Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android. These vulnerabilities stem from the misleading or insufficient UI provided by the getCallingAppLabel function in CertInstaller.java, which may lead to t...

Fedora 44 : chromium (2026-6e868c481c)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6e868c481c advisory. Update to 146.0.7680.71 CVE-2026-3913: Heap buffer overflow in WebML CVE-2026-3914: Integer overflow in WebML CVE-2026-3915: Heap buffer overflow in...

EUVD-2021-10080

Malware in sbrugna...

RLSA-2025:7435 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...

RHEL 10 : thunderbird (RHSA-2025:7507)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7507 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachme...

CVE-2024-55075

Grocy through 4.3.0 allows remote attackers to obtain sensitive information via direct requests to pages that are not shown in the UI, such as calendar and recipes...

AlmaLinux 9 : thunderbird (ALSA-2025:7435)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:7435 advisory. thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-28...

CVE-2024-52901

CVE-2024-52901 affects IBM InfoSphere Information Server 11.7. The root cause is improper input validation that can cause the GUI to fail to load or stop working for an authenticated user. Affected product: InfoSphere Information Server (11.7). Impact: authenticated user GUI disruption (availabil...

About the security content of iOS18.2 and iPadOS18.2

About the security content of iOS18.2 and iPadOS18.2 This document describes the security content of iOS 18.2 and iPadOS 18.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2024:1293-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1293-1 advisory. webkit2gtk3 was updated to fix the following issues: Update to version 2.44.0 boo1222010: - CVE-2024-23252:...

OPENSUSE-SU-2022:10121-1 Security update for opera

This update for opera fixes the following issues: Update to 90.0.4480.84 - DNA-101690 Cherry-pick fix for CVE-2022-3075 from chromium Update to 90.0.4480.80 - DNA-99188 Tab Tooltip doesn't disappear - DNA-100664 Shopping corner widget - DNA-100843 Options to install and update VPN Pro app, when...

OPENSUSE-SU-2021:1339-1 Security update for chromium

This update for chromium fixes the following issues: Chromium 94.0.4606.54 boo1190765: CVE-2021-37956: Use after free in Offline use CVE-2021-37957: Use after free in WebGPU CVE-2021-37958: Inappropriate implementation in Navigation CVE-2021-37959: Use after free in Task Manager CVE-2021-37960:...

CVE-2021-22953

A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to clone topics which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: "Solar Security Research Team"...

Concrete CMS 跨站请求伪造漏洞

PortlandLabs Concrete Cms is a team-oriented open source content management system from PortlandLabs, Inc. in the United States. Concrete CMS suffers from a cross-site request forgery vulnerability that allows an attacker to exploit the vulnerability to clone themes, which could lead to an...

OPENSUSE-SU-2021:0413-1 Security update for opera

This update for opera fixes the following issues: - Update to version 74.0.3911.203 - CHR-8324 Update chromium on desktop-stable-88-3911 to 88.0.4324.182boo1182358 - DNA-90762 Replace “Don’t show again” with “Discard” - DNA-90974 Crash at...

OPENSUSE-SU-2020:1937-1 Security update for chromium

This update for chromium fixes the following issues: - Update to 86.0.4240.183 boo1178375 - CVE-2020-16004: Use after free in user interface. - CVE-2020-16005: Insufficient policy enforcement in ANGLE. - CVE-2020-16006: Inappropriate implementation in V8 - CVE-2020-16007: Insufficient data...

OPENSUSE-SU-2020:1831-1 Security update for chromium

This update for chromium fixes the following issues: - Update to 86.0.4240.183 boo1178375 - CVE-2020-16004: Use after free in user interface. - CVE-2020-16005: Insufficient policy enforcement in ANGLE. - CVE-2020-16006: Inappropriate implementation in V8 - CVE-2020-16007: Insufficient data...

OPENSUSE-SU-2020:1306-1 Security update for chromium

This update for chromium fixes the following issues: Chromium was updated to version 85.0.4183.83 boo1175757 fixing: - CVE-2020-6558: Insufficient policy enforcement in iOS - CVE-2020-6559: Use after free in presentation API - CVE-2020-6560: Insufficient policy enforcement in autofill -...

OPENSUSE-SU-2020:0635-1 Security update for opera

This update for opera fixes the following issues: Opera was updated to version 68.0.3618.63 - CHR-7889 Update chromium on desktop-stable-81-3618 to 81.0.4044.122 - CHR-7896 Update chromium on desktop-stable-81-3618 to 81.0.4044.129 - DNA-85287 Set standard spacing for Yandex prompt - DNA-85416 Ma...

CVE-2014-2453

CVE-2014-2453 concerns an unspecified vulnerability in the Hyperion Common Admin component of Oracle Hyperion 11.1.2.2 and 11.1.2.3 that could allow remote attackers to affect integrity via unknown vectors related to the User Interface. The available connected sources confirm the affected product...