EUVD-2026-33800

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0088

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0088

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0088

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0088

The CVE-2026-0088 affects Android’s CertInstaller.getCallingAppLabel, where a misleading or insufficient UI could allow hiding a sensitive security dialogue. This enables local privilege escalation with no extra privileges and no user interaction required for exploitation, as described across NVD...

ASB-A-471127462

In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2011-3330

Malware in sbrugna...

EUVD-2011-3331

Malware in sbrugna...

Brave 安全漏洞

Brave is a fast, private and secure web browser from Brave USA. A security vulnerability exists in versions prior to Brave 1.48.171, which stems from a download security check dialog that is not displayed to the user when saving a file...

SUSE CVE-2008-4198

Opera before 9.52, when rendering an http page that has loaded an https page into a frame, displays a padlock icon and offers a security information dialog reporting a secure connection, which might allow remote attackers to trick a user into performing unsafe actions on the http page...

SUSE CVE-2011-3365

The KDE SSL Wrapper KSSL API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

SUSE CVE-2011-3367

Arora, possibly 0.11 and other versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

SUSE CVE-2011-3366

Rekonq 0.7.0 and earlier does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

SUSE CVE-2011-3388

Opera before 11.51 allows remote attackers to cause an insecure site to appear secure or trusted via unspecified actions related to Extended Validation and loading content from trusted sources in an unspecified sequence that causes the address field and page information dialog to contain security...

CVE-2020-14425

Foxit Reader before 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. An attacker can execute local files and bypass the security dialog...

Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes

A previously unknown bug in Microsoft Windows would allow an attacker to spoof Windows dialog boxes that surface when making changes to the Windows registry. This would allow an adversary to plant malware or make other nefarious changes in the registry while getting around Windows’ built-in...

PDF-XChange Viewer 2.5 (Build 314.0) Code Execution

Exploit Title: PDF-XChange Viewer 2.5 Build 314.0 Javascript API Remote Code Execution Exploit Powershell PDF Exploit Creation Date: 21-08-2017 Software Link 32bit: http://pdf-xchange-viewer.it.uptodown.com/windows Exploit Author: Daniele Votta Contact: [email protected] Website:...

Nitro Pro PDF Reader 11.0.3.173 - Javascript API Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution', 'Description' = %q This module exploits an unsafe Javascript API implemente...

Microsoft Internet Explorer 5.0.1 Modal Dialog Manipulation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17713/info Internet Explorer is prone to a remote code-execution vulnerability through exploiting a race-condition when displaying modal security dialog boxes. This issue may be exploited to cause users to inadvertently...

FreeBSD Ports: kdelibs

The remote host is missing an update to the system as announced in the referenced advisory. VID 6d21a287-fce0-11e0-a828-00235a5f2c9a OpenVAS Vulnerability Test $ Description: Auto generated from VID 6d21a287-fce0-11e0-a828-00235a5f2c9a Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...