PLC4C Only the C language implementation was effected was vulnerable to an unsigned integer underflow flaw inside the tcp transport. Users should update to 0.9.1, which addresses this issue. However, in order to exploit this vulnerability, a user would have to actively connect to a...
CVE-2025-46826
insa-auth is an authentication server for INSA Rouen. A minor issue allowed third-party websites to access the server's secondary authentication bridge, potentially revealing basic student information name and number. However, the issue posed minimal risk, was never exploited, and had limited...
CVE-2025-46826 insa-auth Open-Redirect on provided CAS server login endpoint
insa-auth is an authentication server for INSA Rouen. A minor issue allowed third-party websites to access the server's secondary authentication bridge, potentially revealing basic student information name and number. However, the issue posed minimal risk, was never exploited, and had limited...
CVE-2025-46826 insa-auth Open-Redirect on provided CAS server login endpoint
insa-auth is an authentication server for INSA Rouen. A minor issue allowed third-party websites to access the server's secondary authentication bridge, potentially revealing basic student information name and number. However, the issue posed minimal risk, was never exploited, and had limited...
Bypassing Wi-Fi Encryption by Manipulating Transmit Queues (Framing Frames)
Vulnerability in IEEE 802.11 implementation is found. A malicious insider can intercept traffic at the MAC layer by disconnecting a victim and connecting to the network using the victim’s MAC address and the attacker’s credentials even if clients are prevented from communicating with each other...
Razer: Subdomain takeover at ftp.thx.com
The tester discovered the ftp.thx.com server was vulnerable to a subdomain takeover. This server is only used by internal parties so risk was minimal but THX appreciates the report...
BadBlue 302 Status Message XSS
BadBlue 1.74 presumably earlier is susceptible to a cross-site scripting attack. When BadBlue is passed a name of a non-existant file path or an existant folder that does not end in a 0x2f character "/" it returns a 302 status code containing some text: HTTP/1.0 302 found Location: /SCRIPT/...