Astra Linux - уязвимость в webkit2gtk

This issue was resolved by removing the origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4, and iPadOS 16.4; iOS 15.7.4 and iPadOS 15.7.4; tvOS 16.4; and watchOS 9.4. A website may be able to track sensitive user information...

webkitgtk: A website may be able to track users through Safari web extensions

A flaw was found in WebKitGTK. A malicious website can track users through web extensions due to improper state management...

BIT-JRE-2026-20676

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

BIT-JAVA-2026-20676

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

PT-2026-38062

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

PT-2026-37855

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

RockyLinux 8 : webkit2gtk3 (RLSA-2026:10702)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:10702 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted we...

SUSE-SU-2026:1150-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.0: - CVE-2023-43010: processing maliciously crafted web content may lead to memory corruption bsc1259950. - CVE-2025-31223: processing maliciously crafted web content may lead to memory corruption bsc1259949. -...

UBUNTU-CVE-2026-20676

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

PT-2026-7799

Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 26.3 Apple iOS versions prior to 26.3 Apple iPadOS versions prior to 26.3 Apple macOS Tahoe versions prior to 26.3 Apple visionOS versions prior to 26.3 Description A website may be able to track users through...

Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking

Flaws in how 17 models of headphones and speakers use Google’s one-tap Fast Pair Bluetooth protocol have left devices open to eavesdroppers and stalkers...

EUVD-2025-197856

reebox v5 HD firmware = 1.7.20, Freebox v5 Crystal firmware = 1.7.20, Freebox v6 Révolution r1–r3 firmware = 4.7.x, Freebox Mini 4K firmware = 4.7.x, and Freebox One firmware = 4.7.x were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM...

CVE-2025-63292

Freebox v5 HD firmware = 1.7.20, Freebox v5 Crystal firmware = 1.7.20, Freebox v6 Révolution r1–r3 firmware = 4.7.x, Freebox Mini 4K firmware = 4.7.x, and Freebox One firmware = 4.7.x were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM...

CVE-2025-63292

CVE-2025-63292 affects Freebox v5 HD (firmware 1.7.20), Freebox v5 Crystal (1.7.20), Freebox v6 Révolution r1–r3 (4.7.x), Freebox Mini 4K (4.7.x), and Freebox One (4.7.x). The root issue is that during the initial phase of EAP-SIM over the FreeWifi_secure network, the subscriber’s full NAI (embed...

EUVD-2016-2867

Malware in sbrugna...

EUVD-2015-3790

Malware in sbrugna...

EUVD-2025-12125

Malicious code in bioql PyPI...

CVE-2025-50738

Summary: CVE-2025-50738 affects the Memos application (up to v0.24.3), where embedding markdown images with arbitrary URLs can trigger automatic image fetches when a memo is viewed, enabling potential information disclosure (IP address, User-Agent, and other request data) to an attacker-controlle...

SinoTrack GPS Receiver

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access device profiles for which they are not authorized through the common web management interface. Access to the device profile may allow an attacker to perform some remote functions on connected...

CVE-2020-35693

On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy BLE device to pair silently with a vulnerable target device, without any user interaction, when the target device's Bluetooth is on, and it is running an app that offer...