CVE-2026-39807

Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-state spoofing on plaintext HTTP connections. 'Elixir.Bandit.Pipeline':determinescheme/2 in lib/bandit/pipeline.ex returns the client-supplied URI scheme verbatim, ignoring the...

CVE-2026-39807

Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-state spoofing on plaintext HTTP connections. 'Elixir.Bandit.Pipeline':determinescheme/2 in lib/bandit/pipeline.ex returns the client-supplied URI scheme verbatim, ignoring the...

curl: urlapi: off-by-one in custom scheme validation skips last character

Summary In lib/urlapi.c, the seturlscheme function has an off-by-one error when validating custom scheme names. The validation loop checks scheme0 twice once by ISALPHA, once in the loop and never checks the last character. This allows schemes ending with any arbitrary byte e.g., foo!, bar, bad/ ...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : Emacs vulnerabilities (USN-8011-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8011-1 advisory. It was discovered that Emacs could trigger unsafe Lisp macro expansion, when a user invoked elisp- completion-at-point on untrust...

CVE-2025-57452

In realme BackupRestore app v15.1.122810c08250314, improper URI scheme handling in com.coloros.pc.PcToolMainActivity allows local attackers to cause a crash and potential XSS via crafted ADB intents...

realme Clone Phone APP 安全漏洞

realme Clone Phone APP is a data backup and recovery feature from China-based realme realme. A security vulnerability exists in realme Clone Phone APP version 15.1.122810c08250314, which stems from improper handling of the URI scheme in com.coloros.pc.PcToolMainActivity, which could lead to a cra...

CVE-2025-57452

The CVE-2025-57452 entry affects the realme BackupRestore app, version 15.1.12_2810c08_250314, due to improper URI scheme handling in the component com.coloros.pc.PcToolMainActivity. This vulnerability could allow local attackers to trigger a crash and potential cross-site scripting (XSS) via cra...

CVE-2025-57452

In realme BackupRestore app v15.1.122810c08250314, improper URI scheme handling in com.coloros.pc.PcToolMainActivity allows local attackers to cause a crash and potential XSS via crafted ADB intents...

Allocation of Resources Without Limits or Throttling

Overview axios is a promise-based HTTP client for the browser and Node.js. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the data: URL handler. An attacker can trigger a denial of service by crafting a data: URL with an excessive...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection due to the improper handling of URI schemes in the openExternal function. Note: This is exploitable only for Windows environments. Remediation Upgrade @joplin/utils to version 2.14.1 or higher. References - GitH...

CVE-2024-44155

A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 18, iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, watchOS 11, iOS 18 and iPadOS 18. Maliciously crafted web content may violate iframe sandboxing policy...

CVE-2024-8383

The Mozilla Foundation's Security Advisory: Firefox normally asks for confirmation before asking the operating system to find an application to handle a scheme that the browser does not support. It did not ask before doing so for the Usenet-related schemes news: and snews:. Since most operating...

CVE-2024-8383

CVE-2024-8383 affects Mozilla Firefox and Firefox ESR. The issue arises when Firefox asks the OS to handle a scheme the browser doesn’t support and doesn’t prompt for confirmation for Usenet-related schemes (news: and snews:). This could allow a malicious webpage or downloaded application to regi...

Security Vulnerabilities fixed in Firefox 130 — Mozilla

A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment. Multiple prompts a...

Security Vulnerabilities fixed in Firefox ESR 128.2 — Mozilla

A difference in the handling of StructFields and ArrayTypes in WASM could be used to trigger an exploitable type confusion vulnerability. A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment. Internal browser...

Security Vulnerabilities fixed in Firefox ESR 115.15 — Mozilla

A potentially exploitable type confusion could be triggered when looking up a property name on an object being used as the with environment. Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried t...

SUSE CVE-2019-12781

An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECUREPROXYSSLHEADER and SECURESSLREDIRECT settings are used, and the proxy connects to Django via HTTPS. In other words,...

Apple Safari Arbitrary javascript Code Execution Vulnerability

Apple Safari is a web browser from Apple, Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. An arbitrary javascript code execution vulnerability exists in Safari versions prior to 13.0.5. The vulnerability stems from a problem with custom URL scheme handling...

Ubuntu 5.04 / 5.10 / 6.06 LTS : apache2 vulnerability (USN-328-1)

Mark Dowd discovered an off-by-one buffer overflow in the modrewrite module's ldap scheme handling. On systems which activate 'RewriteEngine on', a remote attacker could exploit certain rewrite rules to crash Apache, or potentially even execute arbitrary code this has not been verified...