CVE-2020-0080

In onOpActiveChanged and related methods of AppOpsControllerImpl.java, there is a possible way to display an app overlaying other apps without the notification icon that it's overlaying. This could lead to local escalation of privilege with User execution privileges needed. User interaction is...

in erikdubbelboer/phpredisadmin

✍️ Description It can be possible to perform a clickjacking attack due to the lack of frame restrictions. The application does not set the response header X-Frame-Options: DENY. 🕵️‍♂️ Proof of Concept 💥 Impact According to PortSwigger references, it is possible for a page controlled by an attacker...

CVE-2020-0080

In onOpActiveChanged and related methods of AppOpsControllerImpl.java, there is a possible way to display an app overlaying other apps without the notification icon that it's overlaying. This could lead to local escalation of privilege with User execution privileges needed. User interaction is...

Microsoft Internet Explorer 5/6 JavaScript Interface Spoofing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3469/info It is reported that Microsoft Internet Explorer may permit aspects of the Internet Explorer interface to be spoofed. This could facilitate numerous attacks against users of the browser, including spoofing of bot...

ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC

Summary ViPlay3 is a freeware movie player designed to play the most popular movie types using overlaying technology for a faster and more efficient way of video playback. Description URUWorks ViPlay3 is prone to a remote buffer-overflow vulnerability because the application fails to perform...

CVE-2005-2407

A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into double-clicking on the "Run" button, aka "link hijacking"...