48 matches found
CVE-2026-35508
Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,...
CVE-2026-35508
Shynet before 0.14.0 allows XSS in urldisplay and iconify template filters,...
EUVD-2016-6081
Malware in sbrugna...
EUVD-2004-0166
Malware in sbrugna...
EUVD-2013-2262
Malware in sbrugna...
EUVD-2004-1447
Malware in sbrugna...
EUVD-2017-17408
Malware in sbrugna...
EUVD-2022-3569
Malicious code in bioql PyPI...
CVE-2022-28869
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number...
CVE-2021-23253
Opera Mini for Android below 53.1 displays URL left-aligned in the address field. This allows a malicious attacker to craft a URL with a long domain name, e.g. www.safe.opera.com.attacker.com. With the URL being left-aligned, the user will only see the front part e.g. www.safe.opera.com… The exac...
CVE-2020-2227
Jenkins Deployer Framework Plugin 1.2 and earlier does not escape the URL displayed in the build home page, resulting in a stored cross-site scripting vulnerability...
Brave Desktop 1.77.95 Security Fixes
Updated brave://downloads to always display the download URL as reported on HackerOne by cj27. - Prevent extensions from injecting content scripts on https://account.brave.com as reported on HackerOne by newfunction. Upgraded Chromium to 135.0.7049.52 — refer to Google Chrome advisories for...
RHEL 8 : thunderbird (RHSA-2024:0961)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0961 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.8.0. Security Fixes: Mozilla:...
SUSE CVE-2016-1707
ios/web/webstate/ui/crwwebcontroller.mm in Google Chrome before 52.0.2743.82 on iOS does not ensure that an invalid URL is replaced with the about:blank URL, which allows remote attackers to spoof the URL display via a crafted web site...
CVE-2022-0112
Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL...
CVE-2022-0112
Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL...
CVE-2021-23253
Opera Mini for Android below 53.1 displays URL left-aligned in the address field. This allows a malicious attacker to craft a URL with a long domain name, e.g. www.safe.opera.com.attacker.com. With the URL being left-aligned, the user will only see the front part e.g. www.safe.opera.com… The exac...
Code injection
Opera Mini for Android below 53.1 displays URL left-aligned in the address field. This allows a malicious attacker to craft a URL with a long domain name, e.g. www.safe.opera.com.attacker.com. With the URL being left-aligned, the user will only see the front part e.g. www.safe.opera.com… The exac...
CVE-2021-23253
Opera Mini for Android below 53.1 is affected by an address-bar spoofing issue: long URLs with left-aligned display can hide the real domain (example: www.safe.opera.com.attacker.com). Starting with version 53.1, long URLs are displayed with the top-level domain label aligned to the right of the ...
CVE-2020-6827
The Mozilla Foundation Security Advisory describes this flaw as: When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI...