surf is unmaintained

The surf crate is unmaintained, and all versions are affected. For alternatives, consider using reqwest or ureq. See this issue for more context...

RUSTSEC-2026-0169 surf is unmaintained

The surf crate is unmaintained, and all versions are affected. For alternatives, consider using reqwest or ureq. See this issue for more context...

Detecting Data Exfiltration through I2P Anonymity Networks: A Two-Phase Machine Learning Approach

The Invisible Internet Project I2P provides strong anonymity through garlic routing and distributed network architecture, making it attractive for legitimate privacy needs. Nevertheless, the same properties can be exploited by malicious actors to steal sensitive information from corporate network...

CVE-2025-45663

An issue in NetSurf v3.11 causes the application to read uninitialized heap memory when creating a domevent structure...

CVE-2025-29699

NetSurf 3.11 is vulnerable to Use After Free in domnodesettextcontent function...

EUVD-2001-0954

Malware in sbrugna...

EUVD-2009-4427

Malware in sbrugna...

EUVD-2023-31156

Malicious code in bioql PyPI...

EUVD-2023-32077

Malicious code in bioql PyPI...

EUVD-2023-38434

Malicious code in bioql PyPI...

EUVD-2023-39196

Malicious code in bioql PyPI...

EUVD-2023-39197

Malicious code in bioql PyPI...

EUVD-2023-38436

Malicious code in bioql PyPI...

CVE-2023-34354

A stored cross-site scripting XSS vulnerability exists in the uploadbrand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to execution of arbitrary javascript in another user's browser. An attacker can make an authenticated HTTP request to...

CVE-2023-34356

An OS command injection vulnerability exists in the data.cgi xferdns functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2023-28381

An OS command injection vulnerability exists in the admin.cgi MVPNtrialinit functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2023-27380

An OS command injection vulnerability exists in the admin.cgi USSDsend functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A specially crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2023-23542

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to access user-sensitive data...

adx (>=4.0.0 <=4.1.0), aicommits-rs (>=0.1.0 <=0.2.0) +301 more potentially affected by unknown CVE via surf (>=1.0.1 <=2.3.2)

surf CARGO version =1.0.1, =4.0.0, =0.1.0, =1.0.0, =0.3.0, =0.10.0, =0.3.0, =0.5.0, =0.1.0, =0.6.0, =0.3.0, =0.1.0, =0.0.1, =0.2.4 - async-bybit =0.0.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0036...

“HM Surf” macOS Flaw Lets Attackers Access Camera and Mic – Patch Now!

Researchers at Microsoft discovered a new macOS vulnerability, "HM Surf" CVE-2024-44133, which bypasses TCC protections, allowing unauthorized access…...