55 matches found
Astra Linux - уязвимость в firefox, thunderbird
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first This vulnerability affects Firefox for iOS 136...
Detecting Quishing Attacks with Machine Learning Techniques through QR Code Analysis
The rise of QR code based phishing "Quishing" poses a growing cybersecurity threat, as attackers increasingly exploit QR codes to bypass traditional phishing defenses. Existing detection methods predominantly focus on URL analysis, which requires the extraction of the QR code payload, and may...
UBUNTU-CVE-2025-27425
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first This vulnerability affects Firefox for iOS 136...
Mozilla Firefox 授权问题漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox for iOS that originates from an unrecognized QR code link. An attacker could exploit this vulnerability potentially causing integrity to be compromise...
Kerui HD 3MP 1080P Tuya Camera 安全漏洞
Kerui HD 3MP 1080P Tuya Camera is a high-definition surveillance camera from Kerui. A security vulnerability exists in Kerui HD 3MP 1080P Tuya Camera version 1.0.4, which stems from the presence of a command injection vulnerability that allows an attacker to create a customized, unauthenticated Q...
CVE-2024-8153
A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/delete-bookmark.php. The manipulation of the argument bookmark leads to cross site scripting. The attack may be initiated...
PT-2024-27916 · Alt Linux · Alt Linux
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The issue concerns the generation of unique keys for QR login and auto-login. Currently, the same key can be used interchangeably between the two, which is insecure. A unique key...
CVE-2023-6913
A session hijacking vulnerability has been detected in the Imou Life application affecting version 6.7.0. This vulnerability could allow an attacker to hijack user accounts due to the QR code functionality not properly filtering codes when scanning a new device and directly running WebView withou...
WordPress plugin dynamic-qr-code-generator 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via qrreadermatchcenters function in qrdec.c file, which allows an attacker to digitally input the malicious QR code, Remediation There is no fixed version for zbar. References - Security Advisory...
Brave Android 1.52.117 Security Fixes
Fixed URLs automatically being resolved when scanned from QR code as reported on HackerOne by rolandhack. Upgraded Chromium to 114.0.5735.90 — refer to Google Chrome advisories for inherited CVEs...
Qualys Security Solutions Now Support Alibaba Cloud
Enterprise IT environments are getting exponentially more complex with the booming adoption of cloud computing, upping the ante for InfoSec teams, which must protect these new environments. As the foundation for modern IT innovations that propel digital transformation, public cloud platforms are...
CVE-2019-17003
Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed...
SUSE CVE-2021-21186
Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72 allowed an attacker who convinced the user to scan a QR code to bypass navigation restrictions via a crafted QR code...
SUSE CVE-2021-21208
Insufficient data validation in QR scanner in Google Chrome on iOS prior to 90.0.4430.72 allowed an attacker displaying a QR code to perform domain spoofing via a crafted QR code...
Event Registration System 代码问题漏洞
Event Registration System is an event registration system with QR codes by Carlo Montero Personal Developer. A security vulnerability exists in the Event Registration System version 1.0, which stems from an incorrect manipulation of the parameter cmd leading to unrestricted file uploads...
CVE-2022-1127
Use after free in QR Code Generator in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction...
Phishing mail claims a 3D Secure upgrade is required
Today we took a look at a phishing mail pinning its hopes on a QR code linking to a bogus website. Scammers claim that your mail address has "not been registered for the 3D Secure Security Update". 3D Secure phishing mail The mail reads as follows: Dear Sir / Madam, Our administration has shown...
The vulnerability of the QR Code Generator browser extensions for Google Chrome and Microsoft Edge allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the QR Code Generator browser extensions for Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
CVE-2021-43530
A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 94...