1162 matches found
EUVD-2022-5001
Malicious code in bioql PyPI...
EUVD-2024-1268
Malicious code in bioql PyPI...
EUVD-2025-30568
Malicious code in bioql PyPI...
EUVD-2024-3525
Malicious code in bioql PyPI...
EUVD-2025-7961
Malicious code in bioql PyPI...
EUVD-2025-32308
TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.001116 Android TV, Kernel 5.4.242+, is vulnerable to a blind, unauthenticated Server-Side Request Forgery SSRF vulnerability via the UPnP MediaRenderer service AVTransport:1. The device accepts unauthenticated SetAVTransportURI SOAP...
Improper Neutralization of Special Elements Used in a Template Engine
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the RenderTemplate function. An attacker can access sensitive files by injecting malicious templates into the snapshots.pattern configuration, which are then...
MAL-2025-47656 Malicious code in enrichable-markdown-render (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in enrichable-markdown-render (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2025-59417 Lobe Chat Desktop Vulnerable to Remote Code Execution via XSS in Chat Messages
Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.129.4, there is a a cross-site scripting XSS vulnerability when handling chat message in lobe-chat that can be escalated to remote code execution on the user’s machine. In lobe-chat, when the response from the...
Lobe Chat 跨站脚本漏洞
Lobe Chat is an open source, high-performance chatbot framework open sourced from LobeHub. A cross-site scripting vulnerability exists in Lobe Chat versions prior to 1.129.4 that stems from the SVGRender component's use of dangerouslySetInnerHTML to process SVG content, which could lead to...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to out-of-memory in the Graphics: WebRender component...
RHEL 9 : firefox (RHSA-2025:15421)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15421 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...
Linux Distros Unpatched Vulnerability : CVE-2023-25361
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in WebCore::RenderLayer::setNextSibling in WebKitGTK before 2.36.8 allows attackers to execute code remotely. CVE-2023-25361 Note...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
ALSA-2025:14844 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due to invalid pointer in the Audio/Video: GMP component CVE-2025-917...
Linux Distros Unpatched Vulnerability : CVE-2022-27470
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted...
Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due to invalid point...
RHEL 8 : firefox (RHSA-2025:14442)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:14442 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...