CVE-2024-6995

HIGH Year: 2024
CVSS v3 Score
8.8
High
Weakness Type
CWE-358
View all →

Vulnerability Description

Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

Related Vulnerabilities

CVE-2016-10834

HIGH
CVSS:8.8(High)

cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105).

CWE-3582016

CVE-2022-25152

HIGH
CVSS:8.8(High)

The ITarian platform (SAAS / on-premise) offers the possibility to run code on agents via a function called procedures. It is possible to require a mandatory approval process. Due to a vulnerability i...

CWE-3582022

CVE-2024-6101

HIGH
CVSS:8.8(High)

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

CWE-3582024

CVE-2025-3069

HIGH
CVSS:8.8(High)

Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Mediu...

CWE-3582025

CVE-2023-39403

CRITICAL
CVSS:9.1(Critical)

Parameter verification vulnerability in the installd module. Successful exploitation of this vulnerability may cause sandbox files to be read and written without authorization.

CWE-3582023

CVE-2016-10825

HIGH
CVSS:8.1(High)

cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents (SEC-92).

CWE-3582016