121 matches found
EUVD-2017-14526
Malware in sbrugna...
EUVD-2020-22807
Malware in sbrugna...
EUVD-2024-3576
Malicious code in bioql PyPI...
EUVD-2021-31878
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-45087
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...
CVE-1999-0174
The view-source CGI program allows remote attackers to read arbitrary files via a .. dot dot attack...
Improper Input Validation
Overview spatie/browsershot is a library for converting a webpage to an image or pdf using headless Chrome. Affected versions of this package are vulnerable to Improper Input Validation due to improper URL validation in the setUrl method. An attacker can exploit this vulnerability by utilizing...
SUSE CVE-2005-0144
Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks...
SUSE CVE-2009-1307
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to 1 bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; 2 read, create, or modify...
SUSE CVE-2011-3907
The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL bar via unspecified vectors...
SUSE CVE-2015-7214
Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs...
SUSE CVE-2017-5422
If a malicious site uses the "view-source:" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making "view-source:" linkable. This vulnerability affects Firefox 52 and Thunderbird 52...
SUSE CVE-2018-5134
WebExtensions may use "view-source:" URLs to view local "file:" URL content, as well as content stored in "about:cache", bypassing restrictions that only allow WebExtensions to view specific content. This vulnerability affects Firefox 59...
SUSE CVE-2020-35111
When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have inadvertently leaked their IP address. This vulnerability affects Firefox...
SUSE CVE-2021-45087
XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...
CVE-2022-34047
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows attackers to obtain usernames and passwords via view-source:http://IPADDRESS/setsafety.shtml?r=52300 and searching for var syspasswd...
CVE-2022-34046
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IPADDRESS/sysinit.shtml?r=52300 and searching for logincheckuser;...
Design/Logic Flaw
An access control issue in Wavlink WN533A8 M33A8.V5030.190716 allows attackers to obtain usernames and passwords via view-source:http://IPADDRESS/sysinit.shtml?r=52300 and searching for logincheckuser;...
CVE-2021-45087
XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title...
OESA-2022-1627 epiphany security update
Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the Web content, instead of the browser application. Security Fixes: XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x...