EUVD-2026-35243

Use after free in Proxy in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

CVE-2026-6297

Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

PT-2025-132: Server-side Request Forgery (SSRF) in OpenPDF

The vulnerability was identified in OpenPDF, versions 2.0.3. The discovered vulnerability allows an attacker craft arbitrary HTTP requests that the vulnerable server will send to both external services and internal network endpoints. By exploiting this, the attacker can exfiltrate sensitive data...

SUSE-SU-2023:2228-1 Security update for curl

This update for curl fixes the following issues: - CVE-2023-28320: Fixed siglongjmp race condition bsc1211231. - CVE-2023-28321: Fixed IDN wildcard matching bsc1211232. - CVE-2023-28322: Fixed POST-after-PUT confusion bsc1211233. - CVE-2023-27533: Fixed TELNET option IAC injection bsc1209209. -...

Server side request forgery (ssrf)

An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery SSRF that allows use of the application as a proxy. Sent to an external server, a forged request discloses application credentials. For a request to ...

Corega CG-WLBARAGM devices denial of service vulnerability

Corega CG-WLBARAGM is a wireless router offered by Corega. A denial of service vulnerability exists in CoregaCG-WLBARAGM. An attacker could use the device as a proxy server to conduct network attacks...