LIST OF VULNERAILITIES DISCOVERED
CVE-2010-1663 Google Chrome Cross Origin Bypass | Fixed:v4.1.249.1064 | 1000$ | |
CR–BUG-37447 Google Chrome Dangerous files auto-downloaded | Fixed:v5.0.375.55 | [N/A] | |
CVE-2010-4036 Google Chrome Location Bar Spoofing | Fixed:v7.0.517.43 | 1000$ | |
CVE-2011-1107 Google Chrome Location Bar Spoofing | Fixed:v9.0.597.107 | 1000$ | |
CVE-2011-1452 Google Chrome Location Bar Spoofing | Fixed:v11.0.696.57 | 500$ | |
CVE-2011-2848 Google Chrome Location Bar Spoofing | Fixed:v14.0.835.163 | 500$ | |
CVE-2011-2845 Google Chrome Location Bar Spoofing | Fixed:v15.0.874.102 | 500$ | |
CVE-2011-3875 Google Chrome Addressbar Spoofing using drag & drop | Fixed:v15.0.874.102 | [N/A] | |
CVE-2017-5041 Google Chrome URL & SSL Spoofing in Omnibox | Fixed:v57.0.2987.98 | 1000$ | |
CVE-2009-3985 Firefox Location Bar URL spoofing | Fixed: v3.5.6/3.0.16 | 500$ | |
CVE-2010-2751 Firefox Location Bar SSL spoofing | Fixed: v3.5.11/3.6.7 | 500$ | |
CVE-2011-0061 Firefox Buffer OverFlow using JPEG image | Fixed: v3.6.14 | 3000$ | |
CVE-2011-2377 Firefox Memory corruption using JPEG image | Fixed: v3.6.18/5.0.0 | 3000$ | |
CVE-2012-0474 Firefox Spoofing and Universal XSS | Fixed: v12 | 3000$ | |
CVE-2012-3984 Firefox Addon & Java ClickJacking (report 1) | Fixed: v16 | 3000$ | |
CVE-2012-3984 Firefox Addon & Java ClickJacking (report 2) | Fixed: v16 | 3000$ | |
CVE-2012-4200 Firefox Location Bar Spoofing | Fixed: v17 | 3000$ | |
CVE-2013-5593 Firefox Location Bar Spoofing & Clickjacking | Fixed: v25.0 | 1500$ | |
CVE-2014-1480 Firefox Download/Execute Prompt ClickJacking | Fixed: v27 | 500$ | |
CVE-2014-1539 Firefox for Mac CursorJacking Vulnerability | Fixed: v30 | 3000$ | |
CVE-2015-0810 Firefox for Mac CursorJacking with WebRTC (report 1) | Fixed: v37 | 1000$ | |
CVE-2015-0810 Firefox for Mac CursorJacking/ClickJacking (report 2) | Fixed: v37 | 2000$ | |
CVE-2015-4476 Mozilla Firefox For Android URL & SSL Spoofing | Fixed: v41 | 500$ | |
CVE-2015-7185 Firefox For Android URL & SSL Location Bar Spoofing | Fixed: v42 | 2500$ | |
CVE-2015-7186 Firefox For Android file: URIs SOP Bypass | Fixed: v42 | 1500$ | |
CVE-2016-1941 Firefox Download/Execute Prompt ClickJacking | Fixed: v44 | 500$ | |
CVE-2016-1943 Addressbar spoofing attack on Firefox for Android | Fixed: v44 | 4000$ | |
CVE-2016-1942 Location Bar Spoofing using wyciwyg & resource URI | Fixed: v44 | [N/A] | |
CVE-2016-1967 Same-origin policy violation | Fixed: v45 | 3000$ | |
CVE-2016-2822 Firefox Location Bar Spoofing & Clickjacking | Fixed: v47 | 1500$ | |
CVE-2016-5298 Firefox for Android SSL Spoofing | Fixed: v50 | [N/A] | |
Fixed by CVE-2016-9076 Firefox Location Bar Spoofing & Clickjacking | Fixed: v50 | 2000$ | |
Fixed by CVE-2016-9076 Firefox Location Bar Spoofing & Clickjacking | Fixed: v50 | 500$ | |
Fixed by CVE-2016-9076 Firefox Location Bar Spoofing & Clickjacking | Fixed: v50 | 750$ | |
CVE-2017-5395 Firefox for Android Addressbar Spoofing | Fixed: v51 | 500$ | |
CVE-2017-5394 Firefox for Android Location Bar Spoofing | Fixed: v51 | 1000$ | |
Fixed by CVE-2017-5458 Location Bar Spoofing using javascript: URL | Fixed: v53 | [N/A] | |
CVE-2017-5452 Firefox for Android Addressbar Spoofing | Fixed: v53 | 500$ | |
