|
Google Chrome Vulnerabilities Discovered & Fixed |
Fixed in |
|
 |
CVE-2010-1663 Google Chrome Cross Origin Bypass |
Fixed:v4.1.249.1064 |
1000$ |
 |
CR–BUG-37447 Google Chrome Dangerous files auto-downloaded |
Fixed:v5.0.375.55 |
[N/A] |
 |
CVE-2010-4036 Google Chrome Location Bar Spoofing |
Fixed:v7.0.517.43 |
1000$ |
 |
CVE-2011-1107 Google Chrome Location Bar Spoofing |
Fixed:v9.0.597.107 |
1000$ |
 |
CVE-2011-1452 Google Chrome Location Bar Spoofing |
Fixed:v11.0.696.57 |
500$ |
 |
CVE-2011-2848 Google Chrome Location Bar Spoofing |
Fixed:v14.0.835.163 |
500$ |
 |
CVE-2011-2845 Google Chrome Location Bar Spoofing |
Fixed:v15.0.874.102 |
500$ |
 |
CVE-2011-3875 Google Chrome Addressbar Spoofing using drag & drop |
Fixed:v15.0.874.102 |
[N/A] |
 |
CVE-2017-5041 Google Chrome URL & SSL Spoofing in Omnibox |
Fixed:v57.0.2987.98 |
1000$ |
|
Firefox Vulnerabilities Discovered & Fixed |
Fixed in |
|
 |
CVE-2009-3985 Firefox Location Bar URL spoofing |
Fixed: v3.5.6/3.0.16 |
500$ |
 |
CVE-2010-2751 Firefox Location Bar SSL spoofing |
Fixed: v3.5.11/3.6.7 |
500$ |
 |
CVE-2011-0061 Firefox Buffer OverFlow using JPEG image |
Fixed: v3.6.14 |
3000$ |
 |
CVE-2011-2377 Firefox Memory corruption using JPEG image |
Fixed: v3.6.18/5.0.0 |
3000$ |
 |
CVE-2012-0474 Firefox Spoofing and Universal XSS |
Fixed: v12 |
3000$ |
 |
CVE-2012-3984 Firefox Addon & Java ClickJacking (report 1) |
Fixed: v16 |
3000$ |
 |
CVE-2012-3984 Firefox Addon & Java ClickJacking (report 2) |
Fixed: v16 |
3000$ |
 |
CVE-2012-4200 Firefox Location Bar Spoofing |
Fixed: v17 |
3000$ |
 |
CVE-2013-5593 Firefox Location Bar Spoofing & Clickjacking |
Fixed: v25.0 |
1500$ |
 |
CVE-2014-1480 Firefox Download/Execute Prompt ClickJacking |
Fixed: v27 |
500$ |
 |
CVE-2014-1539 Firefox for Mac CursorJacking Vulnerability |
Fixed: v30 |
3000$ |
 |
CVE-2015-0810 Firefox for Mac CursorJacking with WebRTC (report 1) |
Fixed: v37 |
1000$ |
 |
CVE-2015-0810 Firefox for Mac CursorJacking/ClickJacking (report 2) |
Fixed: v37 |
2000$ |
 |
CVE-2015-4476 Mozilla Firefox For Android URL & SSL Spoofing |
Fixed: v41 |
500$ |
 |
CVE-2015-7185 Firefox For Android URL & SSL Location Bar Spoofing |
Fixed: v42 |
2500$ |
 |
CVE-2015-7186 Firefox For Android file: URIs SOP Bypass |
Fixed: v42 |
1500$ |
 |
CVE-2016-1941 Firefox Download/Execute Prompt ClickJacking |
Fixed: v44 |
500$ |
 |
CVE-2016-1943 Addressbar spoofing attack on Firefox for Android |
Fixed: v44 |
4000$ |
 |
CVE-2016-1942 Location Bar Spoofing using wyciwyg & resource URI |
Fixed: v44 |
[N/A] |
 |
CVE-2016-1967 Same-origin policy violation |
Fixed: v45 |
3000$ |
 |
CVE-2016-2822 Firefox Location Bar Spoofing & Clickjacking |
Fixed: v47 |
1500$ |
 |
CVE-2016-5298 Firefox for Android SSL Spoofing |
Fixed: v50 |
[N/A] |
 |
Fixed by CVE-2016-9076 Firefox Location Bar Spoofing & Clickjacking |
Fixed: v50 |
2000$ |
 |
Fixed by CVE-2016-9076 Firefox Location Bar Spoofing & Clickjacking |
Fixed: v50 |
500$ |
 |
Fixed by CVE-2016-9076 Firefox Location Bar Spoofing & Clickjacking |
Fixed: v50 |
750$ |
 |
CVE-2017-5395 Firefox for Android Addressbar Spoofing |
Fixed: v51 |
500$ |
 |
CVE-2017-5394 Firefox for Android Location Bar Spoofing |
Fixed: v51 |
1000$ |
 |
Fixed by CVE-2017-5458 Location Bar Spoofing using javascript: URL |
Fixed: v53 |
[N/A] |
 |
CVE-2017-5452 Firefox for Android Addressbar Spoofing |
