Lucene search
K

3802 matches found

Nuclei
Nuclei
added 9 hours ago26 views

unilogies/bumsys < v2.0.2 - Clickjacking

This template checks for the presence of clickjacking prevention headers in the HTTP response, aiming to identify vulnerabilities related to the improper restriction of rendered UI layers or frames in the GitHub repository unilogies/bumsys prior to version 2.0.2. id: CVE-2023-1362 info: name:...

8.4CVSS6.8AI score0.01411EPSS
Exploits1References4
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-41466

The admin panel lacks standard security headers, enabling clickjacking and cross-site scripting attacks...

5.4CVSS5.6AI score0.00238EPSS
Exploits0References4
CVE
CVE
added 3 days ago13 views

CVE-2026-54477

CVE-2026-54477 affects the Gardyn IoT Hub admin panel, where the absence of standard security headers allows clickjacking and cross-site scripting. The available data show an impact with low confidentiality and integrity impact (CVSS scores: 5.1/4.0 base metrics, MEDIUM), but no explicit details ...

5.4CVSS5.6AI score0.00238EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 8:16 a.m.9 views

CVE-2026-12322

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Clickjacking issue in the Widget: Gtk component...

5.4CVSS5.8AI score0.00165EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

4.3CVSS5.8AI score0.00284EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

The permission prompt input delay may expire if the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox 124, Firefox ESR 115.10, and Thunderbird 115.10...

6.1CVSS6.8AI score0.00598EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

The timing of a button click that causes a pop-up to disappear was approximately the same duration as the delay in permission prompts to prevent clickjacking attacks. This fact could be used to surprise users by forcing them to click where the permission grant button was about to appear. This...

6.1CVSS6.5AI score0.00683EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

The browser might have mistakenly transferred the pointer lock state to another tab, which could lead to clickjacking attacks. This vulnerability affects Firefox versions earlier than 85...

6.1CVSS7AI score0.00657EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

The black fade animation when exiting fullscreen is roughly the same duration as the delay in permission prompts during the anti-clickjacking process. It was possible to take advantage of this fact to surprise users by tempting them to click on the permission grant button before it appeared. This...

5.4CVSS6.7AI score0.00558EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/19 1:57 a.m.5 views

SUSE CVE-2026-12322

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.8AI score0.00165EPSS
Exploits0References3
NVD
NVD
added 2026/06/16 1:16 p.m.13 views

CVE-2026-12322

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS0.00165EPSS
Exploits0References3
OSV
OSV
added 2026/06/16 1:16 p.m.3 views

UBUNTU-CVE-2026-12322

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.8AI score0.00165EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/16 11:52 a.m.5 views

CVE-2026-12322

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.3AI score0.00165EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/16 11:52 a.m.29 views

CVE-2026-12322 Clickjacking issue in the Widget: Gtk component

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

0.00165EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/16 11:52 a.m.7 views

CVE-2026-12322 Clickjacking issue in the Widget: Gtk component

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.2AI score0.00165EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/16 11:52 a.m.8 views

EUVD-2026-37068

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.2AI score0.00165EPSS
Exploits0References3
CVE
CVE
added 2026/06/16 11:52 a.m.16 views

CVE-2026-12322

CVE-2026-12322 is a clickjacking vulnerability in the Gtk Widget component affecting Mozilla Firefox and Thunderbird. The issue, described across multiple sources, is due to a UI framing/embedding flaw that could enable deceptive UI interaction. Affected products were updated to mitigate the vuln...

5.4CVSS5.2AI score0.00165EPSS
Exploits0References3Affected Software2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.9 views

PT-2026-49691

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 152 Thunderbird versions prior to 152 Description A clickjacking issue exists in the Widget: Gtk component. Clickjacking is a technique where an attacker tricks a user into clicking something different from what the...

9.6CVSS5.8AI score0.00476EPSS
Exploits0References49
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.7 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Transmission vulnerability (USN-8404-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8404-1 advisory. It was discovered that Transmission had a clickjacking weakness in the browser-facing WebUI and RPC response paths. An attacker...

5.3CVSS5.6AI score0.00305EPSS
Exploits0References2
OSV
OSV
added 2026/06/08 11:8 p.m.6 views

GHSA-W7W5-5GCP-38RW nebula-mesh: Web UI and API responses lack security headers (CSP, X-Frame-Options, HSTS, etc.)

None of the response paths in internal/web/ or internal/api/ set the standard browser-security headers. grep for Content-Security-Policy, X-Frame-Options, Strict-Transport-Security, X-Content-Type-Options, Referrer-Policy returns zero matches across the codebase. Impact The admin UI signs CA...

7.1CVSS5.5AI score0.00031EPSS
Exploits0References4
Rows per page
Query Builder