Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ui desktop vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2024-0804
Insufficient policy enforcement in iOS Security UI in Google Chrome before 121.0.6167.85 allowed a remote malicious user to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
5.5
CVSSv3
CVE-2024-3838
Inappropriate implementation in Autofill in Google Chrome before 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2024-3157
Out of bounds memory access in Compositing in Google Chrome before 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)
NA
CVE-2024-5497
Out of bounds memory access in Keyboard Inputs in Google Chrome before 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
6.5
CVSSv3
CVE-2024-0814
Incorrect security UI in Payments in Google Chrome before 121.0.6167.85 allowed a remote malicious user to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 38
Fedoraproject Fedora 39
NA
CVE-2014-1489
Mozilla Firefox prior to 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote malicious users to cause a denial of service (session restore) via a crafted web site.
Oracle Solaris 11.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Mozilla Firefox 0.4
Mozilla Firefox 0.5
Mozilla Firefox 0.9
Mozilla Firefox 0.9.1
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.5
Mozilla Firefox 1.5.0.1
Mozilla Firefox 1.5.0.10
Mozilla Firefox 1.5.0.6
Mozilla Firefox 1.5.0.7
Mozilla Firefox
Mozilla Firefox 0.1
Mozilla Firefox 0.6
Mozilla Firefox 0.6.1
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.7
4.3
CVSSv3
CVE-2021-37971
Incorrect security UI in Web Browser UI in Google Chrome before 94.0.4606.54 allowed a remote malicious user to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 33
Fedoraproject Fedora 35
Debian Debian Linux 10.0
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla Firefox
Apple Mac Os X
Suse Linux Enterprise Server 11
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mcafee Policy Auditor
Python Python
1 Article
6.5
CVSSv3
CVE-2022-3313
Incorrect security UI in full screen in Google Chrome before 106.0.5249.62 allowed a remote malicious user to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
8.8
CVSSv3
CVE-2022-2163
Use after free in Cast UI and Toolbar in Google Chrome before 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.
Google Chrome
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »