19 matches found
EUVD-2016-6148
Malware in sbrugna...
EUVD-2015-1950
Malware in sbrugna...
EUVD-2014-3502
Malware in sbrugna...
EUVD-2021-10878
Malware in sbrugna...
CVE-2021-43544
When receiving a URL through a SEND intent, Firefox would have searched for the text, but subsequent usages of the address bar might have caused the URL to load unintentionally, which could lead to XSS and spoofing attacks. This bug only affects Firefox for Android. Other operating systems are...
SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2020:14339-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14339-1 advisory. - When reading from areas partially or fully outside the source resource with WebGL's copyTexSubImage method, the specification requires the...
CVE-2021-23957
Navigations through the Android-specific intent URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox 85...
CVE-2021-23957
Navigations through the Android-specific intent URL scheme could have been misused to escape iframe sandbox. Note: This issue only affected Firefox for Android. Other operating systems are unaffected. This vulnerability affects Firefox 85...
Mozilla Firefox < 85.0
The version of Firefox installed on the remote Windows host is prior to 85.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-03 advisory. - Mozilla developers Sebastian Hengst, Christian Holler, Tyson Smith reported memory safety bugs present in Firefox 84...
CVE-2020-6827
When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI. Note: This issue only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox ESR...
Code injection
Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables preferences via a crafted intent: URL...
CVE-2015-1835
Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables preferences via a crafted intent: URL...
Unspecified Vulnerability in Lenovo SHAREit
Lenovo SHAREit 茄子快传 on Android is a set of file-sharing software based on the Android platform by the Chinese company Lenovo Lenovo. An unspecified vulnerability exists in Lenovo SHAREit versions prior to 3.5.98ww, based on Android platforms prior to version 4.2. A remote attacker can exploit thi...
CVE-2016-4782
Lenovo SHAREit before 3.5.98ww on Android before 4.2 allows remote attackers to have unspecified impact via a crafted intent: URL, aka an "intent scheme URL attack."...
CVE-2015-7191
Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting XSS attacks via vectors involving an intent: URL and fallback navigation, aka "Universal XSS UXSS."...
CVE-2015-7191
Mozilla Firefox before 42.0 on Android improperly restricts URL strings in intents, which allows attackers to conduct cross-site scripting XSS attacks via vectors involving an intent: URL and fallback navigation, aka "Universal XSS UXSS."...
CVE-2014-3500
Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL...
CVE-2014-3500
Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL...
CVE-2014-3500
Apache Cordova for Android (pre-3.5.1) is vulnerable to Cross-Application Scripting via crafted Android intents that can change the start page, enabling an attacker to execute script in the victim’s browser and potentially steal cookie-based credentials. The issue stems from insufficient input va...