CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

Linux Distros Unpatched Vulnerability : CVE-2026-8539

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a...

EUVD-2017-9006

Malware in sbrugna...

EUVD-2017-14118

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-11741

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A compromised sandboxed content process can perform a Universal Cross-site Scripting UXSS attack on content from any site it can cause to be loaded in the same...

SUSE CVE-2016-5265

Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 allow user-assisted remote attackers to bypass the Same Origin Policy, and conduct Universal XSS UXSS attacks or read arbitrary files, by arranging for the presence of a crafted HTML document and a crafted shortcut file in the same loca...

Security vulnerabilities fixed in Firefox 69 — Mozilla

Logging-related command line parameters are not properly sanitized when Firefox is launched by another program, such as when a user clicks on malicious links in a chat application. This can be used to write a log file to an arbitrary location such as the Windows 'Startup' folder. Note: this issue...

Unpatched Zero-Days in Microsoft Edge and IE Browsers Disclosed Publicly

Exclusive — A security researcher today publicly disclosed details and proof-of-concept exploits for two 'unpatched' zero-day vulnerabilities in Microsoft's web browsers after the company allegedly failed to respond to his responsible private disclosure. Both unpatched vulnerabilities—one of whic...

CVE-2017-17859

Samsung Internet Browser 6.2.01.12 allows remote attackers to bypass the Same Origin Policy, and conduct UXSS attacks to obtain sensitive information, via vectors involving an IFRAME element inside XSLT data in one part of an MHTML file. Specifically, JavaScript code in another part of this MHTML...

Apple TV < 10.2.1 Multiple Vulnerabilities

Binary data 700118.prm...

SHAREit for Android Vulnerabilities - Lenovo Support US

No description provided...

The vulnerability of the iOS operating system and the Safari browser allows a perpetrator to carry out a UXSS attack.

The vulnerability of the WebKit component of the iOS operating system and the Safari browser exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out a UXSS attack by utilizing the website structure...

The vulnerability of the iOS operating system and the Safari browser allows attackers to obtain information about the integration platform and the operating system, enabling them to carry out UXSS attacks.

The vulnerability of the WebKit component of the iOS operating system and the Safari browser exists due to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to obtain information about the integration platform and the operating...

The vulnerability of Safari browser and iOS operating system allows attackers to carry out UXSS attacks.

The vulnerability of the Safari Reader component in the Safari browser, operating system iOS, exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out UXSS attacks using a specially crafted website...

Google Chrome < 56.0.2924.76 Multiple Vulnerabilities

Binary data 9935.pasl...

The vulnerability of the Firefox browser, which allows attackers to carry out UXSS attacks

The vulnerability of the WebExtension sandbox component browser/components/extensions/ext-tabs.js in the Firefox browser does not properly restrict the inheritance from API calls like chrome.tabs.create and chrome.tabs.update. Exploiting this vulnerability allows a malicious actor to perform UXSS...