CVE-2023-21260

In notification access permission dialog box, malicious application can embedded a very long service label that overflow the original user prompt and possibly contains mis-leading information to be appeared as a system message for user confirmation...

CVE-2025-24885

CVE-2025-24885 concerns pwn.college and its Dojo pages. The reported vulnerability is a missing access control on rendering custom (unprivileged) Dojo pages, enabling stored XSS via the dojo content. The CVE entry documents a CVSS v3.1 base score of 7.6 (HIGH) with attack vector NETWORK, attack c...

CVE-2024-38313

In certain scenarios a malicious website could attempt to display a fake location URL bar which could mislead users as to the actual website address This vulnerability affects Firefox for iOS 127...

CVE-2024-38313

CVE-2024-38313 describes a spoofing vulnerability in Firefox for iOS where, in certain scenarios, a malicious website could attempt to display a fake location URL bar to mislead users about the actual website address. The vulnerability is documented to affect Firefox for iOS versions prior to 127...

CVE-2022-32530

A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile...

Spoofing

When a new protocol handler is registered, the API accepts a title argument which can be used to mislead users about which domain is registering the new protocol. This may result in the user approving a protocol handler that they otherwise would not have. This vulnerability affects Firefox 63...

Design/Logic Flaw

NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users...

CVE-2017-9279

NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users...

Microsoft Internet Explorer Address Bar Spoofing (CVE-2004-2219)

A vulnerability exists in Internet Explorer's address bar updating method due to incorrect handling of unknown protocol handlers. A specific sequence of steps, executed in an Internet Explorer browser can allow for arbitrary content to be represented by a false address in the address bar. This ca...