Astra Linux - уязвимость в chromium

Inappropriate implementation in full screen mode in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

Astra Linux - уязвимость в thunderbird, firefox

A website could have obscured the full-screen notification by using a URL that was processed by an external program, such as a mailto URL. This could have caused confusion among users and potentially led to spoofing attacks. This vulnerability affects Firefox 116, Firefox ESR 115.2, and Thunderbi...

Astra Linux - уязвимость в thunderbird, firefox

A website could have obscured the full-screen notification by using the file open dialog. This could have caused confusion among users and potentially led to spoofing attacks. This vulnerability affects Firefox 116, Firefox ESR 115.2, and Thunderbird 115.2...

Astra Linux - уязвимость в firefox

A website can prevent a user from exiting full-screen mode through alerts and prompts. This can lead to user confusion and potential spoofing attacks. This vulnerability affects Firefox versions earlier than 115...

Astra Linux - уязвимость в chromium

The incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to spoof the security UI through a crafted HTML page. Chromium security severity: Medium...

WordPress Full Screen Background plugin <= 2.0.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Full Screen Background versions = 2.0.2...

Aether Smart Contract Security Analysis Framework 5.0.2

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability. This vulnerability stemmed from incorrect security UI in full-screen mode, which could allow remote attackers to exploit the UI through specially crafted HT...

Electron 资源管理错误漏洞

Electron is an open-source JavaScript framework developed by users for creating cross-platform desktop applications. This framework is based on Node.js and Chromium, allowing the development of cross-platform desktop applications using HTML and CSS. Versions of Electron prior to 38.8.6, 39.8.0,...

MiracleLinux 9 : firefox-102.15.0-1.el9.ML.1 (AXSA:2023-6389:32)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6389:32 advisory. Mozilla: Memory corruption in IPC CanvasTranslator CVE-2023-4573 Mozilla: Memory corruption in IPC ColorPickerShownCallback CVE-2023-4574 Mozilla:...

MiracleLinux 8 : thunderbird-102.15.0-1.el8.ML.1 (AXSA:2023-6386:24)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6386:24 advisory. Mozilla: Memory corruption in IPC CanvasTranslator CVE-2023-4573 Mozilla: Memory corruption in IPC ColorPickerShownCallback CVE-2023-4574 Mozilla:...

MiracleLinux 7 : firefox-102.15.0-1.0.1.el7.AXS7 (AXSA:2023-6392:33)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6392:33 advisory. Mozilla: Memory corruption in IPC CanvasTranslator CVE-2023-4573 Mozilla: Memory corruption in IPC ColorPickerShownCallback CVE-2023-4574 Mozilla:...

CVE-2025-14019

LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...

CVE-2025-14020

LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security Toast notification is not properly re-displayed when users return from another application, potentially allowing attackers to conduct phishing attacks by...

CVE-2025-14019

LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...

CVE-2025-14019

LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...

CVE-2025-14019

LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...

CVE-2025-14019

LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...

CVE-2025-14019

CVE-2025-14019 concerns the LINE Android client (versions 13.8–15.5). The in-app browser UI can be spoofed via a specific layout, potentially obscuring a full-screen warning prompt and enabling phishing via UI spoofing. Public sources in the provided documents describe the affected product and ge...

CVE-2025-13132

A flaw was found in dia. This vulnerability allows users to be misled about the current site via a malicious site rendering a fake user interface UI without a full-screen notification...