Lucene search
K

55 matches found

AstraLinux
AstraLinux
added 2025/05/19 2:38 p.m.3 views

Astra Linux - уязвимость в firefox, thunderbird

Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first This vulnerability affects Firefox for iOS 136...

4.3CVSS6.3AI score0.00215EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/06 12:0 a.m.3 views

Detecting Quishing Attacks with Machine Learning Techniques through QR Code Analysis

The rise of QR code based phishing "Quishing" poses a growing cybersecurity threat, as attackers increasingly exploit QR codes to bypass traditional phishing defenses. Existing detection methods predominantly focus on URL analysis, which requires the extraction of the QR code payload, and may...

7.2AI score
Exploits0
OSV
OSV
added 2025/03/04 2:15 p.m.7 views

UBUNTU-CVE-2025-27425

Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first This vulnerability affects Firefox for iOS 136...

4.3CVSS5.8AI score0.00215EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/04 12:0 a.m.4 views

Mozilla Firefox 授权问题漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox for iOS that originates from an unrecognized QR code link. An attacker could exploit this vulnerability potentially causing integrity to be compromise...

4.3CVSS6.6AI score0.00215EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/10/30 12:0 a.m.3 views

Kerui HD 3MP 1080P Tuya Camera 安全漏洞

Kerui HD 3MP 1080P Tuya Camera is a high-definition surveillance camera from Kerui. A security vulnerability exists in Kerui HD 3MP 1080P Tuya Camera version 1.0.4, which stems from the presence of a command injection vulnerability that allows an attacker to create a customized, unauthenticated Q...

8.4CVSS8.3AI score0.00965EPSS
Exploits0References1
OSV
OSV
added 2024/08/25 11:15 p.m.7 views

CVE-2024-8153

A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/delete-bookmark.php. The manipulation of the argument bookmark leads to cross site scripting. The attack may be initiated...

5.4CVSS3.7AI score0.00386EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/06/18 12:0 a.m.6 views

PT-2024-27916 · Alt Linux · Alt Linux

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns the generation of unique keys for QR login and auto-login. Currently, the same key can be used interchangeably between the two, which is insecure. A unique key...

8.8CVSS5.5AI score0.83343EPSS
Exploits8References74
OSV
OSV
added 2023/12/19 3:15 p.m.3 views

CVE-2023-6913

A session hijacking vulnerability has been detected in the Imou Life application affecting version 6.7.0. This vulnerability could allow an attacker to hijack user accounts due to the QR code functionality not properly filtering codes when scanning a new device and directly running WebView withou...

8.1CVSS5.8AI score0.00729EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.3 views

WordPress plugin dynamic-qr-code-generator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

7.1CVSS6.8AI score0.00454EPSS
Exploits1References2
Snyk
Snyk
added 2023/08/29 6:31 p.m.1 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via qrreadermatchcenters function in qrdec.c file, which allows an attacker to digitally input the malicious QR code, Remediation There is no fixed version for zbar. References - Security Advisory...

9.8CVSS7AI score0.01542EPSS
Exploits0References2
Brave Browser
Brave Browser
added 2023/05/31 9:42 a.m.9 views

Brave Android 1.52.117 Security Fixes

Fixed URLs automatically being resolved when scanned from QR code as reported on HackerOne by rolandhack. Upgraded Chromium to 114.0.5735.90 — refer to Google Chrome advisories for inherited CVEs...

5.9AI score
Exploits0References2Affected Software1
Qualys Blog
Qualys Blog
added 2023/04/24 9:40 a.m.24 views

Qualys Security Solutions Now Support Alibaba Cloud

Enterprise IT environments are getting exponentially more complex with the booming adoption of cloud computing, upping the ante for InfoSec teams, which must protect these new environments. As the foundation for modern IT innovations that propel digital transformation, public cloud platforms are...

6.7AI score
Exploits0
OSV
OSV
added 2023/02/16 10:15 p.m.3 views

CVE-2019-17003

Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed...

6.1CVSS5.8AI score0.00411EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.5 views

SUSE CVE-2021-21186

Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code...

4.3CVSS6.4AI score0.01127EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 3:46 a.m.3 views

SUSE CVE-2021-21208

Insufficient data validation in QR scanner in Google Chrome on iOS prior to 90.0.4430.72 allowed an attacker displaying a QR code to perform domain spoofing via a crafted QR code...

6.5CVSS7.1AI score0.01398EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/11/30 12:0 a.m.4 views

Event Registration System 代码问题漏洞

Event Registration System is an event registration system with QR codes by Carlo Montero Personal Developer. A security vulnerability exists in the Event Registration System version 1.0, which stems from an incorrect manipulation of the parameter cmd leading to unrestricted file uploads...

9.8CVSS8.1AI score0.00439EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/23 12:15 a.m.6 views

CVE-2022-1127

Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction...

8.8CVSS7.2AI score0.0075EPSS
Exploits1References4
Malwarebytes
Malwarebytes
added 2022/06/01 4:40 p.m.22 views

Phishing mail claims a 3D Secure upgrade is required

Today we took a look at a phishing mail pinning its hopes on a QR code linking to a bogus website. Scammers claim that your mail address has "not been registered for the 3D Secure Security Update". 3D Secure phishing mail The mail reads as follows: Dear Sir / Madam, Our administration has shown...

7.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.7 views

The vulnerability of the QR Code Generator browser extensions for Google Chrome and Microsoft Edge allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the QR Code Generator browser extensions for Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

10CVSS7AI score0.0075EPSS
Exploits1References7Affected Software4
OSV
OSV
added 2021/12/08 10:15 p.m.2 views

CVE-2021-43530

A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 94...

6.1CVSS6.8AI score0.01392EPSS
Exploits1References2
Rows per page
Query Builder