Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android android browser vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-7298
The Android browser in Android cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle malicious users to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict ...
Google Android
Android Android Browser
NA
CVE-2014-5770
The Web Browser for Android (aka explore.web.browser) application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Web Browser For Android Project Web Browser For Android 1.2
NA
CVE-2014-6041
The Android WebView in Android prior to 4.4 allows remote malicious users to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open('\u0000javascript: sequence to the Android Browser application 4....
Google Android Browser 4.2.1
2 Metasploit modules
1 Github repository
1 Article
NA
CVE-2013-4710
Android 3.0 up to and including 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote malicious users to execute arbitrary methods of Java objects or cause a denial of service (reboot) via...
Google Android 3.2.6
Google Android 4.1
Google Android 3.2.4
Google Android 3.2
Google Android 3.2.2
Google Android 4.0.2
Google Android 4.0.4
Google Android 4.0.1
Google Android 3.0
Google Android 3.1
Google Android 4.0.3
Google Android 4.0
Google Android 3.2.1
Google Android 4.1.2
2 EDB exploits
2 Github repositories
1 Article
NA
CVE-2012-6636
The Android API prior to 17 does not properly restrict the WebView.addJavascriptInterface method, which allows remote malicious users to execute arbitrary methods of Java objects by using the Java Reflection API within crafted JavaScript code that is loaded into the WebView compo...
Google Android Api 6.0
Google Android Api 15.0
Google Android Api 3.0
Google Android Api 8.0
Google Android Api 11.0
Google Android Api 9.0
Google Android Api 2.0
Google Android Api 12.0
Google Android Api 7.0
Google Android Api 1.0
Google Android Api 13.0
Google Android Api 14.0
Google Android Api 4.0
Google Android Api
Google Android Api 5.0
Google Android Api 10.0
1 EDB exploit
4 Github repositories
1 Article
NA
CVE-2011-2357
Cross-application scripting vulnerability in the Browser URL loading functionality in Android 2.3.4 and 3.1 allows local applications to bypass the sandbox and execute arbitrary Javascript in arbitrary domains by (1) causing the MAX_TAB number of tabs to be opened, then loading a...
Google Android 3.1
Google Android 2.3.4
1 EDB exploit
1 Article
NA
CVE-2010-4804
The Android browser in Android prior to 2.3.4 allows remote malicious users to obtain SD card contents via crafted content:// URIs, related to (1) BrowserActivity.java and (2) BrowserSettings.java in com/android/browser/.
Google Android 1.6
Google Android 2.1
Google Android 2.3
Google Android 1.5
Google Android 2.2.1
Google Android 2.2.2
Google Android 2.2
Google Android
1 EDB exploit
2 Github repositories
NA
CVE-2014-0815
The intent: URL implementation in Opera prior to 18 on Android allows malicious users to read local files by leveraging an interaction error, as demonstrated by reading stored cookies.
Opera Opera Browser
Opera Opera Browser 1.00
Opera Opera Browser 10.00
Opera Opera Browser 10.01
Opera Opera Browser 10.10
Opera Opera Browser 10.11
Opera Opera Browser 10.20
Opera Opera Browser 10.50
Opera Opera Browser 10.51
Opera Opera Browser 10.52
Opera Opera Browser 10.53
Opera Opera Browser 10.54
Opera Opera Browser 10.60
Opera Opera Browser 10.61
Opera Opera Browser 10.62
Opera Opera Browser 10.63
Opera Opera Browser 11.00
Opera Opera Browser 11.01
Opera Opera Browser 11.10
Opera Opera Browser 11.11
Opera Opera Browser 11.50
Opera Opera Browser 11.51
5.5
CVSSv3
CVE-2021-0672
In Browser app, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndro...
Google Android 8.1
Google Android 9.0
Google Android 10.0
Google Android 11.0
NA
CVE-2012-1392
Unspecified vulnerability in the Dolphin Browser HD (mobi.mgeek.TunnyBrowser) application 6.2.0, 7.2.1, 7.3.0, and 7.4.0 for Android has unknown impact and attack vectors.
Dolphin-browser Dolphin Browser Hd 6.2.0
Dolphin-browser Dolphin Browser Hd 7.2.1
Dolphin-browser Dolphin Browser Hd 7.3.0
Dolphin-browser Dolphin Browser Hd 7.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »