32 matches found
CVE-2026-49359
PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, pontedilana/php-weasyprint fetches the content of option values server-side via filegetcontents when the value looks like a URL, without restricting the URL scheme. The attachment option of...
Exploit for CVE-2026-26801
pdfmake SSRF Vulnerability PoC Vulnerability Summary | Fi...
EUVD-2025-36032
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aviplugins.com Custom Post Type Attachment custom-post-type-pdf-attachment allows Stored XSS.This issue affects Custom Post Type Attachment: from n/a through = 3.4.6...
AlmaLinux 10 : thunderbird (ALSA-2025:8196)
The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:8196 advisory. thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link CVE-2025-3909 thunderbird: Sender Spoofing via Malformed From Header in...
EUVD-2006-4261
Malware in sbrugna...
Exploit for Improper Restriction of XML External Entity Reference in Sysaid
From-EternalBlue-to-CVE-2025-2776-The-Evolution-of-an-SMB-Atta...
thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...
thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...
thunderbird: JavaScript Execution via Spoofed PDF Attachment and file:/// Link
The Mozilla Foundation's Security Advisory describes the following issue: Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to execute JavaScript in the file:/// context. By crafting a nested email attachment message/rfc822 and setting its content type to...
Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 128.10.1. Security fixes: MFSA 2025-34 bsc1243216 CVE-2025-3875: Sender Spoofing via Malformed From Header in Thunderbird. CVE-2025-3877: Unsolicited File Download, Disk Space Exhaustion, and Credential...
PT-2025-21187
Name of the Vulnerable Software and Affected Versions: Thunderbird versions prior to 128.10.1 Thunderbird versions prior to 138.0.1 Description: The issue arises from Thunderbird's handling of the X-Mozilla-External-Attachment-URL header, which can be exploited to execute JavaScript in the file:/...
WordPress Custom Post Type Attachment plugin <= 3.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via pdf_attachment Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via pdfattachment Shortcode vulnerability discovered by Francesco Carlucci in WordPress Plugin Custom Post Type Attachment versions = 3.4.5...
WordPress plugin Custom Post Type Attachment 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Custom Pos...
Description of the security update for SharePoint Server 2019: April 9, 2024 (KB5002580)
Description of the security update for SharePoint Server 2019: April 9, 2024 KB5002580 Summary This security update resolves a Microsoft SharePoint Server spoofing vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2024-26251. Notes: This ...
Peeling off QR Code Phishing Onion
Peeling off QR Code Phishing Onion: Revealing the Hidden Layers of Deceit By Neel H. Pathak and Pratik Sunil Kadam · October 10, 2023 Introduction: Malicious actors always seek innovative ways to bypass detection. The Trellix Advanced Research Center recently noticed an attack campaign with an...
New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks
Malicious actors are using a legitimate Rust-based injector called Freeze.rs to deploy a commodity malware called XWorm in victim environments. The novel attack chain, detected by Fortinet FortiGuard Labs on July 13, 2023, is initiated via a phishing email containing a booby-trapped PDF file. It...
Tracking down a trojan: An inside look at threat hunting in a corporate network
At Malwarebytes, we talk a lot about the importance of threat hunting for SMBs--and not for no good reason, either. Just consider the fact that, when a threat actor breaches a network, they dont attack right away. The median amount of time between system compromise and detection is 21 days. By th...
SUSE CVE-2004-1152
Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary code via an e-mail message with a crafted PDF attachment...
Experts Uncover Malware Attacks Targeting Corporate Networks in Latin America
Cybersecurity researchers on Thursday took the wraps off a new, ongoing espionage campaign targeting corporate networks in Spanish-speaking countries, specifically Venezuela, to spy on its victims. Dubbed "Bandidos" by ESET owing to the use of an upgraded variant of Bandook malware, the primary...
Valentine’s Day Malware Attack Mimics Flower Store
With Valentine’s Day approaching this weekend, several people have received “recent order” email confirmations for flowers or lingerie. These emails are actually part of a spear-phishing attack, which ultimately leads recipients to a malicious document that executes the BazaLoader malware. The...