37 matches found
EUVD-2026-34682
Insufficient validation of untrusted input in PointerLock in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11221
Insufficient validation of untrusted input in PointerLock in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11221
CVE-2026-11221 concerns Google Chrome’s PointerLock input handling. The issue is described as insufficient validation of untrusted input in PointerLock, affecting Chrome builds prior to 149.0.7827.53. A remote attacker who has already compromised the renderer process could trigger UI spoofing by ...
CVE-2026-11221
Insufficient validation of untrusted input in PointerLock in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11221
Insufficient validation of untrusted input in PointerLock in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
PT-2026-46747
Insufficient validation of untrusted input in PointerLock in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в firefox
It was possible to move the cursor using the pointer lock feature from an iframe. This allowed the cursor to be moved outside of the viewport and beyond the Firefox window. This vulnerability affects Firefox versions less than 128 and Thunderbird versions less than 128...
GHSA-R5P7-GP4J-QHRX Electron: Incorrect origin passed to permission request handler for iframe requests
Impact When an iframe requests fullscreen, pointerLock, keyboardLock, openExternal, or media permissions, the origin passed to session.setPermissionRequestHandler was the top-level page's origin rather than the requesting iframe's origin. Apps that grant permissions based on the origin parameter ...
EUVD-2016-3904
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2024-6608
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This...
firefox -- multiple vulnerabilities
[email protected] reports: Firefox adds web-compatibility shims in place of some tracking scripts blocked by Enhanced Tracking Protection. On a site protected by Content Security Policy in "strict-dynamic" mode, an attacker able to inject an HTML element could have used a DOM Clobbering attack...
Mozilla Thunderbird < 128.0
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 128.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-32 advisory. - When almost out-of-memory an elliptic curve key which was never allocated could have been freed again...
CVE-2024-6607
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a select element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox 128...
CVE-2024-6608
It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox 128 and Thunderbird 128...
Mozilla Firefox Security Advisory (MFSA2024-29) - Linux
The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2024-29. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...
UBUNTU-CVE-2024-6608
It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox 128 and Thunderbird 128...
CVE-2024-6607
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a select element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox 128...
CVE-2024-6607
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a select element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox 128...
CVE-2024-6608
It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox 128 and Thunderbird 128...
CVE-2024-6607
It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a select element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox 128...