CVE-2026-34179

creationtimestamp| type| source ---|---|--- 2026-04-09 07:10:23+00:00| published-proof-of-concept| https://github.com/canonical/lxd/security/advisories/GHSA-c3h3-89qf-jqm5 2026-04-09 10:18:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mj2lfkl4z627 2026-04-09...

GHSA-7G7F-62CF-Q66H

creationtimestamp| type| source ---|---|--- 2025-02-17 00:19:09+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4615 2025-02-17 00:20:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4620 2025-02-17 00:21:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4625 2025-02-17 00:22:16+00:00...

SUSE CVE-2009-1710

WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of 1 the host name, 2 security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property...

SUSE CVE-2010-4583

Opera before 11.00, when Opera Turbo is enabled, does not display a page's security indication, which makes it easier for remote attackers to spoof trusted content via a crafted web site...

Vulntober: Multiple Mobile Browser Address Bar Spoofing Vulnerabilities

Today, we're announcing a coordinated vulnerability disclosure publication with our longtime mobile hacker friend, Rafay Baloch. If you'd like to just jump straight to the technical details for these vulnerabilities, I invite you to read his paper here. If you want to know more about why this...

Clickjacking

thunderbird is vulnerable to clickjacking. A flaw was found in the way Thunderbird displayed certain web content. A malicious HTML mail message could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are...

threat_note - DPS' Lightweight Investigation Notebook

threatnote is a web application built by Defense Point Security to allow security researchers the ability to add and retrieve indicators related to their research. As of right now this includes the ability to add IP Addresses, Domains and Threat Actors, with more types being added in the future...

MISP - Malware Information Sharing Platform and Threat Sharing

The objective of MISP is to foster the sharing of structured information within the security community and abroad. MISP provides functionalities to support the exchange of information but also the consumption of the information by Network Intrusion Detection System NIDS, LIDS but also log analysi...

Design/Logic Flaw

WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of 1 the host name, 2 security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property...

Ubuntu 5.10 / 6.06 LTS / 6.10 : firefox vulnerabilities (USN-428-1)

Several flaws have been found that could be used to perform Cross-site scripting attacks. A malicious website could exploit these to modify the contents or steal confidential data such as passwords from other opened web pages. CVE-2006-6077, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981,...

CVE-2007-0779

GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...

Code injection

GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot property with a large, transparent, custom...

Spoofing using custom cursor and CSS3 hotspot — Mozilla

David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using a large, mostly transparent, custom cursor and adjusting the CSS3 hotspot property so that the visible part of the cursor floated outside the browser content area...