6856 matches found
PT-2025-42905
Name of the Vulnerable Software and Affected Versions Koa versions 2.16.2 through 2.16.3 Koa versions 3.0.1 through 3.0.3 Description The Koa framework contains a flaw in its back redirect functionality. An attacker can manipulate the Referer header to redirect a user’s browser to a malicious...
CVE-2025-62584
Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment...
EUVD-2025-34718
Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment...
CVE-2025-62584
Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment...
CVE-2025-62584
Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment...
CVE-2025-62584
Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment...
CVE-2025-62584
Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment...
CVE-2025-62584
CVE-2025-62584 affects Naver Whale Browser prior to version 4.33.325.17 and describes a bypass of the Same-Origin Policy in a dual-tab environment. The available connected documents consistently state that the issue enables an attacker to bypass SOP between tabs, but they do not provide concrete ...
Naver Whale Browser 安全漏洞
Naver Whale Browser is a web browser from Naver, a South Korean company that supports user-defined interfaces. A security vulnerability exists in Naver Whale Browser versions prior to 4.33.325.17, which originates from an attacker being able to bypass the same-origin policy in a two-tab environme...
RLSA-2025:14416 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due to invalid point...
RLSA-2025:16108 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary conditions in the...
firefox security update
An update is available for firefox. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...
RockyLinux 9 : thunderbird (RLSA-2025:16156)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:16156 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary...
AlmaLinux 10 : firefox (ALSA-2025:16109)
The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:16109 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect boundary...
AlmaLinux 10 : thunderbird (ALSA-2025:14844)
The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:14844 advisory. firefox: thunderbird: Denial-of-service due to out-of-memory in the Graphics: WebRender component CVE-2025-9182 thunderbird: firefox: Sandbox escape due...
firefox: thunderbird: Same-origin policy bypass in the Layout component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue:...
MLFlow server is exposed to data exfiltration and destruction due to lack of Origin validation
The MLFlow REST server is vulnerable to DNS rebinding attacks, allowing malicious websites to bypass Same-Origin Policy protections and execute unauthorized calls against REST endpoints. Once rebinding is successful, the attacker can: Query for experiments via the 2.0/mlflow/experiments/search...
EUVD-2012-2388
Malware in sbrugna...
EUVD-2012-1935
Malware in sbrugna...