Tabby 安全漏洞

Tabby Terminus is a highly configurable terminal emulator, SSH, and serial client developed by Eugene’s individual developers. Versions of Tabby prior to 1.0.232 contained security vulnerabilities. These vulnerabilities stemmed from the terminal linker not verifying protocol schemes, which could...

Security update for emacs

This update for emacs fixes the following issues: CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell command injections. bsc1237091 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

CVE-2025-0244

When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. Note: This issue only affected Android operating systems. Other operating systems are unaffected.. This vulnerability was fixed in Firefox 134...

PT-2025-3811

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 134 Description When using an invalid protocol scheme, an attacker could spoof the address bar. This issue only affects Android operating systems, while other operating systems are unaffected. Recommendations For...

urijs: Authorization Bypass Through User-Controlled Key

A flaw was found in urijs due to the fix of CVE-2021-3647 not considering case-sensitive protocol schemes in the URL. This issue allows attackers to bypass the patch...

Authorization Bypass Through User-Controlled Key in urijs

Attacker can use case-insensitive protocol schemes like HTTP, htTP, HTtp etc. in order to bypass the patch for CVE-2021-3647...

invalid URL parsing with '#'

curl does not parse the authority component of the URL correctly when the host name part ends with a hash character, and could instead be tricked into connecting to a different host. This may have security implications if you for example use a URL parser that follows the RFC to check for allowed...