CVE-2025-27900

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 is affected by an open redirect vulnerability that could allow a remote attacker to perform phishing by spoofing the URL and redirecting users to a malicious site. Affected component: DB2 Recovery Expert for LUW 5.5 Interim Fix 002. Underlying i...

Google Chrome 安全漏洞

Google Chrome on Android is a mobile browser from Google, optimized for Android devices, offering fast browsing, smart search, privacy protection and cross-device syncing. Google Chrome on Android suffers from an Omnibox mal-implementation vulnerability that can be exploited by attackers to cause...

firefox: thunderbird: URL Bar Spoofing via non-BMP Unicode characters

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack...

Mozilla Firefox 输入验证错误漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. An input validation error vulnerability exists in Mozilla Firefox versions prior to 136, which stems from URL spoofing...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 134, which stems from a long hostname that can be exploited in URLs to mask the actual host of a web site or spoof a web address...

PT-2025-4825 · Mozilla · Firefox

Name of the Vulnerable Software and Affected Versions: Firefox for iOS versions prior to 134 Description: The issue allows long hostnames in URLs to be used to obscure the actual host of a website or to spoof the website address. Recommendations: For Firefox for iOS versions prior to 134, update ...

firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack...

firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the following issue: A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack...

PT-2026-31513

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description A flaw exists in the security user interface within the Omnibox URL bar of Google Chrome on iOS. This issue, prior to version 147.0.7727.55, could allow a remote attacker to manipulate...

SUSE CVE-2022-46725

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to address bar spoofing...

UBUNTU-CVE-2022-46725

A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to address bar spoofing...

SUSE CVE-2023-37205

The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox 115...

SUSE CVE-2019-13746

Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-38164

A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phishing attack with URL spoofing as the browser only display certain part of the entire URL...

F-Secure Safe Browser 安全漏洞

F-Secure Safe Browser is an Internet security browser from Finnish company Fen Secure F-Secure. It is used to block viruses, Trojans, ransomware and other threats in real time. A security vulnerability exists in F-Secure Safe Browser that originates from a maliciously crafted website that may...

EasyApache 输入验证错误漏洞

PHP is a scripting language that executes on the server side. PHP suffers from an input validation error vulnerability that can be exploited by an attacker to spoof a user via PHP's FILTERVALIDATEURL in order to redirect them to a malicious site...

IBM Planning Analytics Clickjacking Vulnerability

IBM Planning Analytics is a suite of business planning and analytics solutions from IBM USA. The solution supports automated execution of processes such as business planning, budgeting and analysis. A clickjacking vulnerability exists in IBM Planning Analytics version 2.0.x. The vulnerability ste...

Google Chrome Omnibox URL Spoofing Vulnerability (CNVD-2019-17497)

Google Chrome is a web browser from Google, Inc. and Omnibox is a real-time search engine. A security vulnerability exists in Omnibox in versions of Google Chrome prior to 75.0.3770.80. An attacker can exploit the vulnerability to forge URLs...

Unpatched Flaw in Xiaomi's Built-in Browser App Lets Hackers Spoof URLs

EXCLUSIVE — Beware, if you are using a Xiaomi's Mi or Redmi smartphone, you should immediately update its built-in MI browser or the Mint browser available on Google Play Store for non-Xiaomi Android devices. That's because both web browser apps created by Xiaomi are vulnerable to a critical...

Google Chrome URL Spoofing Vulnerability (CNVD-2018-22398)

Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in the full-screen mode in Google Chrome versions prior to 69.0.3497.81. A remote attacker can exploit the vulnerability to forge URLs...