Lucene search
K

69 matches found

CNVD
CNVD
added 2021/01/16 12:0 a.m.3 views

WebView Vulnerability in X Browser

X Browser is a mobile browser for the Android platform. X Browser has a WebView vulnerability that can be exploited by an attacker to execute JS code across domains and take full control of a user's browser...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/21 7:2 a.m.8 views

Popular Mobile Browsers Found Vulnerable To Address Bar Spoofing Attacks

--- Graphic for illustration Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. Other impacted browser...

6AI score
Exploits0
OSV
OSV
added 2020/09/21 8:15 p.m.6 views

CVE-2020-6558

Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

6.5CVSS7AI score0.01787EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2020/03/12 12:0 a.m.4 views

The vulnerability of Cisco Webex Meetings software, related to lack of access control, allows a intruder to connect to a password-protected meeting.

The vulnerability of Cisco Webex Meetings software is related to lack of access control. Exploiting this vulnerability allows a malicious actor to connect to a password-protected meeting, by entering a known meeting ID or the URL address of the meeting through a mobile browser...

7.8CVSS7.2AI score0.0149EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/01/26 5:15 a.m.2 views

CVE-2020-3142

A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password. The connection attempt must initiate from a Webex mobile application for either iO...

7.5CVSS7.1AI score0.0149EPSS
Exploits0References1
OSV
OSV
added 2019/11/25 3:15 p.m.3 views

UBUNTU-CVE-2019-13708

Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS6.7AI score0.0092EPSS
Exploits0References2
OSV
OSV
added 2019/06/27 5:15 p.m.3 views

CVE-2019-5812

Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to perform domain spoofing via a crafted HTML page...

6.5CVSS7AI score0.0139EPSS
Exploits0References5
OSV
OSV
added 2019/06/27 5:15 p.m.2 views

CVE-2018-6128

Incorrect URL parsing in WebKit in Google Chrome on iOS prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via a crafted HTML page...

6.1CVSS7.4AI score0.00873EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2019/05/23 9:15 a.m.2 views

Tor Browser for Android — First Official App Released On Play Store

Wohooo! Great news for privacy-focused users. Tor Browser, the most popular privacy-focused browser, for Android is finally out of beta, and the first stable version has now arrived on Google Play Store for anyone to download. The Tor Project announced Tuesday the first official stable release of...

6.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2019/04/11 4:0 p.m.108 views

The Ping is the Thing: Popular HTML5 Feature Used to Trick Chinese Mobile Users into Joining Latest DDoS Attack

DDoS attacks have always been a major threat to network infrastructure and web applications. Attackers are always creating new ways to exploit legitimate services for malicious purposes, forcing us to constantly research DDoS attacks in our CDN to build advanced mitigations. We recently...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/06/20 11:51 a.m.31 views

Perverse Vulnerability from Interaction between 2-Factor Authentication and iOS AutoFill

Apple is rolling out an iOS security usability feature called Security code AutoFill. The basic idea is that the OS scans incoming SMS messages for security codes and suggests them in AutoFill, so that people can use them without having to memorize or type them. Sounds like a really good idea, bu...

0.8AI score
Exploits0
HackRead
HackRead
added 2018/01/23 3:1 p.m.58 views

Opera Mobile Browser for Android & iOS Blocks Cryptocurrency Mining

By Waqas Last month Opera introduced its browsers 50 beta version with This is a post from HackRead.com Read the original post: Opera Mobile Browser for Android iOS Blocks Cryptocurrency Mining...

6.9AI score
Exploits0
CNVD
CNVD
added 2018/01/17 12:0 a.m.4 views

Cheetah Mobile CM Browser Security Bypass Vulnerability

Cheetah Mobile CM Browser is a web browser from Cheetah Mobile, a Chinese company. A security bypass vulnerability exists in Cheetah Mobile CM Browser version 5.22.06.0012. An attacker could exploit this vulnerability to bypass the same-origin policy...

7.5CVSS6.8AI score0.01173EPSS
Exploits0References1
OSV
OSV
added 2018/01/12 2:29 a.m.4 views

CVE-2018-5326

Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...

7.5CVSS5.8AI score0.01173EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/12 2:0 a.m.18 views

CVE-2018-5326

Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...

7.6AI score0.01173EPSS
Exploits0References1
0day.today
0day.today
added 2017/12/20 12:0 a.m.29 views

Samsung Internet Browser - SOP Bypass Exploit

Exploit for Android platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Samsung Internet Browser SOP Bypass', 'Description' = %q This module takes advantage of ...

5CVSS7.6AI score0.78843EPSS
Exploits7
exploitpack
exploitpack
added 2017/12/20 12:0 a.m.29 views

Samsung Internet Browser - SOP Bypass (Metasploit)

Samsung Internet Browser - SOP Bypass Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Samsung Internet Browser SOP Bypass', 'Description' = %q This module takes advantage of a...

7.4AI score0.78843EPSS
Exploits7
Metasploit
Metasploit
added 2017/12/08 7:53 p.m.33 views

Samsung Internet Browser SOP Bypass

This module takes advantage of a Same-Origin Policy SOP bypass vulnerability in the Samsung Internet Browser, a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up. Thi...

7.5CVSS0.2AI score0.78843EPSS
Exploits7
Hacker One
Hacker One
added 2017/11/08 9:0 p.m.9 views

Zomato: User Profiles Leak PII in HTML Document for Mobile Browser User Agents

@chriszielinski found that user personal information was leaking when you make a request using mobile user agent...

6.7AI score
Exploits0
OSV
OSV
added 2016/07/23 7:59 p.m.2 views

CVE-2016-1707

ios/web/webstate/ui/crwwebcontroller.mm in Google Chrome before 52.0.2743.82 on iOS does not ensure that an invalid URL is replaced with the about:blank URL, which allows remote attackers to spoof the URL display via a crafted web site...

6.5CVSS7AI score0.01178EPSS
Exploits1References10
Rows per page
Query Builder