4262 matches found
CVE-2025-46308
An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to leak sensitive user information...
CVE-2026-11799
UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...
CVE-2026-11799
CVE-2026-11799 concerns a UXSS flaw in Focus for iOS and Klar WebKit navigation. The affected components are Focus for iOS and Klar for iOS, with a root cause not explicitly detailed in the provided documents beyond the UXSS classification. The vulnerability is rated HIGH (CVSS 3.1: AV:N/AC:L/PR:...
CVE-2026-11799 UXSS in Focus for iOS / Klar Webkit navigation
UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...
Security Vulnerabilities fixed in Focus for iOS / Klar 151.3.1 — Mozilla
CVE-2026-11799: UXSS in Focus for iOS / Klar Webkit navigation Reporter Renwa Hiwa Impact high References Bug 1975667...
Mobile Verification Toolkit 路径遍历漏洞
The Mobile Verification Toolkit is an open-source mobile device forensics analysis tool developed by MVT. Versions of the Mobile Verification Toolkit prior to version 2026.5.12 contained a path traversal vulnerability. This vulnerability stemmed from file identifiers that were not cleared during...
SUSE CVE-2026-11165
Use after free in WebMIDI in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11202
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11204
Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11205
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted QR code. Chromium security severity: Medium...
SUSE CVE-2026-11285
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
PT-2026-47194
Name of the Vulnerable Software and Affected Versions Cordova Plugin InAppBrowser versions 3.1.0 through 6.0.0 Description The iOS implementation of the InAppBrowser plugin fails to validate the id field from a WKScriptMessage body before passing it to the commandDelegate...
CVE-2026-10961
An use after free flaw was found in the Chrome for iOS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=508281950...
CVE-2026-10915
An use after free flaw was found in the Core component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497612174...
CVE-2026-10885
An use after free flaw was found in the Chrome for iOS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504072665...
CVE-2026-11302
An insufficient policy enforcement flaw was found in the Chrome for iOS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504196549...
CVE-2026-11277
An insufficient policy enforcement flaw was found in the Chrome for iOS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501839664...
CVE-2026-10896
An use after free flaw was found in the Chrome for iOS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513514692...
CVE-2026-11204
An inappropriate implementation flaw was found in the Signin component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505200733...
CVE-2025-46311
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access sensitive user data...