Lucene search
K

299 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Web API Permission Prompts in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6AI score0.00574EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

In the “Permission Prompts” feature of Google Chrome before version 101.0.4951.64, it was possible for a remote attacker to convince a user to perform certain UI interactions, thereby potentially exploiting heap corruption through those interactions...

8.8CVSS7.3AI score0.00676EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.7AI score0.01163EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

The timing of a button click that causes a pop-up to disappear was approximately the same duration as the delay in permission prompts to prevent clickjacking attacks. This fact could be used to surprise users by forcing them to click where the permission grant button was about to appear. This...

6.1CVSS6.5AI score0.00683EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/01 9:14 p.m.8 views

CVE-2026-0061

In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00073EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

After requesting multiple permissions and closing the first permission panel, subsequent permission panels will be displayed in a different position, but still record a click at the default location. This allows users to be tricked into accepting permissions they do not want to grant. This bug on...

6.5CVSS6.8AI score0.00945EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Firefox and Thunderbird

If a user installed an extension of a particular type, the extension might automatically update itself. During this process, it could bypass the prompt that grants the new version the newly requested permissions. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...

6.5CVSS6.7AI score0.00644EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6AI score0.00657EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in Permission Prompts in Google Chrome prior to 117.0.5938.62 allowed an attacker who convinced a user to install a malicious app to potentially perform a sandbox escape via a malicious file. Chromium security severity: Medium...

9.6CVSS7.1AI score0.00319EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in permission prompts in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to force acceptance of a permission prompt via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.8AI score0.00496EPSS
Exploits0References2
OSV
OSV
added 2026/04/14 1:10 p.m.6 views

JLSEC-2026-100 Deno is vulnerable to race condition via interactive permission prompt spoofing

Impact Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the terminal screen after permission prompt was shown and write a generic message li...

7.5CVSS7AI score0.00601EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-14218

Malware in sbrugna...

4.3CVSS7.1AI score0.01247EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-7936

Malware in sbrugna...

5.3CVSS7.4AI score0.01072EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-12222

Malicious code in bioql PyPI...

6.5CVSS8AI score0.00496EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-6099

Malicious code in bioql PyPI...

4.3CVSS6AI score0.00206EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-23508

Malicious code in bioql PyPI...

4.3CVSS7.3AI score0.01163EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-6867

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The timing of a button click causing a popup to disappear was approximately the same length as the anti- clickjacking delay on permission prompts. It was possib...

6.1CVSS7.5AI score0.00683EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-1939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Android apps can load web pages using the Custom Tabs feature. This feature supports a transition animation that could have been used to trick a user into...

3.9CVSS7.2AI score0.00175EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-10462

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4...

7.5CVSS7AI score0.0054EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-6206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to...

5.4CVSS7.3AI score0.00558EPSS
Exploits0References2
Rows per page
Query Builder