UBUNTU-CVE-2025-3839

A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be misused to exploit vulnerabilities within those handlers, making them appear remotely exploitable. The browser fails to properly warn or gate this...

CVE-2025-3839

A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be misused to exploit vulnerabilities within those handlers, making them appear remotely exploitable. The browser fails to properly warn or gate this...

CVE-2025-3839 Epiphany: insecure external protocol invocation in epiphany

A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be misused to exploit vulnerabilities within those handlers, making them appear remotely exploitable. The browser fails to properly warn or gate this...

CVE-2025-3839

CVE-2025-3839 affects Epiphany. A flaw in how Epiphany opens external URL handler applications with minimal user interaction can be abused to execute code on the client via trusted UI behavior. The root cause is insecure invocation of external handlers, enabling potential remote-looking actions w...

EUVD-2010-3310

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-11396

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ephy-session.c in libephymain.so in GNOME Web aka Epiphany through 3.28.2.1 allows remote attackers to cause a denial of service application crash via JavaScrip...

Linux Distros Unpatched Vulnerability : CVE-2018-12016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libephymain.so in GNOME Web aka Epiphany through 3.28.2.1 allows remote attackers to cause a denial of service application crash via certain window.open and...

[SECURITY] Fedora 42 Update: epiphany-48.3-1.fc42

Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the web content, instead of the browser application...

Advisory ROSA-SA-2024-2330

software: epiphany 42.2 WASP: ROSA-CHROME packageevrstring: epiphany-42.2-4.src.rpm CVE-ID: CVE-2023-26081 BDU-ID: 2023-01753 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Epiphany web browser is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker...

Debian dla-3423 : epiphany-browser - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3423 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3423-1 [email protected] https://www.debian.org/lts/security/...

Debian: Security Advisory (DLA-3423-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3423-1] epiphany-browser security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3423-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb May 15, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------...

DLA-3423-1 epiphany-browser - security update

Bulletin has no description...

OESA-2023-1175 epiphany security update

Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the Web content, instead of the browser application. Security Fixes: In Epiphany aka GNOME Web through 43.0, untrusted web content...

Privilege Escalation

epiphany-browser is vulnerable to Privilege Escalation. The vulnerability exists because the untrusted web content can trick users into exfiltrating passwords because autofill occurs in sandboxed contexts...

SUSE CVE-2023-26081

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts...

CVE-2023-26081

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts...

SUSE CVE-2005-0238

The International Domain Name IDN support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks...

SUSE CVE-2018-11396

ephy-session.c in libephymain.so in GNOME Web aka Epiphany through 3.28.2.1 allows remote attackers to cause a denial of service application crash via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call...

SUSE CVE-2021-45085

XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list...