Lucene search
K

233 matches found

RedhatCVE
RedhatCVE
added 2020/05/20 8:25 a.m.28 views

CVE-2020-6465

Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

6.8CVSS2.5AI score0.0159EPSS
Exploits0References4
OSV
OSV
added 2019/11/25 3:15 p.m.2 views

DEBIAN-CVE-2019-13692

Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...

8.8CVSS7.1AI score0.00724EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2019/11/25 3:15 p.m.22 views

CVE-2019-13692

Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...

8.8CVSS7.1AI score0.00724EPSS
Exploits0References1
OSV
OSV
added 2019/11/25 3:15 p.m.2 views

UBUNTU-CVE-2019-13692

Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...

8.8CVSS7AI score0.00724EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2019/10/29 9:30 a.m.1 views

chromium-browser: SOP bypass

Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...

8.8CVSS7.3AI score0.00724EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2019/10/16 6:22 p.m.27 views

CVE-2019-13692

Insufficient policy enforcement in reader mode in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page...

8.8CVSS8AI score0.00724EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2019/09/19 12:0 a.m.36 views

KLA11741 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Policy enforcement...

9.6CVSS9.1AI score0.01443EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2019/06/05 7:43 p.m.162 views

Mozilla and Google Browsers Get Security, Anti-Tracking Boosts

Browsers Firefox and Chrome received updates this week, both adding security and privacy tools that help with password management and help block sites that track users. Mozilla’s Firefox browser introduced an “Enhanced Tracking Protection” feature that blocks over 1,000 third-party companies that...

0.7AI score
Exploits0References6
Veracode
Veracode
added 2019/01/15 9:24 a.m.22 views

Information Disclosure

firefox is vulnerable to information disclosure attacks. The vulnerability exists as Reader Mode did not strip the username and password section of URLs displayed in the addressbar...

7.5CVSS8.1AI score0.01945EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2018/10/18 1:29 p.m.1 views

CVE-2018-12370

In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. This vulnerability affects Firefox 61...

8.8CVSS7.1AI score
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/06/28 4:23 p.m.6 views

Mozilla: address bar username and password spoofing in reader mode

When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...

7.5CVSS7.3AI score0.01945EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2018/06/28 4:23 p.m.4 views

Mozilla: address bar username and password spoofing in reader mode

When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...

7.5CVSS7.3AI score0.01945EPSS
Exploits1References5
OSV
OSV
added 2018/06/11 9:29 p.m.1 views

CVE-2017-7762

When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...

7.5CVSS7.3AI score0.01945EPSS
Exploits1References6
NVD
NVD
added 2018/06/11 9:29 p.m.13 views

CVE-2017-7762

When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...

7.5CVSS6.4AI score0.01945EPSS
Exploits1References6
OSV
OSV
added 2018/06/11 9:29 p.m.0 views

CVE-2017-5463

Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerabili...

5.3CVSS7.3AI score0.01471EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/06/11 9:29 p.m.20 views

CVE-2017-5463

Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerabili...

5.3CVSS6.8AI score0.01471EPSS
Exploits0References2
Prion
Prion
added 2018/06/11 9:29 p.m.11 views

Code injection

Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerabili...

5CVSS5.2AI score0.01471EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2018/06/11 9:0 p.m.26 views

CVE-2017-7762

When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox 54...

7.2AI score0.01945EPSS
Exploits1References6
CVE
CVE
added 2018/06/11 9:0 p.m.90 views

CVE-2017-7762

Summary: CVE-2017-7762 is a vulnerability in Firefox where, when entering a URL directly, Reader Mode did not strip the username and password portion of the address bar, enabling domain spoofing. The issue affects Firefox versions earlier than 54. The available connected documents confirm the roo...

7.5CVSS7AI score0.01945EPSS
Exploits1References6Affected Software3
CVE
CVE
added 2018/06/11 9:0 p.m.76 views

CVE-2017-5463

CVE-2017-5463 affects Firefox for Android prior to version 53.0. The issue arises when Android intents can launch Firefox in reader mode with a user-supplied URL, allowing spoofing of the address bar contents shown to users. Public details in the provided sources confirm the affected product (Fir...

5.3CVSS5.8AI score0.01471EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder