CVE-2024-38272

There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows. Normally in Quick Share Windows app we can't send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode. We...

CVE-2024-38272 Auth Bypass in Quick Share

There exists a vulnerability in Quick Share/Nearby, where an attacker can bypass the accept file dialog on Quick Share Windows. Normally in Quick Share Windows app we can't send a file without the user accept from the receiving device if the visibility is set to everyone mode or contacts mode. We...

Google Nearby Security Breach

Google Nearby is a series of connectivity-focused projects from the American company Google, Inc. for building cross-device experiences. A security vulnerability previously existed in Google Nearby version 1.0.1724.0, which stemmed from the ability to bypass QuickShare's Accept Files dialog...

Malicious code in dialog-holder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7bce8075d6c7b197200b3f0fc05f5aa1b20b23ace29604b477a33c5a8295cce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-2092 Malicious code in dialog-holder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7bce8075d6c7b197200b3f0fc05f5aa1b20b23ace29604b477a33c5a8295cce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-5899

When Bazel Plugin in intellij imports a project either using "import project" or "Auto import" the dialog for trusting the project is not displayed. This comes from the fact that both call the method ProjectBuilder.createProject which then calls ProjectManager.getInstance.createProject. This...

PT-2024-37234

Name of the Vulnerable Software and Affected Versions: Bazel Plugin versions prior to 2024.06.04.0.2 Description: The issue arises when the Bazel Plugin in IntelliJ imports a project, either using "import project" or "Auto import", and the dialog for trusting the project is not displayed. This...

intellij Security Vulnerabilities

intellij is a plugin for the Bazel project. A security vulnerability exists in versions prior to intellij 2024.06.04.0.2, which stems from a dialog box for trusting the project not being displayed...

CVE-2024-27844

The issue was addressed with improved checks. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, Safari 17.5. A website's permission dialog may persist after navigation away from the site...

CVE-2024-27844

The issue was addressed with improved checks. This issue is fixed in Safari 17.5, macOS Sonoma 14.5, visionOS 1.2. A website's permission dialog may persist after navigation away from the site...

CVE-2024-27844

The issue was addressed with improved checks. This issue is fixed in Safari 17.5, macOS Sonoma 14.5, visionOS 1.2. A website's permission dialog may persist after navigation away from the site...

CVE-2024-27844

CVE-2024-27844 affects Safari (and related WebKit components) on Apple platforms. The issue manifests as a website permission dialog that may persist after navigating away from the site. Technical detail in connected docs confirms the vulnerability is addressed by patches in visionOS 1.2, macOS S...

CVE-2024-27844

The issue was addressed with improved checks. This issue is fixed in Safari 17.5, macOS Sonoma 14.5, visionOS 1.2. A website's permission dialog may persist after navigation away from the site...

Apple Safari security vulnerability

Apple Safari is a web browser from Apple Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. A security vulnerability exists in Apple Safari version 17.5, which originates in a website's permission dialog box that may persist after leaving the website...

SUSE-SU-2024:1858-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update to version 115.11 bsc1224056: - CVE-2024-4367: Arbitrary JavaScript execution in PDF.js - CVE-2024-4767: IndexedDB files retained in private browsing mode - CVE-2024-4768: Potential permissions request bypass via clickjacking -...

SUSE CVE-2024-4776

A file dialog shown while in full-screen mode could have resulted in the window remaining disabled. This vulnerability affects Firefox 126...

Mozilla Firefox Security Bypass Vulnerability (CNVD-2024-23348)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security bypass vulnerability exists in Mozilla Firefox, which can be exploited by attackers to bypass security restrictions due to a window being disabled even after the file dialog box is displayed...

CVE-2024-4776

A file dialog shown while in full-screen mode could have resulted in the window remaining disabled. This vulnerability affects Firefox 126...

CVE-2024-4776

A file dialog shown while in full-screen mode could have resulted in the window remaining disabled. This vulnerability affects Firefox 126...

UBUNTU-CVE-2024-4776

A file dialog shown while in full-screen mode could have resulted in the window remaining disabled. This vulnerability affects Firefox 126...