52 matches found
Security update for epiphany (important)
openSUSE Security Update: Security update for epiphany Announcement ID: openSUSE-SU-2026:0193-1 Rating: important References: 1208472 Cross-References: CVE-2023-26081 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description: This update...
EUVD-2014-4290
Malware in sbrugna...
EUVD-2021-16432
Malware in sbrugna...
EUVD-2024-52626
Malicious code in bioql PyPI...
EUVD-2025-8922
Malicious code in bioql PyPI...
CVE-2025-59948 FreshRSS is vulnerable to XSS due to lack of CSP on HTML query page
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below do not sanitize certain event handler attributes in feed content, so by finding a page that renders feed entries without CSP, it is possible to execute an XSS payload. The Allow API access authentication setting needs to ...
Passwords and FIDO2 Are Meant to Be Secret: a Practical Secure Authentication Channel for Web Browsers
Password managers provide significant security benefits to users. However, malicious client-side scripts and browser extensions can steal passwords after the manager has autofilled them into the web page. In this paper, we extend prior work by Stock and Johns, showing how password autofill can be...
CVE-2024-54530
The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, visionOS 2.2, watchOS 11.2. Password autofill may fill in passwords after failing authentication...
CVE-2024-44217
A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in iOS 18 and iPadOS 18. Password autofill may fill in passwords after failing authentication...
CVE-2021-29973
Password autofill was enabled without user interaction on insecure websites on Firefox for Android. This was corrected to require user interaction with the page before a user's password would be entered by the browser's autofill functionality This bug only affects Firefox for Android. Other...
CVE-2025-30430
This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. Password autofill may fill in passwords after failing authentication...
CVE-2025-30430
This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. Password autofill may fill in passwords after failing authentication...
CVE-2025-30430
This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. Password autofill may fill in passwords after failing authentication...
CVE-2025-30430
CVE-2025-30430 affects Apple platforms: visionOS 2.4, iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4. Description states password autofill may fill in passwords after a failed authentication, due to an issue in state management. The CVE’s matrix (CVSS v3.1) indicates a critical impact (base score ...
CVE-2025-30430
This issue was addressed through improved state management. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. Password autofill may fill in passwords after failing authentication...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS and Apple iPadOS, which arises from the possibility that password autofill ma...
The vulnerability of the Password Autofill component in operating systems such as visionOS, iOS, iPadOS, MacOS, and watchOS allows attackers to read and write arbitrary files.
The vulnerability of the Password Autofill component in the visionOS, iOS, iPadOS, MacOS, and watchOS operating systems is related to the absence of authentication. Exploiting this vulnerability allows attackers to read and write arbitrary files...
CVE-2024-54530
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, visionOS 2.2, iOS 18.2 and iPadOS 18.2. Password autofill may fill in passwords after failing authentication...
CVE-2024-54530
The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, visionOS 2.2, watchOS 11.2. Password autofill may fill in passwords after failing authentication...
CVE-2024-54530
The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, visionOS 2.2, watchOS 11.2. Password autofill may fill in passwords after failing authentication...