3797 matches found
PT-2020-6876 · Abb · Esoms
Name of the Vulnerable Software and Affected Versions: ABB eSOMS versions 4.0 to 6.0.2 Description: The issue is related to the absence of the X-Frame-Options header in the HTTP response, which can potentially allow 'ClickJacking' attacks. This type of attack occurs when an attacker frames parts ...
Security Bulletin: Multiple Vulnerabilities in WebSphere Application Server Liberty in IBM Cloud Private VM Quickstarter
Summary There are multiple vulnerabiltities in WebSphere Application Server Liberty that is shipped with IBM WebSphere Application for IBM Cloud Private VM Quickstarter. There is an information disclosure and a bypass security vulnerability in WebSphere Application Server Liberty. There is a...
Clickjacking Issue in Confluence
h3. Issue Summary Based on the https://jira.atlassian.com/browse/CONFSERVER-29230|https://jira.atlassian.com/browse/https://jira.atlassian.com/browse/CONFSERVER-29230 this was supposedly fixed from Confluence 5.8.5 version onwards and looks like it is still impacting few URL's embedded within the...
CVE-2019-13924
A vulnerability has been identified in SCALANCE S602 All versions V4.1, SCALANCE S612 All versions V4.1, SCALANCE S623 All versions V4.1, SCALANCE S627-2M All versions V4.1, SCALANCE X-200 switch family incl. SIPLUS NET variants All versions 5.2.4, SCALANCE X-200IRT switch family incl. SIPLUS NET...
CVE-2019-13924
A vulnerability has been identified in SCALANCE S602 All versions V4.1, SCALANCE S612 All versions V4.1, SCALANCE S623 All versions V4.1, SCALANCE S627-2M All versions V4.1, SCALANCE X-200 switch family incl. SIPLUS NET variants All versions 5.2.4, SCALANCE X-200IRT switch family incl. SIPLUS NET...
Design/Logic Flaw
A vulnerability has been identified in SCALANCE S602 All versions V4.1, SCALANCE S612 All versions V4.1, SCALANCE S623 All versions V4.1, SCALANCE S627-2M All versions V4.1, SCALANCE X-200 switch family incl. SIPLUS NET variants All versions 5.2.4, SCALANCE X-200IRT switch family incl. SIPLUS NET...
CVE-2016-5710
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors...
CVE-2016-5710
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors...
Code injection
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors...
PT-2020-9414 · Siemens · Scalance X-200Irt Switch Family +5
Name of the Vulnerable Software and Affected Versions: SCALANCE S602 versions prior to V4.1 SCALANCE S612 versions prior to V4.1 SCALANCE S623 versions prior to V4.1 SCALANCE S627-2M versions prior to V4.1 SCALANCE X-200 switch family versions prior to 5.2.4 SCALANCE X-200IRT switch family versio...
CVE-2019-13924
CVE-2019-13924 affects Siemens SCALANCE X and S switches. The root issue is that the admin web interface does not send the X-Frame-Options header, enabling clickjacking where an attacker could trick a logged-in administrator into performing actions via a malicious page. Affected families and vers...
CVE-2019-13924
A vulnerability has been identified in SCALANCE S602 All versions V4.1, SCALANCE S612 All versions V4.1, SCALANCE S623 All versions V4.1, SCALANCE S627-2M All versions V4.1, SCALANCE X-200 switch family incl. SIPLUS NET variants All versions 5.2.4, SCALANCE X-200IRT switch family incl. SIPLUS NET...
CVE-2016-5710
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors...
CVE-2016-5710
The CVE-2016-5710 entry affects NetApp Snap Creator Framework prior to 4.3P1. It describes a clickjacking vulnerability that can be triggered by remote authenticated users via unspecified vectors. Exploitation details are not provided in the supplied documents. The issue appears resolved by upgra...
Jenkins < 2.204.2 LTS / 2.219 Multiple Vulnerabilities
The version of Jenkins running on the remote web server is prior to 2.219 or is a version of Jenkins LTS prior to 2.204.2. It is, therefore, affected by multiple vulnerabilities: - An UDP amplification reflection attack can be used in a DDoS attack on a Jenkins master. Within the same network,...
CVE-2013-2682
Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information...
Spoofing
Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information...
CVE-2013-2682
Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information...
CVE-2013-2682
CVE-2013-2682 affects Cisco Linksys E4200, firmware 1.0.05 Build 7. It describes a Clickjacking vulnerability that could allow remote attackers to obtain sensitive information. The provided connected documents confirm the affected product and vulnerability type, but there are no explicit remediat...
CVE-2013-2675
Brother MFC-9970CDW 1.10 devices with Firmware L contain a Frameable response Clickjacking vulnerability which could allow remote attackers to obtain sensitive information...