EUVD-2024-32917

Malicious code in bioql PyPI...

webkitgtk: Visiting a malicious website may lead to address bar spoofing.

A vulnerability was found in WebKitGTK. This flaw occurs due to an issue in the component URL Handler, which allows a remote attacker to manipulate an unknown input that can lead to clickjacking...

webkitgtk: Visiting a malicious website may lead to address bar spoofing.

A vulnerability was found in WebKitGTK. This flaw occurs due to an issue in the component URL Handler, which allows a remote attacker to manipulate an unknown input that can lead to clickjacking...

xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

The vulnerability of the Xstream Java library for converting objects into XML or JSON formats lies in insufficient validation of incoming requests, allowing attackers to disclose sensitive information.

The vulnerability of the Xstream Java library for converting objects into XML or JSON formats is related to insufficient validation of incoming requests. Exploiting this vulnerability can allow an attacker to disclose sensitive information by manipulating the processed input data remotely...