9 matches found
SUSE CVE-2016-9065
The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions prior to Mozilla Firefox 104, which stems from the fact that websites with access to a microphone can record audio without displaying an audio...
CVE-2021-0981
In enqueueNotificationInternal of NotificationManagerService.java, there is a possible way to run a foreground service without showing a notification due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
Mozilla: Firefox could be coaxed into going into fullscreen mode without notification or warning
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing...
UBUNTU-CVE-2019-11754
When the pointer lock is enabled by a website though requestPointerLock, no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users. This vulnerability affects Firefox 69.0.1...
CVE-2016-9065
The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This...
youthink.com XSS vulnerability
Vulnerable URL: http://www.youthink.com/shared/bigphoto.cfm?photourl=/imagesobj/2010/03/19/xss%22%3E%3Csvg/onload=prompt/openbugbounty/%3E.jpgwidth=500height=408 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 15.12.2017 Vulnerability type:| XSS Vulnerability status:|...
DEBIAN-CVE-2016-4383
The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change...
[Full-Disclosure] Nokia 3560 Remote DOS
Hello list, I have found a vulnerability with Nokia's 3560 cellular phone, in which anyone may remotely crash the phone's OS, requiring the user to disconnect the battery to restore normal functionality. The attack only requires sending the person a specially crafted text message. This can be don...