111 matches found
EUVD-2020-12886
Malware in sbrugna...
EUVD-2020-12885
Malware in sbrugna...
EUVD-2020-12883
Malware in sbrugna...
EUVD-2020-12884
Malware in sbrugna...
EUVD-2007-3804
Malware in sbrugna...
EUVD-2010-3753
Malware in sbrugna...
EUVD-2022-32797
Malicious code in bioql PyPI...
Unspecified Vulnerability in Mozilla Firefox for Android (CNVD-2025-19561)
Mozilla Firefox for Android is a web browser designed for Android devices by the US-based Mozilla Foundation. A security vulnerability exists in Mozilla Firefox for Android prior to version 141, which stems from a blob:URI that may hide the true origin of a page and can be exploited by an attacke...
CVE-2022-28345
The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing t...
CVE-2020-20095
iMessage Messages app iOS 12.4 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...
CVE-2020-20094
Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...
CVE-2020-20093
The Facebook Messenger app for iOS 227.0 and prior and Android 228.1.0.10.116 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...
CVE-2020-20096
Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...
SUSE CVE-2020-6827
When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. Note: This issue only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox ESR...
CVE-2022-28345
The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing t...
CVE-2022-28345
The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing t...
Crlf injection
The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing t...
CVE-2022-28345
The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing t...
CVE-2022-28345
The CVE-2022-28345 issue affects the Signal iOS app prior to version 5.34, where RTLO-injected, RTLO-encoded URLs beginning with an unbroken space (in the presence of a hash segment) can be rendered to resemble legitimate sites. An unauthenticated remote attacker could exploit this to spoof links...
A week in security (March 28 – April 3)
Last week on Malwarebytes Labs: New UAC-0056 activity: There’s a Go Elephant in the room Globant suffers network breach due to LAPSUS$ compromise Update now! Apple patches two zero-day vulnerabilities that may have been actively exploited Hive ransomware impacts California non-profit health...