23 matches found
EUVD-2015-1268
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2015-1125
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The touch-events implementation in WebKit in Apple iOS before 8.3 allows remote attackers to trigger an association between a tap and an unintended web resource...
PT-2023-20207 · Zte · Zte Mobile Phones
Name of the Vulnerable Software and Affected Versions: ZTE mobile phones affected versions not specified Description: There is a permission and access control issue in some ZTE mobile phones, allowing applications to monitor touch events due to improper access control. Recommendations: At the...
SUSE CVE-2013-0751
Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting XSS attacks via a crafted HTML document...
SUSE CVE-2015-1125
The touch-events implementation in WebKit in Apple iOS before 8.3 allows remote attackers to trigger an association between a tap and an unintended web resource via a crafted web site...
SUSE CVE-2015-1241
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...
CAE LearningSpace Enterprise 跨站脚本漏洞
CAE LearningSpace Enterprise is a clinical simulation management platform from CAE Canada, Inc. CAE LearningSpace Enterprise with Intuity License image 267r patch 639 contains a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data b...
CVE-2021-25484
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event...
Security update for webkit2gtk3 (important)
This update for webkit2gtk3 fixes the following issues: Update to version 2.18.5: + Disable SharedArrayBuffers from Web API. + Reduce the precision of "high" resolution time to 1ms. + bsc1075419 - Security fixes: includes improvements to mitigate the effects of Spectre and Meltdown CVE-2017-5753...
openSUSE Security Update : webkit2gtk3 (openSUSE-2018-118) (Meltdown) (Spectre)
This update for webkit2gtk3 fixes the following issues : Update to version 2.18.5 : + Disable SharedArrayBuffers from Web API. + Reduce the precision of 'high' resolution time to 1ms. + bsc1075419 - Security fixes: includes improvements to mitigate the effects of Spectre and Meltdown CVE-2017-575...
Events and disabled form fields
I've been working on the web since I was a small child all the way through to the haggard old man I am to day. However, the web still continues to surprise me. Turns out, mouse events don't fire when the pointer is over disabled form elements, except in Firefox. Serious? Serious. Give it a go. Mo...
Google Chrome suffers from an unspecified vulnerability (CNVD-2015-02615)
Google Chrome is a web browsing tool developed by Google. A security vulnerability exists in versions of Google Chrome prior to 42.0.2311.90, which stems from the program failing to properly handle interactions between page navigation and touch and gesture events. A remote attacker can exploit th...
Code injection
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...
CVE-2015-1241
Removed by vendor...
CVE-2015-1241
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...
CVE-2015-1241
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...
UBUNTU-CVE-2015-1241
Google Chrome before 42.0.2311.90 does not properly consider the interaction of page navigation with the handling of touch events and gesture events, which allows remote attackers to trigger unintended UI actions via a crafted web site that conducts a "tapjacking" attack...
UBUNTU-CVE-2015-1125
The touch-events implementation in WebKit in Apple iOS before 8.3 allows remote attackers to trigger an association between a tap and an unintended web resource via a crafted web site...
CVE-2015-1125
The touch-events implementation in WebKit in Apple iOS before 8.3 allows remote attackers to trigger an association between a tap and an unintended web resource via a crafted web site...
Screenlogger - A keylogger app for Android and iOS Smartphones
Are you using a pattern lock for your Smartphone to remain untouched from cyber criminals? But you are not aware that even your swipe gestures can be analyzed by hackers. Neal Hindocha, a security adviser for the technology company Trustwave, has developed a prototype malware for the Smartphones...