49 matches found
PT-2026-46722
Inappropriate implementation in MHTML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
Linux Distros Unpatched Vulnerability : CVE-2026-9903
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Site Isolation in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer...
EulerOS Virtualization 2.13.0 : libarchive (EulerOS-SA-2025-2583)
According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdta...
JLSEC-2025-248 A vulnerability has been identified in the libarchive library
A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive WARC file that claims to have more than INT64MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow,...
EUVD-2002-1372
Malware in sbrugna...
EUVD-2025-17575
Malicious code in bioql PyPI...
EulerOS 2.0 SP13 : libarchive (EulerOS-SA-2025-2145)
According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially...
CVE-2025-58765 wabac.js has XSS vulnerability in 404 error handling logic
wabac.js provides a full web archive replay system, or 'wayback machine', using Service Workers. A Reflected Cross-Site Scripting XSS vulnerability exists in the 404 error handling logic of wabac.js v2.23.10 and below. The parameter requestURL derived from the original request target is directly...
Linux Distros Unpatched Vulnerability : CVE-2025-41242
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Framework MVC applications can be vulnerable to a Path Traversal Vulnerability when deployed on a non-compliant Servlet container. An application can be...
CVE-2025-41242
CVE-2025-41242 is a path traversal vulnerability in Spring Framework MVC when deployed on a non‑compliant Servlet container. An app is at risk if it is WAR‑deployed or uses an embedded container, the container does not reject suspicious URI sequences, and the app serves static resources via Sprin...
EulerOS 2.0 SP11 : libarchive (EulerOS-SA-2025-1958)
According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involve...
Linux Distros Unpatched Vulnerability : CVE-2025-5916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive WARC...
OESA-2025-1658 libarchive security update
is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...
OESA-2025-1657 libarchive security update
is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...
SUSE CVE-2025-5916
A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive WARC file that claims to have more than INT64MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow,...
CVE-2025-5916
A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive WARC file that claims to have more than INT64MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow,...
AZL-63863 CVE-2025-5916 affecting package libarchive for versions less than 3.6.1-7
A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive WARC file that claims to have more than INT64MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow,...
CVE-2025-5916
CVE-2025-5916 – libarchive integer overflow (WARC payloads) A vulnerability in libarchive triggers an integer overflow when processing a Web Archive (WARC) file that claims more than INT64_MAX − 4 content bytes. An attacker could craft such a WARC to cause memory corruption or a denial-of-service...
Falsification and eavesdropping of contents across multiple websites via Web Rehosting services
Overview Researchers at NTT Secure Platform Laboratories and Waseda University have identified multiple security issues that lead to content being tampered with and eavesdropped on a service called Web Rehosting. These issues have been published in NDSS 2020. "Web Rehosting" is the name of a grou...
Mozilla: paypal client_id And stripe api key indexed on web archive
The paypal clientid and stripe API key have been indexed on the web archive, exposing sensitive data...