Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:2 a.m.8 views

CVE-2024-31310

In newServiceInfoLocked of AutofillManagerServiceImpl.java, there is a possible way to hide an enabled Autofill service app in the Autofill service settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User...

7.8CVSS7.1AI score0.00112EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:34 p.m.6 views

CVE-2020-26962

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox 83...

6.1CVSS6.2AI score0.0069EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 2:22 a.m.10 views

CVE-2017-13227

In the autofill service, the package name that is provided by the app process is trusted inappropriately. This could lead to information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS8.5AI score0.00085EPSS
Exploits0References1
OSV
OSV
added 2024/11/14 11:15 p.m.2 views

CVE-2017-13227

In the autofill service, the package name that is provided by the app process is trusted inappropriately. This could lead to information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.9AI score0.00085EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/14 12:0 a.m.6 views

PT-2024-10579 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to the autofill service, where the package name provided by the app process is trusted inappropriately. This could lead to...

5.5CVSS8.7AI score0.00085EPSS
Exploits0References4
OSV
OSV
added 2024/07/09 9:15 p.m.3 views

CVE-2024-31310

In newServiceInfoLocked of AutofillManagerServiceImpl.java, there is a possible way to hide an enabled Autofill service app in the Autofill service settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User...

7.8CVSS5.9AI score0.00112EPSS
Exploits0References2
OSV
OSV
added 2020/12/09 1:15 a.m.4 views

CVE-2020-26962

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox 83...

6.1CVSS6.9AI score0.0069EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2020/12/09 12:24 a.m.25 views

CVE-2020-26962

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated. This could have been used in clickjacking attacks, as well as be read across partitions in dynamic first party isolation. This vulnerability affects Firefox 83...

6.1CVSS8.1AI score0.0069EPSS
Exploits0
Veracode
Veracode
added 2020/11/20 9:45 a.m.28 views

Phishing Attacks

firefox is vulnerable to phishing attacks. The vulnerability exists through cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated...

6.1CVSS2.7AI score0.0069EPSS
Exploits0References3Affected Software6
Rows per page
Query Builder