#vulnerability

Ubuntu Security Notice 7056-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Masato Kinugawa discovered that Firefox did not properly validate javascript under the "resource://pdf.js" origin. An attacker could potentially exploit this issue to execute arbitrary javascript code and access cross-origin PDF content.

ManageEngine ADManager Plus builds prior to 7210 suffers from a privilege escalation vulnerability.

Book Recording App, as submitted on 2024-09-24, suffers from a persistent cross site scripting vulnerability.

OpenMediaVault version 7.4.2-2 suffers from a PHP code injection vulnerability.

Netis MW5360 suffers from a PHP code injection vulnerability.

Hikvision IP Cameras suffer from a cross site request forgery vulnerability.

Apple has fixed a security issue in iOS (and iPadOS) that could have leaked a user's passwords through the VoiceOver feature.

GeoServer version 2.25.1 suffers from a PHP code injection vulnerability.

Gambio Online Webshop version 4.9.2.0 suffers from a PHP code injection vulnerability.

China’s Salt Typhoon hacked AT&T, Verizon, and Lumen, compromising wiretap systems used in criminal investigations. The breach, linked…