CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

Debian CVE•added 2025/12/18 2:21 p.m.•2 views

CVE-2025-14744

Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulnerability was fixed in Firefox for iOS 144.0...

6.5CVSS5.3AI score0.00026EPSS

Exploits0

OSV•added 2025/12/05 5:26 p.m.•1 views

CVE-2025-66548 Nextcloud Deck app allows to spoof file extensions by using RTLO characters

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.12.7, 1.14.4, and 1.15.1, file extension can be spoofed by using RTLO characters, tricking users into download files with a different extension th...

3.3CVSS6.7AI score0.00012EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-10079

Malware in sbrugna...

4.3CVSS7.1AI score0.00909EPSS

Exploits0References9

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-14181

Malware in sbrugna...

6.5CVSS7.9AI score0.00524EPSS

Exploits0References10

Tenable Nessus•added 2025/08/19 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2017-5072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL...

6.5CVSS7.4AI score0.00524EPSS

Exploits0References2

NVD•added 2023/07/05 10:15 a.m.•10 views

CVE-2023-37205

The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox 115...

6.5CVSS6.8AI score0.00203EPSS

Exploits0References3

Prion•added 2023/07/05 10:15 a.m.•16 views

Spoofing

The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox 115...

4.3CVSS5.9AI score0.00203EPSS

Exploits0References3Affected Software1

Cvelist•added 2023/07/05 9:1 a.m.•17 views

CVE-2023-37205

The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox 115...

7AI score0.00203EPSS

Exploits0References3

AlpineLinux•added 2023/07/05 9:1 a.m.•16 views

CVE-2023-37205

The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox 115...

6.5CVSS6.9AI score0.00203EPSS

Exploits0

Debian CVE•added 2023/07/05 9:1 a.m.•18 views

CVE-2023-37205

The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox 115...

6.5CVSS8.3AI score0.00203EPSS

Exploits0

SUSE CVE•added 2023/02/15 4:51 a.m.•0 views

SUSE CVE-2017-5072

Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page...

6.5CVSS8.7AI score0.00524EPSS

Exploits0References5

Debian CVE•added 2022/12/22 12:0 a.m.•20 views

CVE-2021-4221

If a domain name contained a RTL character, it would cause the domain to be rendered to the right of the path. This could lead to user confusion and spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.Note: Due to a clerical error this advisory was...

4.3CVSS4.1AI score0.00182EPSS

Exploits1

NVD•added 2018/12/11 4:29 p.m.•13 views

CVE-2018-18348

Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...

4.3CVSS5AI score0.00909EPSS

Exploits0References6

OSV•added 2018/12/11 4:29 p.m.•1 views

UBUNTU-CVE-2018-18348

4.3CVSS6.7AI score0.00909EPSS

Exploits0References2

UbuntuCve•added 2017/10/27 5:29 a.m.•19 views

CVE-2017-5072

Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page...

6.5CVSS7AI score0.00524EPSS

Exploits0References2

NVD•added 2017/10/27 5:29 a.m.•9 views

CVE-2017-5072

Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page...

6.5CVSS6.6AI score0.00524EPSS

Exploits0References6

OSV•added 2017/10/27 5:29 a.m.•0 views

CVE-2017-5072

Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page...

6.5CVSS7.3AI score0.00524EPSS

Exploits0References6

Prion•added 2017/10/27 5:29 a.m.•14 views

Information disclosure

Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page...

4.3CVSS6.3AI score0.00524EPSS

Exploits0References6Affected Software1

CVE•added 2017/10/27 5:0 a.m.•69 views

CVE-2017-5072

CVE-2017-5072 affects Google Chrome/Chromium Omnibox. Insecure implementation allowed a remote attacker to spoof the address bar using RTL characters via a crafted URL page, reported for Android and tied to Chrome/Chromium versions around 59.x. The vulnerability arises from the Omnibox component’...

6.5CVSS6.3AI score0.00524EPSS

Exploits0References6Affected Software1

Cvelist•added 2017/10/27 5:0 a.m.•19 views

CVE-2017-5072

Inappropriate implementation in Omnibox in Google Chrome prior to 59.0.3071.92 for Android allowed a remote attacker to perform domain spoofing with RTL characters via a crafted URL page...

6.5AI score0.00524EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by