CVE-2017-5451 Firefox Addressbar Spoofing with onblur event | Fixed: v53 | 750$ | |
CVE-2017-7770 Firefox for Android Addressbar spoofing | Fixed: v54 | 1500$ | |
CVE-2017-7834 Content Security Policy Bypass using data: URLs | Fixed: v57 | 750$ | |
CVE-2018-5182 Drag & drop event on addressbar can open local files | Fixed: v60 | 500$ | |
CVE-2018-12382 Firefox for Android Addressbar Spoofing | Fixed: v62 | [N/A] | |
CVE-2010-4045 Opera U-XSS and remote code execution | Fixed: v10.63 | [N/A] | |
CVE-2011-0682 Opera Remote Memory Corruption | Fixed: v11.01 | [N/A] | |
CVE-2012-1928 Opera PopUp window address field Spoofing | Fixed: v11.62 | [N/A] | |
CVE-2012-1924 Opera Small windows used for executing downloads | Fixed: v11.62 | [N/A] | |
CVE-2012-1925 Opera ClickJacking attack can execute downloads | Fixed: v11.62 | [N/A] | |
CVE-2012-3558 Opera PopUp window address field Spoofing | Fixed: v11.65 | [N/A] | |
CVE-2012-3555 Opera SE XSS and code execution n°1 | Fixed: v11.65 | [N/A] | |
CVE-2012-3556 Opera SE XSS and code execution n°2 | Fixed: v12/11.65 | [N/A] | |
CVE-2012-4143 Opera Small windows used for executing downloads | Fixed: v12.01/11.66 | [N/A] | |
CVE-2012-4142 Opera HTML Sanitization Bypass | Fixed: v12.01/11.66 | [N/A] | |
CVE-2012-6460 Opera truncated dialogs may be used to trick users | Fixed: v12.02/11.67 | [N/A] | |
DNA-11576 Opera Blacklisted extensions can be installed (...) | Fixed: v18 | [N/A] | |
CVE-2014-1870 Opera Location Bar Spoofing n°1 | Fixed: v19 | [N/A] | |
DNA-18354 Opera Location Bar Spoofing n°2 | Fixed: v21 | [N/A] | |
DNA-19280 Opera Location Bar Spoofing n°3 | Fixed: v21 | [N/A] | |
ATR-BUG-0471 AddressBar Spoofing (URL & SSL) & ClickJacking Attacks | UNPATCHED | 500$ | |
ATR-BUG-0516 AddressBar Spoofing (URL & SSL) & ClickJacking Attacks | UNPATCHED | 500$ | |
ATR-BUG-0581 Sensitive Data Theft | UNPATCHED | 500$ | |
ATR-BUG-0815 Code Execution & Universal Cross-site Scripting | UNPATCHED | 2000$ | |
ATR-BUG-1024 AddressBar Spoofing (URL & SSL) & Data Theft | UNPATCHED | 2000$ | |
ATR-BUG-2034 Chrome privilege escalation leads to Code Execution | UNPATCHED | ||
ATR-BUG-2049 Code Execution due to Privileged Chrome Element Access | UNPATCHED | ||
ATR-BUG-1997 Remote Code Execution, WebCam & Micro Spying (...) | UNPATCHED | ||
ATR-BUG-2013 Remote Code Execution, WebCam & Micro Spying (...) | UNPATCHED | ||
ATR-BUG-1725 Cursor Remotely Controled / Mouse Pointer Hijacking | UNPATCHED | ||
ATR-BUG-1489 ClickJacking Method could lead to Code Execution | UNPATCHED | ||
ATR-BUG-1826 ClickJacking Attack leads to Code Execution | UNPATCHED | ||
ATR-BUG-1780 Cursor Clickjacking through cursor invisibility | UNPATCHED | ||
ATR-BUG-1832 Cursor Clickjacking through cursor invisibility | UNPATCHED | ||
ATR-BUG-1957 Same Origin Policy Bypass | Cross-Site Reading Attack | UNPATCHED | ||
ATR-BUG-2024 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-1596 Universal Clickjacking Vulnerability | UNPATCHED | ||
ATR-BUG-1359 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-1508 AddressBar Spoofing (URL & SSL) | UNPATCHED | ||
ATR-BUG-1518 AddressBar Spoofing (URL & SSL) & ClickJacking | UNPATCHED | ||
ATR-BUG-1529 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-1573 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-1574 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-1547 AddressBar SSL Spoofing | UNPATCHED | ||
