204 matches found
Astra Linux – Vulnerability in Firefox
When sharing geolocation during an active WebRTC share, Firefox may reset the WebRTC sharing state in the user interface, resulting in a loss of control over the currently granted permissions. This vulnerability affects Firefox versions earlier than 85...
CVE-2026-20601
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.3. An app may be able to monitor keystrokes without user permission...
CVE-2026-20601
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.3. An app may be able to monitor keystrokes without user permission...
GHSA-R2JV-FWFR-4J8C askbot inexhaustive permissions check allows any user to modify a different user's profile picture
All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users. This issue affects askbot: 0.12.2...
PT-2025-48657
Mattermost versions 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to validate the user permission when accessing the files and subscribing to the block in Boards, which allows an authenticated user to access other board files and was able to subscribe to the block from other boards that the user does...
PT-2025-44904
The issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2. An app may be able to monitor keystrokes without user permission...
EUVD-2017-0955
Malware in sbrugna...
EUVD-2019-3290
Malware in sbrugna...
EUVD-2019-3292
Malware in sbrugna...
EUVD-2021-21756
Malware in sbrugna...
EUVD-2021-20041
Malware in sbrugna...
EUVD-2022-31150
Malicious code in bioql PyPI...
EUVD-2022-28794
Malicious code in bioql PyPI...
EUVD-2023-1377
Malicious code in bioql PyPI...
EUVD-2023-46271
Malicious code in bioql PyPI...
EUVD-2025-29303
Malicious code in bioql PyPI...
EUVD-2024-49912
Malicious code in bioql PyPI...
Access code - Moderately critical - Access bypass - SA-CONTRIB-2025-108
This module enables users to sign in with an access code instead of entering user names and passwords. When users are allowed to pick their own access codes, they can guess other users' access codes based on the fact that access codes need to be unique and the system warns if the code of their...
CVE-2025-43362
The issue was addressed with improved checks. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An app may be able to monitor keystrokes without user permission...
CVE-2025-5963
The Postbox's configuration on macOS, specifically the presence of entitlements: "com.apple.security.cs.allow-dyld-environment-variables" and "com.apple.security.cs.disable-library-validation" allows for Dynamic Library Dylib injection. A local attacker with unprivileged access can use environmen...