670 matches found
CVE-2026-24629
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ability, Inc Web Accessibility with Max Access accessibility-toolbar allows Stored XSS.This issue affects Web Accessibility with Max Access: from n/a through = 2.1.0...
CVE-2026-24629 WordPress Web Accessibility with Max Access plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ability, Inc Web Accessibility with Max Access accessibility-toolbar allows Stored XSS.This issue affects Web Accessibility with Max Access: from n/a through = 2.1.0...
PT-2026-4459
Name of the Vulnerable Software and Affected Versions Ability, Inc Web Accessibility with Max Access versions through 2.1.0 Description The software contains a flaw due to improper neutralization of input during web page generation, specifically a Stored Cross-site Scripting issue. This allows fo...
EUVD-2026-3058
Malicious code in sd-agent-toolbar-module-client npm...
MAL-2026-304 Malicious code in sd-agent-toolbar-module-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ac2576939df07755f988257b0f663de717ddc355bc9604a690d0abf25b74d19 The package sd-agent-toolbar-module-client was found to contain malicious code. Source: ghsa-malware...
Malicious code in sd-agent-toolbar-module-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ac2576939df07755f988257b0f663de717ddc355bc9604a690d0abf25b74d19 The package sd-agent-toolbar-module-client was found to contain malicious code. Source: ghsa-malware...
CVE-2009-4127
Unspecified vulnerability in Wikipedia Toolbar extension before 0.5.9.2 for Firefox allows user-assisted remote attackers to execute arbitrary JavaScript with Chrome privileges via vectors involving unspecified Toolbar buttons and the eval function. NOTE: the provenance of this information is...
CVE-2021-33592
NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arbitrary code via a crafted upgrade.xml file. Special characters in filename parameter can be the cause of bypassing code signing check function...
CVE-2024-34537
TYPO3 before 13.3.1 allows denial of service interface error in the Bookmark Toolbar ext:backend, exploitable by an administrator-level backend user account via manipulated data saved in the bookmark toolbar of the backend user interface. The fixed versions are 10.4.46 ELTS, 11.5.40 LTS, 12.4.21...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0471-1 Rating: important References: 1254776 Cross-References: CVE-2025-14372 CVE-2025-14373 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes two vulnerabilities is now available...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0470-1 Rating: important References: 1254776 Cross-References: CVE-2025-14372 CVE-2025-14373 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes two vulnerabilities is now available...
openSUSE 16 Security Update : chromium (openSUSE-SU-2025:20161-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20161-1 advisory. - Chromium 143.0.7499.109 boo1254776: CVE-2025-14372: Use after free in Password Manager CVE-2025-14373: Inappropriate implementation in Toolbar...
Fedora 42 : chromium (2025-a315866a59)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-a315866a59 advisory. Update to 143.0.7499.109 High: Under coordination Medium CVE-2025-14372: Use after free in Password Manager Medium CVE-2025-14373: Inappropriate...
Security update for chromium (important)
openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20161-1 Rating: important References: bsc1254776 Cross-References: CVE-2025-14372 CVE-2025-14373 Affected Products: openSUSE Leap 16.0...
CVE-2025-14373
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-14373
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-14373
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-14373
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-14373
CVE-2025-14373 affects Chromium/Chrome components (Android Toolbar) with an inappropriate implementation that permits domain spoofing via a crafted HTML page. Affected: Google Chrome on Android before version 143.0.7499.110; Chromium builds in Fedora/Debian updates reference Chromium 143.0.7499.1...
EUVD-2025-203117
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...