Fixed: v53 |
500$ |
 |
CVE-2017-5451 Firefox Addressbar Spoofing with onblur event |
Fixed: v53 |
750$ |
 |
CVE-2017-7770 Firefox for Android Addressbar spoofing |
Fixed: v54 |
1500$ |
 |
CVE-2017-7834 Content Security Policy Bypass using data: URLs |
Fixed: v57 |
750$ |
 |
CVE-2018-5182 Drag & drop event on addressbar can open local files |
Fixed: v60 |
500$ |
 |
CVE-2018-12382 Firefox for Android Addressbar Spoofing |
Fixed: v62 |
[N/A] |
|
OPERA VULNERABILITIES DISCOVERED & FIXED |
|
|
 |
CVE-2010-4045 Opera U-XSS and remote code execution |
Fixed: v10.63 |
[N/A] |
 |
CVE-2011-0682 Opera Remote Memory Corruption |
Fixed: v11.01 |
[N/A] |
 |
CVE-2012-1928 Opera PopUp window address field Spoofing |
Fixed: v11.62 |
[N/A] |
 |
CVE-2012-1924 Opera Small windows used for executing downloads |
Fixed: v11.62 |
[N/A] |
 |
CVE-2012-1925 Opera ClickJacking attack can execute downloads |
Fixed: v11.62 |
[N/A] |
 |
CVE-2012-3558 Opera PopUp window address field Spoofing |
Fixed: v11.65 |
[N/A] |
 |
CVE-2012-3555 Opera SE XSS and code execution n°1 |
Fixed: v11.65 |
[N/A] |
 |
CVE-2012-3556 Opera SE XSS and code execution n°2 |
Fixed: v12/11.65 |
[N/A] |
 |
CVE-2012-4143 Opera Small windows used for executing downloads |
Fixed: v12.01/11.66 |
[N/A] |
 |
CVE-2012-4142 Opera HTML Sanitization Bypass |
Fixed: v12.01/11.66 |
[N/A] |
 |
CVE-2012-6460 Opera truncated dialogs may be used to trick users |
Fixed: v12.02/11.67 |
[N/A] |
 |
DNA-11576 Opera Blacklisted extensions can be installed (...) |
Fixed: v18 |
[N/A] |
 |
CVE-2014-1870 Opera Location Bar Spoofing n°1 |
Fixed: v19 |
[N/A] |
 |
DNA-18354 Opera Location Bar Spoofing n°2 |
Fixed: v21 |
[N/A] |
 |
DNA-19280 Opera Location Bar Spoofing n°3 |
Fixed: v21 |
[N/A] |
|
VULNERABILITIES REWARDED UNFIXED |
|
|
 |
ATR-BUG-0471 AddressBar Spoofing (URL & SSL) & ClickJacking Attacks |
UNPATCHED |
500$ |
 |
ATR-BUG-0516 AddressBar Spoofing (URL & SSL) & ClickJacking Attacks |
UNPATCHED |
500$ |
 |
ATR-BUG-0581 Sensitive Data Theft |
UNPATCHED |
500$ |
 |
ATR-BUG-0815 Code Execution & Universal Cross-site Scripting |
UNPATCHED |
2000$ |
 |
ATR-BUG-1024 AddressBar Spoofing (URL & SSL) & Data Theft |
UNPATCHED |
2000$ |
 |
ATR-BUG-2034 Chrome privilege escalation leads to Code Execution |
UNPATCHED |
 |
ATR-BUG-2049 Code Execution due to Privileged Chrome Element Access |
UNPATCHED |
 |
ATR-BUG-1997 Remote Code Execution, WebCam & Micro Spying (...) |
UNPATCHED |
 |
ATR-BUG-2013 Remote Code Execution, WebCam & Micro Spying (...) |
UNPATCHED |
 |
ATR-BUG-1725 Cursor Remotely Controled / Mouse Pointer Hijacking |
UNPATCHED |
 |
ATR-BUG-1489 ClickJacking Method could lead to Code Execution |
UNPATCHED |
 |
ATR-BUG-1826 ClickJacking Attack leads to Code Execution |
UNPATCHED |
 |
ATR-BUG-1780 Cursor Clickjacking through cursor invisibility |
UNPATCHED |
 |
ATR-BUG-1832 Cursor Clickjacking through cursor invisibility |
UNPATCHED |
 |
ATR-BUG-1957 Same Origin Policy Bypass | Cross-Site Reading Attack |
UNPATCHED |
 |
ATR-BUG-2024 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-1596 Universal Clickjacking Vulnerability |
UNPATCHED |
 |
ATR-BUG-1359 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-1508 AddressBar Spoofing (URL & SSL) |
UNPATCHED |
 |
ATR-BUG-1518 AddressBar Spoofing (URL & SSL) & ClickJacking |
UNPATCHED |
 |
