Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android android browser vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-12356
A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device...
Cisco Jabber -
Cisco Jabber 11.9\\(1\\)
Cisco Jabber 10.5\\(2\\)
7.4
CVSSv3
CVE-2020-15647
A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins. This vulnerability affects Firefox for < Android.
Mozilla Firefox
7.5
CVSSv3
CVE-2018-18334
A vulnerability in the Private Browser of Trend Micro Dr. Safety for Android (Consumer) versions below 3.0.1478 could allow an remote malicious user to bypass the Same Origin Policy (SOP) and obtain sensitive information via crafted JavaScript code on vulnerable installations.
Trendmicro Dr. Safety
1 Article
5.3
CVSSv3
CVE-2018-20523
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser....
Mi Stock Browser 10.2.4g
Mi Redmi 7 Firmware -
Mi Redmi Note 7 Firmware -
Mi Redmi Note 6 Pro Firmware -
Mi Redmi 6 Firmware -
Mi Redmi 6a Firmware -
Mi Redmi S2 Firmware -
Mi Redmi Note 5 Pro Firmware -
Mi Redmi K20 Pro Firmware -
Mi Redmi K20 Firmware -
Mi Redmi 7a Firmware -
Mi Redmi Go Firmware -
Mi Redmi Note 5 Firmware -
Mi Redmi Y3 Firmware -
Mi Redmi Note 7s Firmware -
Mi Redmi 4a Firmware -
Mi Redmi Note 4 Firmware -
Mi Redmi 5 Plus Firmware -
Mi Redmi Note 5a Prime Firmware -
5.4
CVSSv3
CVE-2017-12358
A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is d...
Cisco Jabber -
Cisco Jabber 11.9\\(0\\)
8.8
CVSSv3
CVE-2022-1634
Use after free in Browser UI in Google Chrome before 101.0.4951.64 allowed a remote attacker who had convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific user interactions.
Google Chrome
5.5
CVSSv3
CVE-2019-5765
An exposed debugging endpoint in the browser in Google Chrome on Android before 72.0.3626.81 allowed a local malicious user to obtain potentially sensitive information from process memory via a crafted Intent.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Debian Debian Linux 9.0
Fedoraproject Fedora 29
Fedoraproject Fedora 30
2 Github repositories
1 Article
6.1
CVSSv3
CVE-2021-38000
Insufficient validation of untrusted input in Intents in Google Chrome on Android before 95.0.4638.69 allowed a remote malicious user to arbitrarily browser to a malicious URL via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Article
8.8
CVSSv3
CVE-2021-38003
Inappropriate implementation in V8 in Google Chrome before 95.0.4638.69 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Debian Debian Linux 10.0
Debian Debian Linux 11.0
1 Github repository
1 Article
6.5
CVSSv3
CVE-2017-5072
Inappropriate implementation in Omnibox in Google Chrome before 59.0.3071.92 for Android allowed a remote malicious user to perform domain spoofing with RTL characters via a crafted URL page.
Google Chrome
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »