Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android android browser vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-7298
The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle malicious users to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict ...
Android Android Browser
Google Android
NA
CVE-2014-5770
The Web Browser for Android (aka explore.web.browser) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Web Browser For Android Project Web Browser For Android 1.2
NA
CVE-2014-6041
The Android WebView in Android prior to 4.4 allows remote malicious users to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open('\u0000javascript: sequence to the Android Browser application 4....
Google Android Browser 4.2.1
2 Metasploit modules
1 Github repository
1 Article
NA
CVE-2013-4710
Android 3.0 up to and including 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote malicious users to execute arbitrary methods of Java objects or cause a denial of service (reboot) via...
Google Android 4.0
Google Android 3.2.6
Google Android 3.2.4
Google Android 3.2.2
Google Android 4.0.4
Google Android 4.0.2
Google Android 3.2
Google Android 3.0
Google Android 4.1.2
Google Android 4.1
Google Android 4.0.3
Google Android 4.0.1
Google Android 3.2.1
Google Android 3.1
2 EDB exploits
2 Github repositories
1 Article
NA
CVE-2012-6636
The Android API prior to 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote malicious users to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript code that is loaded into the WebView compo...
Google Android Api 6.0
Google Android Api 15.0
Google Android Api 3.0
Google Android Api 8.0
Google Android Api 11.0
Google Android Api 9.0
Google Android Api 2.0
Google Android Api 12.0
Google Android Api 7.0
Google Android Api 1.0
Google Android Api 13.0
Google Android Api 14.0
Google Android Api 4.0
Google Android Api
Google Android Api 5.0
Google Android Api 10.0
1 EDB exploit
4 Github repositories
1 Article
NA
CVE-2011-2357
Cross-application scripting vulnerability in the Browser URL loading functionality in Android 2.3.4 and 3.1 allows local applications to bypass the sandbox and execute arbitrary Javascript in arbitrary domains by (1) causing the MAX_TAB number of tabs to be opened, then loading a...
Google Android 3.1
Google Android 2.3.4
1 EDB exploit
1 Article
NA
CVE-2010-4804
The Android browser in Android prior to 2.3.4 allows remote malicious users to obtain SD card contents via crafted content:// URIs, related to (1) BrowserActivity.java and (2) BrowserSettings.java in com/android/browser/.
Google Android 1.6
Google Android 2.1
Google Android 2.3
Google Android 1.5
Google Android 2.2.1
Google Android 2.2.2
Google Android 2.2
Google Android
1 EDB exploit
2 Github repositories
5.5
CVSSv3
CVE-2021-0672
In Browser app, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndro...
Google Android 8.1
Google Android 9.0
Google Android 10.0
Google Android 11.0
NA
CVE-2012-5179
The Boat Browser application prior to 4.2 and Boat Browser Mini application prior to 3.9 for Android do not properly implement the WebView class, which allows malicious users to obtain sensitive information via a crafted application.
Boatmob Boat Browser 3.1
Boatmob Boat Browser 2.6
Boatmob Boat Browser
Boatmob Boat Browser 3.3
Boatmob Boat Browser 2.4.1
Boatmob Boat Browser 2.3
Boatmob Boat Browser 2.2
Boatmob Boat Browser 2.1
Boatmob Boat Browser 3.2.1
Boatmob Boat Browser 3.0
Boatmob Boat Browser 2.5.1
Boatmob Boat Browser 2.0
Boatmob Boat Browser Mini 3.3
Boatmob Boat Browser Mini 2.7
Boatmob Boat Browser Mini 2.6.1
Boatmob Boat Browser Mini 3.4
Boatmob Boat Browser Mini 2.8
Boatmob Boat Browser Mini 3.2
Boatmob Boat Browser Mini 2.7.1
Boatmob Boat Browser Mini 3.1
Boatmob Boat Browser Mini 3.0.1
Boatmob Boat Browser Mini 3.6
NA
CVE-2008-0986
Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and previous versions, and m5-rc14, allows remote malicious users to execute arbitrary code via a crafted BMP file with a header containing a negative offset field.
Google Android Sdk M5-rc14
Google Android Sdk
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »