Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
obscure vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2021-29981
An issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code that would lead to a potentially exploitable crash. This vulnerability affects Firefox < 91 and Thunderbird < 91.
Mozilla Firefox
Mozilla Thunderbird
NA
CVE-2013-4509
The default configuration of IBUS 1.5.4, and possibly 1.5.2 and previous versions, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which allows physically proximate malicious users to obtain a user password by re...
Ibus Project Ibus 1.5.4
Ibus Project Ibus
Opensuse Opensuse 13.1
4.3
CVSSv3
CVE-2022-4917
Incorrect security UI in Notifications in Google Chrome on Android before 103.0.5060.53 allowed a remote malicious user to obscure the full screen notification via a crafted HTML page. (Chromium security severity: Low)
Google Chrome
Fedoraproject Fedora 38
5.3
CVSSv3
CVE-2019-9150
Mailvelope before 3.3.0 does not require user interaction to import public keys shown on web page. This functionality can be tricked to either hide a key import from the user or obscure which key was imported.
Mailvelope Mailvelope
3.3
CVSSv3
CVE-2023-21278
In multiple locations, there is a possible way to obscure the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Google Android 12.0
Google Android 13.0
Google Android 12.1
NA
CVE-2008-2744
Cross-site scripting (XSS) vulnerability in vBulletin 3.6.10 and 3.7.1 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors and an "obscure method." NOTE: the vector is probably in the redirect parameter to the Admin Control Panel (ad...
Vbulletin Vbulletin 3.7.1
Vbulletin Vbulletin 3.6.10
1 EDB exploit
NA
CVE-2014-1886
The Edinburgh by Bus application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote malicious users to execute arbitrary JavaScript code, and consequently access external-storage resources, by leveraging control over one of a number of "obscure Eastern ...
Edinburghtour Edinburgh By Bus -
9.1
CVSSv3
CVE-2023-29534
Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulne...
Mozilla Firefox
Mozilla Firefox Focus
5.3
CVSSv3
CVE-2018-5173
The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the...
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Mozilla Firefox
4.3
CVSSv3
CVE-2020-6810
After a website had entered fullscreen mode, it could have used a previously opened popup to obscure the notification that indicates the browser is in fullscreen mode. Combined with spoofing the browser chrome, this could have led to confusing the user about the current origin of...
Mozilla Firefox
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »