CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

672 matches found

AlpineLinux•added 2023/08/29 3:5 p.m.•24 views

CVE-2023-0654

Due to a misconfiguration, the WARP Mobile Client 6.29 for Android was susceptible to a tapjacking attack. In the event that an attacker built a malicious application and managed to install it on a victim's device, the attacker would be able to trick the user into believing that the app shown on...

3.9CVSS6.8AI score0.00197EPSS

Exploits0References2

Positive Technologies•added 2023/08/29 12:0 a.m.•4 views

PT-2023-16430 · Unknown · Warp Mobile Client

Name of the Vulnerable Software and Affected Versions: WARP Mobile Client versions prior to 6.29 Description: The issue is due to a misconfiguration, making the WARP Mobile Client susceptible to a tapjacking attack. If an attacker installs a malicious application on a victim's device, they can...

3.9CVSS3.9AI score0.00197EPSS

Exploits0References7

OSV•added 2023/06/28 6:15 p.m.•0 views

CVE-2022-20443

In hasInputInfo of Layer.cpp, there is a possible bypass of user interaction requirements due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

7.8CVSS5.9AI score

Exploits0References1

ATTACKERKB•added 2023/06/28 6:15 p.m.•4 views

CVE-2022-20443

7.8CVSS7.2AI score0.00089EPSS

Exploits0References2

NVD•added 2023/06/28 6:15 p.m.•24 views

CVE-2022-20443

7.8CVSS7.8AI score0.00089EPSS

Exploits0References1

Prion•added 2023/06/28 6:15 p.m.•23 views

Design/Logic Flaw

4.3CVSS7.9AI score0.00089EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/06/28 12:0 a.m.•9 views

CVE-2022-20443

7.4AI score0.00089EPSS

Exploits0References1

Cvelist•added 2023/06/28 12:0 a.m.•31 views

CVE-2022-20443

8.2AI score0.00089EPSS

Exploits0References1

CVE•added 2023/06/28 12:0 a.m.•92 views

CVE-2022-20443

CVE-2022-20443 concerns Android 13 where the hasInputInfo function in Layer.cpp may bypass user interaction via a tapjacking/overlay attack, enabling local escalation of privilege with no extra execution privileges and no user interaction required for exploitation. Affected product: Android 13 (A...

7.8CVSS7.7AI score0.00089EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2023/06/28 12:0 a.m.•4 views

PT-2023-12643 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible bypass of user interaction requirements due to a tapjacking/overlay attack in the hasInputInfo function of Layer.cpp. This could lead to local escalation of privilege...

7.8CVSS7.5AI score0.00089EPSS

Exploits0References3

OSV•added 2023/05/01 12:0 a.m.•19 views

ASB-A-197296414

In several functions of inputDispatcher.cpp, there is a possible way to make toasts clickable due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.7AI score

Exploits0References6

SUSE CVE•added 2023/02/15 5:22 a.m.•1 views

SUSE CVE-2015-1241

Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...

4.3CVSS8.8AI score0.02223EPSS

Exploits1References3

OSV•added 2023/01/26 9:18 p.m.•2 views

CVE-2023-20913

In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is...

7.8CVSS7.2AI score0.00125EPSS

Exploits0References1

NVD•added 2023/01/26 9:18 p.m.•18 views

CVE-2023-20913

7.8CVSS7.7AI score0.00125EPSS

Exploits0References1

Prion•added 2023/01/26 9:18 p.m.•23 views

Design/Logic Flaw

4.3CVSS7.7AI score0.00125EPSS

Exploits0References1Affected Software1

OSV•added 2023/01/26 9:15 p.m.•2 views

CVE-2022-20215

In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10...

5.5CVSS5.9AI score0.00126EPSS

Exploits0References1

NVD•added 2023/01/26 9:15 p.m.•24 views

CVE-2022-20215

5.5CVSS5.9AI score0.00126EPSS

Exploits0References1

OSV•added 2023/01/26 9:15 p.m.•3 views

CVE-2022-20213

In ApplicationsDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

5.5CVSS5.9AI score0.00126EPSS

Exploits0References1

NVD•added 2023/01/26 9:15 p.m.•27 views

CVE-2022-20213

5.5CVSS5.9AI score0.00126EPSS

Exploits0References1

NVD•added 2023/01/26 9:15 p.m.•18 views

CVE-2022-20214

In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. Attackers can overlay the toggle button to enable apps to modify system settings without user consent.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183411210...

4.7CVSS5.5AI score0.00226EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by