90 matches found
CVE-2021-44683
The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the JavaScript window.open function used to open a secondary browser window. This could be exploited by tricking users into supplying sensitive information such as credentials, because the address bar would...
Design/Logic Flaw
The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the JavaScript window.open function used to open a secondary browser window. This could be exploited by tricking users into supplying sensitive information such as credentials, because the address bar would...
CVE-2021-44683
The DuckDuckGo browser 7.64.4 on iOS allows Address Bar Spoofing due to mishandling of the JavaScript window.open function used to open a secondary browser window. This could be exploited by tricking users into supplying sensitive information such as credentials, because the address bar would...
CVE-2021-44683
The CVE-2021-44683 entry concerns the DuckDuckGo browser on iOS (version 7.64.4). The issue is a spoofing vulnerability caused by mishandling of the JavaScript window.open function, which can allow an attacker to show a legitimate-looking URL in the address bar while serving content from the atta...
DuckDuckGo application 安全漏洞
Duckduckgo DuckDuckGo application is a privacy web browser application for mobile by DuckDuckGo Duckduckgo, Inc. A security vulnerability exists in DuckDuckGo browser 7.64.4 on iOS, which stems from incorrect handling of the JavaScript window.open function used to open a secondary browser window...
Google and Microsoft accused of feeding smaller search engines spam ads
Google and Microsoft appear to have been flooding their smaller search engine rivals with spam ads, to limit the number of higher-value ads that appear on them, according to data viewed by POLITICO. Ads are considered "spam" if they appear in search results but have little to no relevance to the...
People Are Increasingly Choosing Private Web Search
DuckDuckGo has had a banner year: And yet, DuckDuckGo. The privacy-oriented search engine netted more than 35 billion search queries in 2021, a 46.4% jump over 2020 23.6 billion. Thats big. Even so, the company, which bills itself as the "Internet privacy company," offering a search engine and...
DuckDuckGo developing a robust privacy-focused desktop browser
By Waqas According to DuckDuckGo, the desktop browser will work on both Mac and Windows devices. This is a post from HackRead.com Read the original post: DuckDuckGo developing a robust privacy-focused desktop browser...
DuckDuckGo 7.64.4 Address Bar Spoofing Vulnerability
Vulnerability: Address Bar Spoofing Vulnerability Product: DuckDuckGo Discovered by: Rafay Baloch and Muhammad Samak Version: 7.64.4 Impact: Moderate Company: Cyber Citadel Website: https://www.cybercitadel.com Description DuckDuckGo browser for iOS was prone to an "Address Bar Spoofing"...
DuckDuckGo 7.64.4 Address Bar Spoofing
Vulnerability: Address Bar Spoofing Vulnerability Product: DuckDuckGo Discovered by: Rafay Baloch and Muhammad Samak Version: 7.64.4 Impact: Moderate Company: Cyber Citadel Website: https://www.cybercitadel.com Description DuckDuckGo browser for iOS was prone to an "Address Bar Spoofing"...
DuckDuckGo Wants to Stop Apps From Tracking You on Android
The privacy-focused tech company's latest update promises to block invasive data collection across your whole phone...
DuckDuckGo’s Quest to Prove Online Privacy Is Possible
The company best known for its search engine is launching a new set of tools aimed at creating an “easy button” for protecting your data online...
Google Reveals What Personal Data Chrome and Its Apps Collect On You
Privacy-focused search engine DuckDuckGo called out rival Google for "spying" on users after the search giant updated its flagship app to spell out the exact kinds of information it collects for personalization and marketing purposes. "After months of stalling, Google finally revealed how much...
Google Reveals What Personal Data Chrome and Its Apps Collect On You
Privacy-focused search engine DuckDuckGo called out rival Google for "spying" on users after the search giant updated its flagship app to spell out the exact kinds of information it collects for personalization and marketing purposes. "After months of stalling, Google finally revealed how much...
DuckDuckGo: Reflected/Stored XSS on duckduckgo.com
Hi DuckDuckGo, While browsing normally since I use DuckDuckGo on a daily basis, I discovered an interesting stored XSS on the duckduckgo main search engine. A payload that somebody had left on urbandictionary.com had triggered a HTML injection, and a stored XSS as a result. Steps to Reproduce 1...
Why Data Privacy Day matters: A Lock and Code special with Mozilla, DuckDuckGo, and EFF
You can read our full-length blog here about the importance of Data Privacy Day and data privacy in general Today is a special day, not just because January 28 marks Data Privacy Day in the United States and in several countries across the world, but because it also marks the return of our hit...
DuckDuckGo: com.duckduckgo.mobile.android - Cache corruption
Summary: By opening a special url, the app cache can be corrupted which can't be resolved by the user without reinstalling the app. Steps To Reproduce: 1. Download and install the DuckDuckGo App 2. Open https://%22t.dev/ 3. Try to reopen the app The app keeps crashing Additional information -...
DuckDuckGo: DOM XSS on duckduckgo.com search
Hey there, there is a DOM XXS vulnerability on the https://duckduckgo.com/ search result page through the kp and kae parameters of the Cloud Save feature. POC URL:...
DuckDuckGo collecting user browsing data without consent (Updated)
By Sudais Asif An ethical hacker on Twitter revealed how DuckDuckGo intentionally... This is a post from HackRead.com Read the original post: DuckDuckGo collecting user browsing data without consent Updated...
DuckDuckGo Application Information Disclosure Vulnerability
DuckDuckGo application is a privacy web browser application for mobile by DuckDuckGo Inc. in the United States. A security vulnerability exists in DuckDuckGo application version 5.58.0 and earlier Android and version 7.47.1.0 and earlier iOS. The vulnerability stems from a configuration or other...