Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

UC Browser

Source -

CNA

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2017-20041
Assigner-VulDB
ShareView Details
Assigner-VulDB
CVSS Score-5.4||MEDIUM
EPSS-0.20% / 41.83%
||
7 Day CHG~0.00%
Published-13 Jun, 2022 | 06:50
Updated-15 Apr, 2025 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ucweb UC Browser HTML URL improper restriction of rendered ui layers

A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical. Affected is an unknown function of the component HTML Handler. The manipulation of the argument title leads to improper restriction of rendered ui layers (URL). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-ucwebUcweb
Product-uc_browserUC Browser
CWE ID-CWE-1021
Improper Restriction of Rendered UI Layers or Frames
CVE-2020-7364
Assigner-Rapid7, Inc.
ShareView Details
Assigner-Rapid7, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.20% / 42.73%
||
7 Day CHG~0.00%
Published-20 Oct, 2020 | 16:40
Updated-16 Sep, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
UCWeb UC Browser Address Bar Spooofing

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions.

Action-Not Available
Vendor-ucwebUCWeb
Product-uc_browserUC Browser
CWE ID-CWE-451
User Interface (UI) Misrepresentation of Critical Information
CVE-2020-7363
Assigner-Rapid7, Inc.
ShareView Details
Assigner-Rapid7, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.20% / 42.73%
||
7 Day CHG~0.00%
Published-20 Oct, 2020 | 16:40
Updated-17 Sep, 2024 | 02:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
UCWeb UC Browser Address Bar Spooofing

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions.

Action-Not Available
Vendor-ucwebUCWeb
Product-uc_browserUC Browser
CWE ID-CWE-451
User Interface (UI) Misrepresentation of Critical Information