ATR-BUG-1824 AddressBar SSL Spoofing | UNPATCHED | ||
ATR-BUG-1825 AddressBar SSL Spoofing | UNPATCHED | ||
ATR-BUG-1833 Remote files can be stolen | UNPATCHED | ||
ATR-BUG-2041 Specific File-Type & ClickJacking Attack leads to RCE | UNPATCHED | ||
ATR-BUG-2057 Code Execution on [x] by user-assisted remote attackers | UNPATCHED | ||
ATR-BUG-2004 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-1576 UI Spoofing | UNPATCHED | ||
ATR-BUG-1516 Web Browsing History Data Theft | UNPATCHED | ||
ATR-BUG-1265 Specific Dialog ClickJacking | UNPATCHED | ||
ATR-BUG-1623 Hijack the mouse pointer | UNPATCHED | ||
ATR-BUG-1856 FullScreen Persistence & User Notification not visible | UNPATCHED | ||
ATR-BUG-1052 Cross-Origin Policy Bypass | UNPATCHED | ||
ATR-BUG-1525 Same-Origin Policy Violation | UNPATCHED | ||
ATR-BUG-1522 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-0851 Code Execution & Universal Cross-site Scripting | UNPATCHED | ||
ATR-BUG-1396 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-1609 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-1203 AddressBar Spoofing (URL & SSL) | UNPATCHED | ||
ATR-BUG-1059 AddressBar Spoofing (URL & SSL) | UNPATCHED | ||
ATR-BUG-1095 AddressBar Spoofing (URL & SSL) | UNPATCHED | ||
ATR-BUG-1029 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-1468 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-1038 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-1258 Sensitive Data Theft | UNPATCHED | ||
ATR-BUG-1359 AddressBar Spoofing (URL & SSL Spoofing) | UNPATCHED | ||
ATR-BUG-0501 Universal ClickJacking Vulnerability | UNPATCHED | ||
ATR-BUG-1622 AddressBar Spoofing - URL & SSL Spoofing | UNPATCHED | ||
ATR-BUG-1857 SSL Spoofing - AddressBar SSL Indicator Spoofing | UNPATCHED | ||
ATR-BUG-2029 UI Spoofing Attack (AddressBar Spoofing & others Attacks) | UNPATCHED | ||
ATR-BUG-2017 Spoofing Vulnerability due to [X] | UNPATCHED | ||
ATR-BUG-2031 The ?? CSP Bypass | UNPATCHED | ||
ATR-BUG-1944 XSS Vulnerability due to [X] protection Bypass | UNPATCHED | ||
ATR-BUG-1827 AddressBar Spoofing | UNPATCHED | ||
ATR-BUG-1591 AddressBar Spoofing | UNPATCHED | ||
ATR-BUG-1681 AddressBar Spoofing | UNPATCHED | ||
ATR-BUG-1682 AddressBar Spoofing | UNPATCHED | ||
ATR-BUG-1683 AddressBar Spoofing | UNPATCHED | ||
ATR-BUG-1834 Stored Sensitive Data Theft | UNPATCHED | ||
ATR-BUG-1694 File Download Vulnerability (File Extension obscured) | UNPATCHED | ||
ATR-BUG-1326 Cross-Domain URLs Data Theft & Addressbar Spoofing | UNPATCHED | ||
ATR-BUG-1375 Same-Origin Policy Bypass | UNPATCHED | ||
ATR-BUG-1463 HTML Sanitization Bypass | UNPATCHED | ||
ATR-BUG-1424 AddressBar Spoofing | UNPATCHED | ||
ATR-BUG-1637 Cross-site Scripting Vulnerability in ########## | UNPATCHED | ||
ATR-BUG-1032 AddressBar Spoofing and ClickJacking Vulnerability | UNPATCHED | ||
ATR-BUG-1878 AddressBar Spoofing by user-assisted remote attackers | UNPATCHED | ||
ATR-BUG-1909 AddressBar Spoofing by user-assisted remote attackers | UNPATCHED | ||
ATR-BUG-2037 Local Attack can Lead To AddressBar URL Spoofing | UNPATCHED | ||
ATR-BUG-2047 AddressBar Spoofing by user-assisted remote attackers | UNPATCHED |