100 matches found
EUVD-2018-0130
Malware in sbrugna...
EUVD-2020-0161
Malware in sbrugna...
EUVD-2018-0129
Malware in sbrugna...
EUVD-2021-0220
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-1000559
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - qutebrowser version introduced in v0.11.0 1179ee7a937fb31414d77d9970bac21095358449 contains a Cross Site Scripting XSS vulnerability in history command,...
Linux Distros Unpatched Vulnerability : CVE-2020-11054
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user,...
OPENSUSE-SU-2024:13353-1 qutebrowser-3.0.2-1.1 on GA media
These are all security issues fixed in the qutebrowser-3.0.2-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:11974-1 qutebrowser-2.5.0-1.1 on GA media
These are all security issues fixed in the qutebrowser-2.5.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:11292-1 qutebrowser-2.3.1-2.1 on GA media
These are all security issues fixed in the qutebrowser-2.3.1-2.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2018-10895
qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://' URLs. A malicious website could exploit this to load a 'qute://settings/set' URL, which then sets 'editor.command' to a bash script, resulting in arbitrary code execution...
SUSE CVE-2018-1000559
qutebrowser version introduced in v0.11.0 1179ee7a937fb31414d77d9970bac21095358449 contains a Cross Site Scripting XSS vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be...
SUSE CVE-2020-11054
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow colors.statusbar.url.warn.fg. However, when the affected website was subsequently loaded again, the UR...
Unspecified vulnerability in qutebrowser (CNVD-2021-100609)
qutebrowser is an open source keyboard browser based on Python and PyQt5. A security vulnerability exists in qutebrowser, which can be exploited by attackers to execute arbitrary code...
Arbitrary command execution on Windows via qutebrowserurl: URL handler
Impact Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers it as a handler for certain URL schemes. With some applications such as Outlook Desktop, opening a specially crafted URL can lead to argument injection, allowing execution of qutebrowser commands, which in tu...
GHSA-VW27-FWJF-5QXM Arbitrary command execution on Windows via qutebrowserurl: URL handler
Impact Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers it as a handler for certain URL schemes. With some applications such as Outlook Desktop, opening a specially crafted URL can lead to argument injection, allowing execution of qutebrowser commands, which in tu...
Arbitrary Command Execution
qutebrowser is vulnerable to arbitrary command execution. An attacker is able to execute commands such as :spawn or :debug-pyeval on the host OS via a specially crafted URL leading to argument injection. The vulnerability exists on windows installations where qutebrowser is registered as a URL...
CVE-2021-41146
qutebrowser is an open source keyboard-focused browser with a minimal GUI. Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers a qutebrowserurl: URL handler. With certain applications, opening a specially crafted qutebrowserurl:... URL can lead to execution of...
CVE-2021-41146
qutebrowser is an open source keyboard-focused browser with a minimal GUI. Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers a qutebrowserurl: URL handler. With certain applications, opening a specially crafted qutebrowserurl:... URL can lead to execution of...
Code injection
qutebrowser is an open source keyboard-focused browser with a minimal GUI. Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers a qutebrowserurl: URL handler. With certain applications, opening a specially crafted qutebrowserurl:... URL can lead to execution of...
CVE-2021-41146
qutebrowser is an open source keyboard-focused browser with a minimal GUI. Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers a qutebrowserurl: URL handler. With certain applications, opening a specially crafted qutebrowserurl:... URL can lead to execution of...