Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

672 matches found

Cvelist
Cvelistadded 2025/01/21 11:4 p.m.9 views

CVE-2024-43765

In multiple locations, there is a possible way to obtain access to a folder due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

0.00074EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/01/21 11:4 p.m.6 views

CVE-2024-43765

In multiple locations, there is a possible way to obtain access to a folder due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

7.1AI score0.00074EPSS
Exploits0References1
CVE
CVEadded 2025/01/21 11:4 p.m.766 views

CVE-2024-43765

CVE-2024-43765 is reported across multiple feeds as a local elevation-of-privilege on Android via a tapjacking/overlay attack that can grant access to a folder with user-initiated interaction. Exploitation requires user interaction and occurs in multiple locations; no device-specific proof or exp...

7.8CVSS6.8AI score0.00074EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTECadded 2025/01/13 12:0 a.m.5 views

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client on Android operating systems stems from an improper limitation on the displayed layers of the user interface. This allows attackers to execute a type of attack known as tapjacking.

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client on Android operating systems is related to an improper limitation on the displayed layers of the user interface. Exploiting this vulnerability allows a remote attacker to perform a type of attack known as tapjacking...

9.4CVSS6.5AI score0.00488EPSS
Exploits0References13Affected Software3
OSV
OSVadded 2025/01/01 12:0 a.m.9 views

ASB-A-233605527

In multiple locations, there is a possible way to obtain access to a folder due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

7.8CVSS7.3AI score0.00074EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2024/11/27 4:4 a.m.2 views

SUSE CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...

8.1CVSS8.7AI score0.00488EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2024/11/26 11:50 p.m.10 views

CVE-2024-11700

The Mozilla Foundation's Security Advisory: Malicious websites may be able to user intent confirmation through tapjacking. This could lead to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities...

5.4CVSS6.5AI score0.00488EPSS
Exploits0References6
AlpineLinux
AlpineLinuxadded 2024/11/26 2:15 p.m.12 views

CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...

8.1CVSS7.6AI score0.00488EPSS
Exploits0References3
OSV
OSVadded 2024/11/26 2:15 p.m.2 views

CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...

8.1CVSS7.3AI score0.00488EPSS
Exploits0References3
NVD
NVDadded 2024/11/26 2:15 p.m.22 views

CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...

8.1CVSS0.00488EPSS
Exploits0References3
OSV
OSVadded 2024/11/26 2:15 p.m.0 views

UBUNTU-CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...

8.1CVSS5.8AI score0.00488EPSS
Exploits0References6
CVE
CVEadded 2024/11/26 1:33 p.m.295 views

CVE-2024-11700

The CVE-2024-11700 issue concerns Firefox and Thunderbird with versions earlier than 133, where tapjacking could let malicious sites synthesize user intent confirmations to launch external applications. This is described across multiple connected advisories (e.g., Gentoo GLSA references and Alpin...

8.1CVSS7.5AI score0.00488EPSS
Exploits0References3Affected Software2
Cvelist
Cvelistadded 2024/11/26 1:33 p.m.10 views

CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...

0.00488EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/11/26 1:33 p.m.7 views

CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...

7.5AI score0.00488EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2024/11/26 1:33 p.m.8 views

CVE-2024-11700

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox 133 and Thunderbird 133...

8.1CVSS6.5AI score0.00488EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2024/11/26 12:0 a.m.16 views

Mozilla Thunderbird < 133.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 133.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-67 advisory. - A double-free issue could have occurred in secpkcs7decoderstartdecrypt when handling an error path. Unde...

9.8CVSS7.5AI score0.00919EPSS
Exploits0References17
Tenable Nessus
Tenable Nessusadded 2024/11/26 12:0 a.m.14 views

Mozilla Thunderbird < 133.0

The version of Thunderbird installed on the remote Windows host is prior to 133.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-67 advisory. - A double-free issue could have occurred in secpkcs7decoderstartdecrypt when handling an error path. Under specific...

9.8CVSS7.5AI score0.00919EPSS
Exploits0References17
Mozilla
Mozillaadded 2024/11/26 12:0 a.m.27 views

Security Vulnerabilities fixed in Thunderbird 133 — Mozilla

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. Malicious websites may have been able...

9.8CVSS8.7AI score0.00833EPSS
Exploits0References17Affected Software1
Mozilla
Mozillaadded 2024/11/26 12:0 a.m.19 views

Security Vulnerabilities fixed in Firefox 133 — Mozilla

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. Malicious websites may have been able...

9.8CVSS8.7AI score0.00833EPSS
Exploits0References18Affected Software1
Tenable Nessus
Tenable Nessusadded 2024/11/26 12:0 a.m.10 views

Mozilla Firefox < 133.0

The version of Firefox installed on the remote Windows host is prior to 133.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-63 advisory. - A double-free issue could have occurred in secpkcs7decoderstartdecrypt when handling an error path. Under specific...

9.8CVSS7.5AI score0.00919EPSS
Exploits0References18
Rows per page
Query Builder