ATR-BUG-1529 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-1573 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-1574 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-1547 AddressBar SSL Spoofing |
UNPATCHED |
 |
ATR-BUG-1824 AddressBar SSL Spoofing |
UNPATCHED |
 |
ATR-BUG-1825 AddressBar SSL Spoofing |
UNPATCHED |
 |
ATR-BUG-1833 Remote files can be stolen |
UNPATCHED |
 |
ATR-BUG-2041 Specific File-Type & ClickJacking Attack leads to RCE |
UNPATCHED |
 |
ATR-BUG-2057 Code Execution on [x] by user-assisted remote attackers |
UNPATCHED |
 |
ATR-BUG-2004 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-1576 UI Spoofing |
UNPATCHED |
 |
ATR-BUG-1516 Web Browsing History Data Theft |
UNPATCHED |
 |
ATR-BUG-1265 Specific Dialog ClickJacking |
UNPATCHED |
 |
ATR-BUG-1623 Hijack the mouse pointer |
UNPATCHED |
 |
ATR-BUG-1856 FullScreen Persistence & User Notification not visible |
UNPATCHED |
 |
ATR-BUG-1052 Cross-Origin Policy Bypass |
UNPATCHED |
 |
ATR-BUG-1525 Same-Origin Policy Violation |
UNPATCHED |
 |
ATR-BUG-1522 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-0851 Code Execution & Universal Cross-site Scripting |
UNPATCHED |
 |
ATR-BUG-1396 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-1609 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-1203 AddressBar Spoofing (URL & SSL) |
UNPATCHED |
 |
ATR-BUG-1059 AddressBar Spoofing (URL & SSL) |
UNPATCHED |
 |
ATR-BUG-1095 AddressBar Spoofing (URL & SSL) |
UNPATCHED |
 |
ATR-BUG-1029 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-1468 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-1038 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-1258 Sensitive Data Theft |
UNPATCHED |
 |
ATR-BUG-1359 AddressBar Spoofing (URL & SSL Spoofing) |
UNPATCHED |
 |
ATR-BUG-0501 Universal ClickJacking Vulnerability |
UNPATCHED |
 |
ATR-BUG-1622 AddressBar Spoofing - URL & SSL Spoofing |
UNPATCHED |
 |
ATR-BUG-1857 SSL Spoofing - AddressBar SSL Indicator Spoofing |
UNPATCHED |
 |
ATR-BUG-2029 UI Spoofing Attack (AddressBar Spoofing & others Attacks) |
UNPATCHED |
 |
ATR-BUG-2017 Spoofing Vulnerability due to [X] |
UNPATCHED |
 |
ATR-BUG-2031 The ?? CSP Bypass |
UNPATCHED |
 |
ATR-BUG-1944 XSS Vulnerability due to [X] protection Bypass |
UNPATCHED |
 |
ATR-BUG-1827 AddressBar Spoofing |
UNPATCHED |
 |
ATR-BUG-1591 AddressBar Spoofing |
UNPATCHED |
 |
ATR-BUG-1681 AddressBar Spoofing |
UNPATCHED |
 |
ATR-BUG-1682 AddressBar Spoofing |
UNPATCHED |
 |
ATR-BUG-1683 AddressBar Spoofing |
UNPATCHED |
 |
ATR-BUG-1834 Stored Sensitive Data Theft |
UNPATCHED |
 |
ATR-BUG-1694 File Download Vulnerability (File Extension obscured) |
UNPATCHED |
 |
ATR-BUG-1326 Cross-Domain URLs Data Theft & Addressbar Spoofing |
UNPATCHED |
 |
ATR-BUG-1375 Same-Origin Policy Bypass |
UNPATCHED |
 |
ATR-BUG-1463 HTML Sanitization Bypass |
UNPATCHED |
 |
ATR-BUG-1424 AddressBar Spoofing |
UNPATCHED |
 |
ATR-BUG-1637 Cross-site Scripting Vulnerability in ########## |
UNPATCHED |
 |
ATR-BUG-1032 AddressBar Spoofing and ClickJacking Vulnerability |
UNPATCHED |
 |
ATR-BUG-1878 AddressBar Spoofing by user-assisted remote attackers |
UNPATCHED |
 |
ATR-BUG-1909 AddressBar Spoofing by user-assisted remote attackers |
UNPATCHED |
 |
ATR-BUG-2037 Local Attack can Lead To AddressBar URL Spoofing |
UNPATCHED |
 |
ATR-BUG-2047 AddressBar Spoofing by user-assisted remote attackers |
UNPATCHED |