CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2010-3312
https://notcve.org/view.php?id=CVE-2010-3312
12 Oct 2010 — Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificate. Epiphany v2.28 y v2.29, cuando WebKit y LibSoup se usan, incondicionalmente muestra un icono closed-lock (candado cerrado) para cualquier URL que empiece por https, sin adverntencia al usuario, lo que permite a a... • http://blog.fefe.de/?ts=b26ca29d •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2008-5985 – Gentoo Linux Security Advisory 200903-16
https://notcve.org/view.php?id=CVE-2008-5985
28 Jan 2009 — Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983). Vulnerabilidad de búsqueda de ruta no confiable en el interfaz Python en Epiphany v2.22.3 y posiblemente otras versiones, permite a usuarios locales la ejecución de código de su elección a través de un archivo Python co... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504363 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 3CVE-2005-0238
https://notcve.org/view.php?id=CVE-2005-0238
07 Feb 2005 — The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html •