Lucene search
K

7417 matches found

RedHat Linux
RedHat Linux
added 2026/05/19 6:28 p.m.17 views

python: Python: Command-line option injection in webbrowser.open() via crafted URLs

A flaw was found in Python. The webbrowser.open API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options,...

7.1CVSS7AI score0.00308EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/05/19 6:24 p.m.11 views

python: Python: Command-line option injection in webbrowser.open() via crafted URLs

A flaw was found in Python. The webbrowser.open API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options,...

7.1CVSS7AI score0.00308EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/19 12:30 p.m.16 views

CVE-2026-8964 Spoofing issue in the Popup Blocker component

Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

5.8AI score0.00302EPSS
Exploits0References3
OSV
OSV
added 2026/05/19 12:0 a.m.16 views

OPENSUSE-SU-2026:10813-1 firefox-esr-140.11.0-1.1 on GA media

These are all security issues fixed in the firefox-esr-140.11.0-1.1 package on the GA media of openSUSE Tumbleweed...

9.8CVSS5.8AI score0.00605EPSS
Exploits0References20
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.179 contained a security vulnerability, which was caused by improper UI implementation. This vulnerability could allow remote attackers to exploit the UI through specially crafted HTML pages...

4.2CVSS5.8AI score0.00337EPSS
Exploits0References3
OSV
OSV
added 2026/05/19 12:0 a.m.13 views

ALSA-2026:19370 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect...

9.6CVSS6AI score0.00375EPSS
Exploits0References10
OSV
OSV
added 2026/05/18 9:29 a.m.18 views

CLSA-2026-1779096552 Fix CVE(s): CVE-2025-13836, CVE-2026-4519

SECURITY UPDATE: memory denial of service via attacker-controlled Content-Length in http.client - debian/patches/CVE-2025-13836.patch: rewrite Lib/http/client.py saferead to read large responses in geometrically-growing chunks bounded by MINREADBUFSIZE 1 MiB, preventing OOM when a malicious serve...

7.5CVSS5.8AI score0.01525EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.30 views

Alibaba Cloud Linux 3 : 0113: python3 (ALINUX3-SA-2026:0113)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0113 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-4786: Mitgation ofCVE-2026-4519 w...

9.1CVSS7AI score0.00579EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.15 views

Alibaba Cloud Linux 3 : 0112: python3.11 (ALINUX3-SA-2026:0112)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0112 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-4786: Mitgation ofCVE-2026-4519 w...

9.1CVSS7AI score0.00579EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/15 5:38 a.m.14 views

EUVD-2026-30504

Cross-site scripting vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a file containing malicious contents is uploaded, an arbitrary script may be executed on a user's web browser when viewing the administration page showing the informati...

5.4CVSS5.8AI score0.00134EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 12:2 p.m.11 views

CVE-2026-42948

Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser...

4.8CVSS5.7AI score0.00161EPSS
Exploits0References3Affected Software4
RedHat Linux
RedHat Linux
added 2026/05/13 2:8 a.m.32 views

python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...

7.1CVSS7AI score0.00308EPSS
Exploits0References7
NVD
NVD
added 2026/05/12 10:16 a.m.30 views

CVE-2026-27662

Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...

7.7CVSS0.00113EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 8:21 a.m.9 views

CVE-2026-27662

Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...

7.7CVSS5.8AI score0.00113EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 8:21 a.m.16 views

CVE-2026-27662

Technical details are not publicly available in the provided documents. Monitor for updates on affected products, vulnerable components, and remediation.

7.7CVSS5.8AI score0.00113EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 8:21 a.m.8 views

CVE-2026-27662

Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...

7.7CVSS5.8AI score0.00113EPSS
Exploits0References2
Fedora
Fedora
added 2026/05/12 12:49 a.m.15 views

[SECURITY] Fedora 44 Update: firefox-150.0.1-1.fc44

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.12 views

PT-2026-39987

Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...

7.7CVSS5.8AI score0.00113EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by a heap buffer overflow in the WebML component. This vulnerability could allow remote attackers to exploit the compromised heap through...

8.8CVSS6AI score0.00259EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Siemens SIMATIC HMI Comfort Panels 安全漏洞

Siemens SIMATIC HMI Comfort Panels are touchscreen devices produced by the German company Siemens. There are security vulnerabilities in Siemens SIMATIC HMI Comfort Panels. These vulnerabilities stem from improper restrictions on access to web browsers through the control panel. This allows...

7.7CVSS7.3AI score0.00113EPSS
Exploits0References1
Rows per page
Query Builder