Linux Distros Unpatched Vulnerability : CVE-2026-11083

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML...

Linux Distros Unpatched Vulnerability : CVE-2026-11214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted...

CVE-2026-11121

Insufficient validation of untrusted input in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11203

Inappropriate implementation in GPU in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11155

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2026-9959

Race in WebRTC in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

Malicious code in polygon-toolkit-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77c6fa5fc2aa45c8649c09e54e0f5b318b096a78a133380d18d5379621ba819c The package presents a Polygon/Polymarket validation/crypto utility but its exported APIs silently relay caller data to a hardcoded remote endpoint. ...

Astra Linux - уязвимость в chromium

In the V8 API of Google Chrome, before version 124.0.6367.78, reading out of bounds allowed a remote attacker to leak cross-site data through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в chromium

Inappropriate implementation in the iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

Astra Linux - уязвимость в chromium

Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

EUVD-2015-8390

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-3753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mediaserver in Android 4.x before 4.4.4 allows remote attackers to obtain sensitive information via unspecified vectors, aka internal bug 27210135. CVE-2016-375...

Linux Distros Unpatched Vulnerability : CVE-2018-6036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page...

The vulnerability of the Fortinet FortiPortal security analysis and management tool, related to improper handling of path equivalence, allows for the disclosure of protected information.

The vulnerability of the Fortinet FortiPorta security management and analysis tool is related to improper resolution of path equivalence. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the system...

Microsoft Edge (Chromium) < 136.0.3240.76 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 136.0.3240.76. It is, therefore, affected by multiple vulnerabilities as referenced in the May 15, 2025 advisory. - Chromium/Google Chrome is vulnerable to insufficient policy enforcement in Loader. A proof-of-concept...

Malicious code in acloud-clients (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 89813876cca364b0dffda624005d527aa3c9f54ea7ce20af8186faf8f374ba6f This campaign is built from two parts: 1 packages named like time-check-server, snapshot-photo contain an innocent-looking code that sends "date" to a remote...

CVE-2024-49797

IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques...

Roundcube Webmail 安全漏洞

Roundcube Webmail is a browser-based open source IMAP client from Roundcube Open Source that supports address book management, message searching, spell checking, and more. A security vulnerability exists in Roundcube Webmail versions 1.5.7 and earlier and 1.6.x before 1.6.8, which stems from an...

SUSE CVE-2010-0084

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.225 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-0091...

SUSE CVE-2020-6561

Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page...