Lucene search
K

8 matches found

Vulnrichment
Vulnrichment
added 2025/09/10 3:6 p.m.1 views

CVE-2025-58764 Claude Code rg command had Command Injection that allowed bypass of user approval prompt for command execution

Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claud...

8.7CVSS6.9AI score0.00512EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/06/24 1:15 p.m.4 views

CVE-2025-6431

When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user to security vulnerabilities or privacy leaks in external applications. This bug only affects...

6.5CVSS6.8AI score0.0021EPSS
Exploits0References2
CVE
CVE
added 2025/06/24 12:28 p.m.48 views

CVE-2025-6431

The connected documents confirm CVE-2025-6431 affects Firefox for Android and describes a bypass where the prompt to open a link in an external application could be bypassed, potentially exposing users to security/privacy risks in external apps. The vulnerability is limited to Firefox for Android...

6.5CVSS5.8AI score0.0021EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/09/17 7:15 p.m.5 views

UBUNTU-CVE-2024-8900

An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox 129, Firefox ESR 128.3, and Thunderbird 128.3...

7.5CVSS7.3AI score0.00426EPSS
Exploits0References4
CVE
CVE
added 2024/03/06 8:52 p.m.102 views

CVE-2024-27933

Summary: CVE-2024-27933 affects Deno 1.39.0, where use of raw file descriptors in op_node_ipc_pipe() can prematurely close arbitrary fds, enabling silent permission-prompt bypass and potential arbitrary code execution on the host when an attacker controls code in the Deno runtime. The issue arise...

8.8CVSS8.4AI score0.02276EPSS
Exploits1References10Affected Software1
RedHat Linux
RedHat Linux
added 2022/05/04 11:20 a.m.3 views

Mozilla: Bypassing permission prompt in nested browsing contexts

The Mozilla Foundation Security Advisory describes this flaw as: Documents in deeply-nested cross-origin browsing contexts could have obtained permissions granted to the top-level origin, bypassing the existing prompt and wrongfully inheriting the top-level permissions...

8.8CVSS7.3AI score0.00848EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2022/02/09 12:0 a.m.43 views

CVE-2022-22754

If a user installed an extension of a particular type, the extension could have auto-updated itself and while doing so, bypass the prompt which grants the new version the new requested permissions. This vulnerability affects Firefox 97, Thunderbird 91.6, and Firefox ESR 91.6...

6.5CVSS6.8AI score0.00644EPSS
Exploits0References5
OSV
OSV
added 2020/07/09 2:15 p.m.4 views

CVE-2020-12424

When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox 78...

6.5CVSS7.4AI score
Exploits0References5
Rows per page
Query Builder