Lucene search
K

30 matches found

OSV
OSV
added 2026/04/08 10:16 p.m.2 views

DEBIAN-CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

6.6CVSS8.4AI score0.0017EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/08 9:20 p.m.2 views

CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

6.6CVSS8.4AI score0.0017EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/03/10 5:4 a.m.134 views

Exploit for Code Injection in Anthropic Claude_Code

Claude Code: MCP Tool Confirmation Prompt Misrepresentation !...

8.8CVSS6.2AI score0.30227EPSS
Exploits6
RedhatCVE
RedhatCVE
added 2026/01/09 9:36 a.m.9 views

CVE-2024-34730

In multiple locations, there is a possible bypass of user consent to enabling new Bluetooth HIDs due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.1AI score0.00078EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2021-26049

Malware in sbrugna...

9.3CVSS7.5AI score0.00698EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-26095

Malware in sbrugna...

7.8CVSS7.6AI score0.0012EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-7622

Malware in sbrugna...

5.5CVSS5.9AI score0.00342EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-1885

Malware in sbrugna...

2.3CVSS4.1AI score0.00152EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-3065

Malicious code in bioql PyPI...

7.3CVSS7.5AI score0.00117EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-3052

Malicious code in bioql PyPI...

8CVSS7.8AI score0.00551EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/30 6:20 p.m.4 views

CVE-2025-26417

In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

4CVSS5.6AI score0.0031EPSS
Exploits0References1
OSV
OSV
added 2025/08/26 11:15 p.m.6 views

CVE-2025-26417

In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

4CVSS5.9AI score0.0031EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 5:19 a.m.5 views

CVE-2023-21251

In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

7.3CVSS6.8AI score0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:13 p.m.15 views

CVE-2021-39692

In onCreate of SetupLayoutActivity.java, there is a possible way to setup a work profile bypassing user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:...

9.3CVSS7.7AI score0.00698EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:59 p.m.8 views

CVE-2020-0382

In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. This could lead to local information disclosure of bug report data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

2.3CVSS6.2AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 2025/01/21 11:15 p.m.15 views

CVE-2024-34730

In multiple locations, there is a possible bypass of user consent to enabling new Bluetooth HIDs due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00078EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/02/29 12:0 a.m.5 views

The vulnerability in the cursor display implementation of Mozilla Firefox, Firefox ESR, and the Thunderbird email client allows a hacker to obtain arbitrary permissions on a website without user consent.

The vulnerability in the cursor display implementation of Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to an incorrect limitation on the number of layers or frames that can be displayed. Exploiting this vulnerability allows a malicious actor to obtain arbitrary...

5CVSS6.8AI score0.00525EPSS
Exploits0References14Affected Software12
NVD
NVD
added 2023/07/13 12:15 a.m.32 views

CVE-2023-21251

In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

7.3CVSS0.00234EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/11/08 12:0 a.m.8 views

PT-2022-14672 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-13 Description: A missing permission check in the restorePermissionState function of PermissionManagerServiceImpl.java allows for a possible bypass of user consent. This could lead to local escalati...

7.8CVSS7.7AI score0.00088EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/13 7:15 p.m.4 views

CVE-2022-20218

In PermissionController, there is a possible way to get and retain permissions without user's consent due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

7.8CVSS7.2AI score0.00113EPSS
Exploits0References2
Rows per page
Query Builder