EUVD-2025-29582

Malicious code in bioql PyPI...

net/mlx5: Fix lockdep assertion on sync reset unload event

...

DEBIAN-CVE-2025-39832

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fwactivate option, the PF already holds the...

CVE-2025-39832 net/mlx5: Fix lockdep assertion on sync reset unload event

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix lockdep assertion on sync reset unload event Fix lockdep assertion triggered during sync reset unload event. When the sync reset flow is initiated using the devlink reload fwactivate option, the PF already holds the...

Linux Distros Unpatched Vulnerability : CVE-2019-11743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Navigation events were not fully adhering to the W3C's Navigation-Timing Level 2 draft specification in some instances for the unload event, which restricts...

SUSE CVE-2019-11743

Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history throu...

Mozilla: Cross-origin access to unload event attributes

Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history throu...

Mozilla: Cross-origin access to unload event attributes

Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history throu...

Mozilla: Cross-origin access to unload event attributes

Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history throu...

Mozilla: Cross-origin access to unload event attributes

Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history throu...

Mozilla: Cross-origin access to unload event attributes

Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history throu...

UBUNTU-CVE-2019-11743

Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history throu...

Chrome Universal XSS by circumventing the unload event ( CVE-2016-1623)

VULNERABILITY DETAILS From /thirdparty/WebKit/Source/core/dom/Document.cpp: void Document::dispatchUnloadEvents PluginScriptForbiddenScope forbidPluginDestructorScripting; RefPtrWillBeRawPtrprotectthis; if mparser mparser-stopParsing; if mloadEventProgress == LoadEventNotRun return; if...

Apple WebKit: UXSS via Frame::setDocument (CVE-2017-2365)

Here's a snippet of Frame::setDocument. void Frame::setDocumentRefPtr&& newDocument ASSERT!newDocument || newDocument-frame == this; if mdoc && mdoc-pageCacheState != Document::InPageCache mdoc-prepareForDestruction; mdoc = newDocument.copyRef; ... Before setting |mdoc| to |newDocument|, it calls...

Google Fixes More Than 30 Flaws in Chrome

Google has fixed more than 30 security vulnerabilities in its Chrome browser with a new version the company released on Friday. The company also paid out more than $14,000 in rewards to the various researchers who reported bugs that were fixed with Chrome 14.0.835.163. The new version of Chrome...

onunload.txt

in nearly all browsers you can overwrite the window location in the "onunload" event. that means you can "keep" the user on a site. when you type a new url in the address-bar, javascript overwrites it. thats a paradies for fishers, porn-site-hoster etc...... here the html/javascript code:...