69 matches found
WebView Vulnerability in X Browser
X Browser is a mobile browser for the Android platform. X Browser has a WebView vulnerability that can be exploited by an attacker to execute JS code across domains and take full control of a user's browser...
Popular Mobile Browsers Found Vulnerable To Address Bar Spoofing Attacks
--- Graphic for illustration Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. Other impacted browser...
CVE-2020-6558
Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
The vulnerability of Cisco Webex Meetings software, related to lack of access control, allows a intruder to connect to a password-protected meeting.
The vulnerability of Cisco Webex Meetings software is related to lack of access control. Exploiting this vulnerability allows a malicious actor to connect to a password-protected meeting, by entering a known meeting ID or the URL address of the meeting through a mobile browser...
CVE-2020-3142
A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password. The connection attempt must initiate from a Webex mobile application for either iO...
UBUNTU-CVE-2019-13708
Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
CVE-2019-5812
Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to perform domain spoofing via a crafted HTML page...
CVE-2018-6128
Incorrect URL parsing in WebKit in Google Chrome on iOS prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via a crafted HTML page...
Tor Browser for Android — First Official App Released On Play Store
Wohooo! Great news for privacy-focused users. Tor Browser, the most popular privacy-focused browser, for Android is finally out of beta, and the first stable version has now arrived on Google Play Store for anyone to download. The Tor Project announced Tuesday the first official stable release of...
The Ping is the Thing: Popular HTML5 Feature Used to Trick Chinese Mobile Users into Joining Latest DDoS Attack
DDoS attacks have always been a major threat to network infrastructure and web applications. Attackers are always creating new ways to exploit legitimate services for malicious purposes, forcing us to constantly research DDoS attacks in our CDN to build advanced mitigations. We recently...
Perverse Vulnerability from Interaction between 2-Factor Authentication and iOS AutoFill
Apple is rolling out an iOS security usability feature called Security code AutoFill. The basic idea is that the OS scans incoming SMS messages for security codes and suggests them in AutoFill, so that people can use them without having to memorize or type them. Sounds like a really good idea, bu...
Opera Mobile Browser for Android & iOS Blocks Cryptocurrency Mining
By Waqas Last month Opera introduced its browsers 50 beta version with This is a post from HackRead.com Read the original post: Opera Mobile Browser for Android iOS Blocks Cryptocurrency Mining...
Cheetah Mobile CM Browser Security Bypass Vulnerability
Cheetah Mobile CM Browser is a web browser from Cheetah Mobile, a Chinese company. A security bypass vulnerability exists in Cheetah Mobile CM Browser version 5.22.06.0012. An attacker could exploit this vulnerability to bypass the same-origin policy...
CVE-2018-5326
Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...
CVE-2018-5326
Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass...
Samsung Internet Browser - SOP Bypass Exploit
Exploit for Android platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Samsung Internet Browser SOP Bypass', 'Description' = %q This module takes advantage of ...
Samsung Internet Browser - SOP Bypass (Metasploit)
Samsung Internet Browser - SOP Bypass Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Samsung Internet Browser SOP Bypass', 'Description' = %q This module takes advantage of a...
Samsung Internet Browser SOP Bypass
This module takes advantage of a Same-Origin Policy SOP bypass vulnerability in the Samsung Internet Browser, a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up. Thi...
Zomato: User Profiles Leak PII in HTML Document for Mobile Browser User Agents
@chriszielinski found that user personal information was leaking when you make a request using mobile user agent...
CVE-2016-1707
ios/web/webstate/ui/crwwebcontroller.mm in Google Chrome before 52.0.2743.82 on iOS does not ensure that an invalid URL is replaced with the about:blank URL, which allows remote attackers to spoof the URL display via a crafted web site...