20 matches found
EUVD-2015-3794
Malware in sbrugna...
EUVD-2015-4518
Malware in sbrugna...
EUVD-2022-51014
Malicious code in bioql PyPI...
EUVD-2022-52551
Malicious code in bioql PyPI...
CVE-2022-48314
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality...
CVE-2022-30722
Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of Samsung Account...
CVE-2025-27425 QR code user confirmation bypass with invalid protocol
Scanning certain QR codes that included text with a website URL could allow the URL to be opened without presenting the user with a confirmation alert first. This vulnerability was fixed in Firefox for iOS 136...
CVE-2023-21387
In User Backup Manager, there is a possible way to leak a token to bypass user confirmation for backup due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-48313
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality...
CVE-2022-48314
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality...
SUSE CVE-2015-4498
The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early poin...
CVE-2022-30722
Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of Samsung Account...
RHEL 6 : chromium-browser (RHSA-2018:2666)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2666 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 69.0.3497.81. Security Fixes:...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 69 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 69.0.3497.81 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...
KLA11312 Multiple vulnerabilities in Google Chrome
Multiple serious vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions and spoof user interface. Below is a complete list of vulnerabilities: 1. ...
CVE-2016-1770
The Reminders component in Apple OS X before 10.11.4 allows attackers to bypass an intended user-confirmation requirement and trigger a dialing action via a tel: URL...
CVE-2016-1770
The Reminders component in Apple OS X before 10.11.4 allows attackers to bypass an intended user-confirmation requirement and trigger a dialing action via a tel: URL...
Mozilla Firefox Multiple Vulnerabilities (mfsa2015-94) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
CVE-2015-4498
CVE-2015-4498 affects Mozilla Firefox and Firefox ESR. The vulnerability arises in the add-on installation flow: an attacker can bypass the user-confirmation prompt by crafting a data: URL and navigating to an arbitrary http: or https: URL early in the installation process, enabling installation ...
UBUNTU-CVE-2015-0812
Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installations, which allows man-in-the-middle attackers to bypass an intended user-confirmation requirement by deploying a crafted web site and conducting a DNS spoofing attack against a mozilla.org subdoma...