Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
android browser vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2020-26964
If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was impleme...
Mozilla Firefox
6.5
CVSSv3
CVE-2020-27403
A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows an attacker on the adjacent network to arbitrarily browse and download sensitive files over an insecure web server running...
Tcl 32s330 Firmware
Tcl 40s330 Firmware
Tcl 43s434 Firmware
Tcl 50s434 Firmware
Tcl 55s434 Firmware
Tcl 65s434 Firmware
Tcl 75s434 Firmware
8.8
CVSSv3
CVE-2020-15995
Out of bounds write in V8 in Google Chrome before 86.0.4240.99 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
8.8
CVSSv3
CVE-2020-15976
Use after free in WebXR in Google Chrome on Android before 86.0.4240.75 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Backports Sle 15.0
Fedoraproject Fedora 33
8.8
CVSSv3
CVE-2020-15978
Insufficient data validation in navigation in Google Chrome on Android before 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Backports Sle 15.0
7.8
CVSSv3
CVE-2020-15980
Insufficient policy enforcement in Intents in Google Chrome on Android before 86.0.4240.75 allowed a local malicious user to bypass navigation restrictions via crafted Intents.
Google Chrome
Opensuse Backports Sle 15.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
4.7
CVSSv3
CVE-2020-7744
This affects all versions of package com.mintegral.msdk:alphab. The Android SDK distributed by the company contains malicious functionality in this module that tracks: 1. Downloads from Google urls either within Google apps or via browser including file downloads, e-mail attachme...
Mintegral Mintegraladsdk -
6.5
CVSSv3
CVE-2020-15664
By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended ...
Mozilla Firefox
Mozilla Firefox Esr
Mozilla Thunderbird
6.5
CVSSv3
CVE-2020-6538
Inappropriate implementation in WebView in Google Chrome on Android before 84.0.4147.105 allowed a remote malicious user to leak cross-origin data via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Fedoraproject Fedora 33
6.5
CVSSv3
CVE-2020-6563
Insufficient policy enforcement in intent handling in Google Chrome on Android before 85.0.4183.83 allowed a remote malicious user to obtain potentially sensitive information from disk via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 33
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »