3797 matches found
CVE-2023-45698 HCL Sametime is impacted by clickjacking
Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks...
CVE-2023-45698
CVE-2023-45698 affects the HCL Sametime Outlook add-in, with lack of clickjacking protections as the root cause. The CVSSv3.1 base score is 6.1 (Medium); attack vector: Network; user interaction required; confidentiality/integrity impact low, availability none. Connected sources confirm the issue...
HCL Sametime Security Vulnerability
HCL Technologies HCL Sametime is a conferencing solution from HCL Technologies, USA. A security vulnerability exists in HCL Sametime that stems from a lack of clickjacking protection...
PT-2024-13270 · Microsoft +1 · Outlook +1
Name of the Vulnerable Software and Affected Versions: Sametime affected versions not specified Description: The issue is related to a lack of clickjacking protection in the Outlook add-in. The application does not implement appropriate protections to safeguard users against clickjacking attacks...
VulnCheck KEV: CVE-2013-0213
The Samba Web Administration Tool SWAT in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a 1 FRAME or 2 IFRAME element...
Mageia: Security Advisory (MGASA-2024-0023)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated nss and firefox packages fix some security vulnerabilities
Out of bounds write in ANGLE. CVE-2024-0741 Failure to update user input timestamp. CVE-2024-0742 Crash when listing printers on Linux. CVE-2024-0746 Bypass of Content Security Policy when directive unsafe-inline was set. CVE-2024-0747 Phishing site popup could show local origin in address bar...
Updated thunderbird packages fix security vulnerabilities
Out of bounds write in ANGLE. CVE-2024-0741 Failure to update user input timestamp. CVE-2024-0742 Crash when listing printers on Linux. CVE-2024-0746 Bypass of Content Security Policy when directive unsafe-inline was set. CVE-2024-0747 Phishing site popup could show local origin in address bar...
MGASA-2024-0023 Updated nss and firefox packages fix some security vulnerabilities
Out of bounds write in ANGLE. CVE-2024-0741 Failure to update user input timestamp. CVE-2024-0742 Crash when listing printers on Linux. CVE-2024-0746 Bypass of Content Security Policy when directive unsafe-inline was set. CVE-2024-0747 Phishing site popup could show local origin in address bar...
CVE-2023-50938 IBM PowerSC clickjacking
IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the...
CVE-2023-50938 IBM PowerSC clickjacking
IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the...
IBM PowerSC 安全漏洞
IBM PowerSC is an International Business Machines IBM security and compliance solution for IBM Power Systems servers. IBM PowerSC suffers from a clickjacking vulnerability that can be exploited by an attacker to hijack a victim's click-to-operate and launch further attacks against the victim...
PT-2024-14021 · Ibm · Ibm Powersc
Name of the Vulnerable Software and Affected Versions: IBM PowerSC versions 1.3 through 2.1 Description: A remote attacker could hijack the clicking action of the victim by persuading them to visit a malicious Web site, potentially launching further attacks against the victim. Recommendations: Fo...
[SECURITY] [DLA 3727-1] firefox-esr security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3727-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort January 31, 2024 https://wiki.debian.org/LTS -...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...
Mozilla: Potential permissions request bypass via clickjacking
The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...
Mozilla: Potential permissions request bypass via clickjacking
The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...
Mozilla: Potential permissions request bypass via clickjacking
The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...
Mozilla: Potential permissions request bypass via clickjacking
The Mozilla Foundation Security Advisory describes this flaw as: A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions...
Important: Red Hat Security Advisory: thunderbird security update
An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...