CVE-2026-11026

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

Astra Linux - уязвимость в firefox

Through a series of DOM manipulations, a message could be overlayed on top of another domain, where the attacker had control over the text but not over the HTML or formatting. This new domain would be displayed correctly in the address bar, potentially causing confusion among users. This...

CVE-2026-0802

An ACAP configuration file lacked sufficient input validation, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

CVE-2026-0541

ACAP applications can gain elevated privileges due to improper input validation during the installation process, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if a...

AXIS OS 安全漏洞

AXIS OS is an operating system for edge devices developed by Axis, a Swedish company. There is a security vulnerability in AXIS OS, which stems from improper input validation during the installation process. This vulnerability may lead to privilege escalation. This vulnerability can only be...

EUVD-2026-28019

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

PT-2026-20948

User Interface UI Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning. The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users. This issue affects Director...

CVE-2022-42544

In getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-0751

Inaccurate display of Snippet files containing special characters in all versions of GitLab CE/EE allows an attacker to create Snippets with misleading content which could trick unsuspecting users into executing arbitrary commands...

WordPress plugin Auto Alt Text 跨站请求伪造漏洞

WordPress Auto Alt Text plugin is a tool that uses artificial intelligence technology to automatically generate alternative text AltText for website images. The WordPress Auto Alt Text plugin suffers from a cross-site request forgery vulnerability, which arises from a web application that does no...

CVE-2025-8108

An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the...

EUVD-2025-37353

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

CVE-2025-0277

HCL BigFix Mobile 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy CSP. An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content...

HCL BigFix Mobile 安全漏洞

HCL BigFix Mobile is a Mobile Device Management MDM solution offered by HCL India. It is designed to help businesses and organizations effectively manage and secure mobile devices, including smartphones, tablets and other mobile devices. A security vulnerability exists in HCL BigFix Mobile 3.3 an...

CVE-2025-11720

The Firefox and Firefox Focus UI for the Android custom tab feature only showed the "site" that was loaded, not the full hostname. User supplied content hosted on a subdomain of a site could have been used to fool a user into thinking it was content from a different subdomain of that site. This...

EUVD-2018-16903

Malware in sbrugna...

EUVD-2006-0772

Malware in sbrugna...

EUVD-1999-1421

Malware in sbrugna...

EUVD-2018-4373

Malware in sbrugna...

EUVD-2019-1092

Malware in sbrugna...