7414 matches found
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.179 contained a security vulnerability, which was caused by improper UI implementation. This vulnerability could allow remote attackers to exploit the UI through specially crafted HTML pages...
ALSA-2026:19370 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1 CVE-2026-7323 firefox: thunderbird: Information disclosure due to incorrect...
OPENSUSE-SU-2026:10813-1 firefox-esr-140.11.0-1.1 on GA media
These are all security issues fixed in the firefox-esr-140.11.0-1.1 package on the GA media of openSUSE Tumbleweed...
CLSA-2026-1779096552 Fix CVE(s): CVE-2025-13836, CVE-2026-4519
SECURITY UPDATE: memory denial of service via attacker-controlled Content-Length in http.client - debian/patches/CVE-2025-13836.patch: rewrite Lib/http/client.py saferead to read large responses in geometrically-growing chunks bounded by MINREADBUFSIZE 1 MiB, preventing OOM when a malicious serve...
Alibaba Cloud Linux 3 : 0112: python3.11 (ALINUX3-SA-2026:0112)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0112 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-4786: Mitgation ofCVE-2026-4519 w...
Alibaba Cloud Linux 3 : 0113: python3 (ALINUX3-SA-2026:0113)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0113 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-4786: Mitgation ofCVE-2026-4519 w...
EUVD-2026-30504
Cross-site scripting vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a file containing malicious contents is uploaded, an arbitrary script may be executed on a user's web browser when viewing the administration page showing the informati...
CVE-2026-42948
Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser...
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
A flaw was found in the Python webbrowser.open API. If a specially crafted URL containing "%action" is processed, an attacker could bypass a previous mitigation for CVE-2026-4519. This bypass allows for command injection into the underlying shell, potentially leading to arbitrary code execution...
CVE-2026-27662
Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...
CVE-2026-27662
Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...
CVE-2026-27662
Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...
CVE-2026-27662
Technical details are not publicly available in the provided documents. Monitor for updates on affected products, vulnerable components, and remediation.
[SECURITY] Fedora 44 Update: firefox-150.0.1-1.fc44
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by a heap buffer overflow in the WebML component. This vulnerability could allow remote attackers to exploit the compromised heap through...
Siemens SIMATIC HMI Comfort Panels 安全漏洞
Siemens SIMATIC HMI Comfort Panels are touchscreen devices produced by the German company Siemens. There are security vulnerabilities in Siemens SIMATIC HMI Comfort Panels. These vulnerabilities stem from improper restrictions on access to web browsers through the control panel. This allows...
PT-2026-39987
Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performin...
Siemens SIMATIC
SUMMARY SIMATIC HMI Unified Comfort Panels before V21.0 are affected by a vulnerability that allows an unauthenticated attacker to access the web browser via the help link. This vulnerability allows an attacker to access the web browser through the Control Panel if it is not protected by the...
Microsoft Edge 注入漏洞
Microsoft Edge is a web browser included with Windows 10 and later versions from Microsoft. There is an injection vulnerability in Microsoft Edge. Attackers can exploit this vulnerability to gain higher privileges...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python3 (SUSE-SU-2026:1715-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1715-1 advisory. - CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined...