Linux Distros Unpatched Vulnerability : CVE-2016-4583

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 allows remote attackers to bypass the Same Origin Policy and obtain image date from...

Linux Distros Unpatched Vulnerability : CVE-2011-0161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle the Attr.style accessor, which allows remote attackers to bypass the...

Linux Distros Unpatched Vulnerability : CVE-2015-1155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same...

Linux Distros Unpatched Vulnerability : CVE-2011-1190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Web Workers implementation in Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to...

Linux Distros Unpatched Vulnerability : CVE-2011-0166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTML5 drag and drop functionality in WebKit in Apple Safari before 5.0.4 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain...

Linux Distros Unpatched Vulnerability : CVE-2011-1193

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google V8, as used in Google Chrome before 10.0.648.127, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. CVE-2011-1193 Note th...

Linux Distros Unpatched Vulnerability : CVE-2014-4465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1 allows remote attackers to bypass the Same Origin Policy via crafted Cascading Style...

Linux Distros Unpatched Vulnerability : CVE-2011-0169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the window.console.inspectorCommandLineAPI property, which allows...

Linux Distros Unpatched Vulnerability : CVE-2016-1785

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles character encoding during access to cached data, which allows...

Linux Distros Unpatched Vulnerability : CVE-2015-5788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain sensitive image information via vecto...

Linux Distros Unpatched Vulnerability : CVE-2015-5826

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets CSS document is required to have the text/css content type,...

Linux Distros Unpatched Vulnerability : CVE-2015-3753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not properly perform taint...

Linux Distros Unpatched Vulnerability : CVE-2015-5827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an object reference via vectors involving a 1 custom event, 2...

Linux Distros Unpatched Vulnerability : CVE-2016-1786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx aka redirection status code, which...

Linux Distros Unpatched Vulnerability : CVE-2017-2480

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes...

Linux Distros Unpatched Vulnerability : CVE-2015-1156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The page-loading implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, does not properly handle the rel...

Vite middleware may serve files starting with the same name with the public directory

Summary Files starting with the same name with the public directory were served bypassing the server.fs settings. Impact Only apps that match the following conditions are affected: - explicitly exposes the Vite dev server to the network using --host or server.host config option - uses the public...

Cross-site Request Forgery (CSRF)

Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the templates/preview process. An attacker can execute arbitrary JavaScript code in the context of an authenticated user's browser by crafting a malicious HTML page that submits a POST request without...

CVE-2025-58753 copyparty: Sharing a single file does not fully restrict access to other files in source folder

Copyparty is a portable file server. In versions prior to 1.19.8, there was a missing permission-check in the shares feature the shr global-option. When a share was created for just one file inside a folder, it was possible to access the other files inside that folder by guessing the filenames. I...

CVE-2025-57278

The LB-Link BL-CPE300M AX300 4G LTE Router firmware version BL-R8800B10ALKSLV01.01.02P42U1406 does not implement proper session handling. After a user authenticates from a specific IP address, the router grants access to any other client using that same IP, without requiring credentials or...