62 matches found
EUVD-2026-33075
Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
EUVD-2026-33147
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-8551
Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
EUVD-2026-28145
Script injection in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...
SUSE CVE-2026-6308
Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
MAL-2026-2293 Malicious code in thisismytestnouser (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c2f082ee09bfe98c91c243abc15967cbc6fdc7731d6e9657669853e0f148f7dd During installation, if run under a specific username, the package downloads and installs two executables identified as backdoors trojans. --- Category:...
CVE-2026-20009
A vulnerability in the implementation of the proprietary SSH stack with SSH key-based authentication in Cisco Secure Firewall Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to log in to a Cisco Secure Firewall ASA device and execute commands as a specific...
CVE-2026-20009
A vulnerability in the implementation of the proprietary SSH stack with SSH key-based authentication in Cisco Secure Firewall Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to log in to a Cisco Secure Firewall ASA device and execute commands as a specific...
CVE-2026-20009
A vulnerability in the implementation of the proprietary SSH stack with SSH key-based authentication in Cisco Secure Firewall Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to log in to a Cisco Secure Firewall ASA device and execute commands as a specific...
CVE-2026-20009 Cisco Secure Firewall Adaptive Security Appliance SSH Partial Private Key Authentication Bypass Vulnerability
A vulnerability in the implementation of the proprietary SSH stack with SSH key-based authentication in Cisco Secure Firewall Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to log in to a Cisco Secure Firewall ASA device and execute commands as a specific...
PT-2026-7646
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 145.0.7632.45 Description An issue exists in the File input functionality of Google Chrome that could allow a remote attacker to perform UI spoofing. This is possible if the attacker convinces a user to perform...
SUSE CVE-2025-11208
Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
Failed to process site: {}. Failed to resolve personal site owner.
Challenge Backup job of a personal site fails with: Failed to process site: 0. Failed to resolve personal site owner. For more details, see KB4756. Cause This error indicates that Veeam Backup for Microsoft 365 was unable to correlate a Personal Site to a specific user because the owner of the si...
BIT-ELK-2025-25015 Kibana arbitrary code execution via prototype pollution
Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted HTTP requests. In Kibana versions = 8.15.0 and 8.17.1, this is exploitable by users with the Viewer role. In Kibana versions 8.17.1 and 8.17.2 , this is only exploitable by users tha...
CVE-2024-50857
The ipdojob request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting XSS. It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific user permissions within the application to exploit successfully...
CKEditor 40.x < 43.1.1 XSS Vulnerability
CKEditor 5 is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
DEBIAN-CVE-2024-8906
Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
Zabbix Security Vulnerabilities
Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. A security vulnerability exists in Zabbix Server that stems from a received session cookie that can be used to access the front-end as a...
DEBIAN-CVE-2023-6509
Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. Chromium security severity: High...
Microsoft Edge (Chromium) < 118.0.2088.46 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 118.0.2088.46. It is, therefore, affected by multiple vulnerabilities as referenced in the October 13, 2023 advisory. - Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker...