CVE-2025-68712

SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...

CVE-2025-68708

SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure navigation through...

EUVD-2025-209945

SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure navigation through...

EUVD-2025-209947

Easyelife App lock aka Fingerprint,Applock or locker.app.safe.applocker 1.9.2 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows -...

CVE-2025-68708

SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure navigation through...

CVE-2025-68711

The CVE-2025-68711 entry concerns AppLockZ (applock.passwordfingerprint.applockz) Android app version 4.2.11. The root cause is that the lock is implemented as an overlay rather than using Android’s secure authentication APIs, allowing a local attacker with physical access to bypass the PIN. By n...

CVE-2025-68710

Easyelife App lock aka Fingerprint,Applock or locker.app.safe.applocker 1.9.2 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows -...

CVE-2025-68708

SailingLab AppLock aka com.alpha.applock 4.3.8 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows - insecure navigation through...

CVE-2025-68710

CVE-2025-68710 concerns Easyelife App lock 1.9.2 for Android. The vulnerability arises because the lock is implemented as an overlay instead of using Android’s secure authentication APIs, allowing a local attacker with physical access to bypass the PIN. By navigating cascading interface flows and...

CVE-2024-9966

CVE-2024-9966 affects Google Chrome/Chromium (Navigations) and is caused by an inappropriate implementation that allows bypassing the Content Security Policy via a crafted HTML page. The issue has a documented low severity and is associated with Chrome/Chromium builds prior to 130.0.6723.58. Publ...

CVE-2023-7282

CVE-2023-7282 affects Google Chrome (Chromium-based) via an inappropriate Navigation implementation that enables domain spoofing when a user is persuaded to perform specific UI gestures on a crafted HTML page. Vulnerable versions are prior to 113.0.5672.63. The root cause is in the Navigation han...

OESA-2024-1954 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes:Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security...

CVE-2022-4185

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-4185

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-4185

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-0108

Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2022-0108

Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2019-13708

Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...