Lucene search
K
UcwebUc Browser

5 matches found

CVE
CVE
added 2022/06/13 6:50 a.m.55 views

CVE-2017-20041

UC Browser 11.2.5.932 is affected by CVE-2017-20041 due to the HTML Handler: manipulation of the title argument leads to improper restriction of rendered UI layers (URL). The issue is exploitable remotely and the exploit has been disclosed publicly. No patch/version remediation details are provid...

6.5CVSS6AI score0.00669EPSS
CVE
CVE
added 2019/03/28 2:0 p.m.53 views

CVE-2019-10250

Summary (CVE-2019-10250) : UCWeb UC Browser 7.0.185.1002 on Windows downloads certain PDF modules over HTTP, enabling man‑in‑the‑middle (MITM) attacks. Root cause: unencrypted HTTP module retrieval. Impact: potential confidentiality exposure via MITM. Exploitation details or active exploit status...

5.9CVSS5.8AI score0.00723EPSS
CVE
CVE
added 2020/10/20 4:40 p.m.51 views

CVE-2020-7364

CVE-2020-7364 is a UI-based spoofing vulnerability in UCWeb UC Browser (Android) affecting version 13.0.8 and earlier. The root cause is a misrepresentation in the address bar, enabling an attacker to obfuscate the true source of data via JavaScript timing tricks, potentially causing a pop-up or ...

4.3CVSS4.5AI score0.00733EPSS
CVE
CVE
added 2020/10/20 4:40 p.m.50 views

CVE-2020-7363

CVE-2020-7363 affects UCWeb UC Browser versions 13.0.8 and earlier, enabling UI/address-bar spoofing through JavaScript timing tricks that can mislead users about the page origin. Exploitation requires visiting a page hosting executable JavaScript; it can trigger in-browser content or popups that...

4.3CVSS4.5AI score0.00733EPSS
CVE
CVE
added 2019/03/28 2:1 p.m.47 views

CVE-2019-10251

The CVE-2019-10251 entry concerns the UCWeb UC Browser on Android (pre-2020) that downloads modules tied to PDF/Office processing via libpicsel over HTTP. This insecure HTTP traffic enables man‑in‑the‑middle attacks against module downloads, exposing users to potential data interception or tamper...

5.9CVSS5.6AI score0.00803EPSS