Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3797 matches found

OSV
OSVadded 2018/07/31 4:29 p.m.1 views

CVE-2017-13652

NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface...

6.5CVSS5.8AI score0.01038EPSS
Exploits0References1
Prion
Prionadded 2018/07/31 4:29 p.m.13 views

Design/Logic Flaw

NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface...

4.3CVSS6.3AI score0.01038EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2018/07/31 4:29 p.m.19 views

CVE-2017-13652

NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface...

6.5CVSS6.4AI score0.01038EPSS
Exploits0References1
Cvelist
Cvelistadded 2018/07/31 4:0 p.m.19 views

CVE-2017-13652

NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are susceptible to clickjacking attacks which could cause a user to perform an unintended action in the user interface...

6.4AI score0.01038EPSS
Exploits0References1
CVE
CVEadded 2018/07/31 4:0 p.m.52 views

CVE-2017-13652

NetApp OnCommand Insight (affected: version 7.3.0 and versions prior to 7.2.0) is susceptible to clickjacking in its UI, which could cause a user to perform an unintended action. The description does not specify the underlying root cause or exact impact beyond this UI interaction risk, and no rem...

6.5CVSS6.3AI score0.01038EPSS
Exploits0References1Affected Software1
Hacker One
Hacker Oneadded 2018/07/29 1:1 p.m.60 views

WordPress: Account takeover vulnerability by editor role privileged users/attackers via clickjacking

Vulnerability - Editor role privileged users are able to hack into other's account by exploiting clickjacking vulnerability. Version- 4.9.7 Issue- https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/why-are-some-users-allowed-to-post-unfiltered-html As mentioned pe...

0.6AI score
Exploits0
OSV
OSVadded 2018/07/27 6:29 p.m.3 views

CVE-2017-2658

It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a use...

6.5CVSS5.9AI score0.0148EPSS
Exploits0References4
NVD
NVDadded 2018/07/27 6:29 p.m.34 views

CVE-2017-2658

It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a use...

6.5CVSS4.6AI score0.0148EPSS
Exploits0References4
Prion
Prionadded 2018/07/27 6:29 p.m.18 views

Design/Logic Flaw

It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a use...

4.3CVSS6.6AI score0.0148EPSS
Exploits0References4Affected Software2
Cvelist
Cvelistadded 2018/07/27 6:0 p.m.31 views

CVE-2017-2658

It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a use...

2.6CVSS6.4AI score0.0148EPSS
Exploits0References4
CVE
CVEadded 2018/07/27 6:0 p.m.74 views

CVE-2017-2658

The CVE affects Red Hat JBoss BPM Suite <6.4.2 and JBoss Data Virtualization & Services

6.5CVSS6.7AI score0.0148EPSS
Exploits0References4Affected Software2
Positive Technologies
Positive Technologiesadded 2018/07/27 12:0 a.m.5 views

PT-2018-7163 · Red Hat · Red Hat Jboss Data Virtualization & Services +1

Name of the Vulnerable Software and Affected Versions: Red Hat JBoss BPM Suite versions prior to 6.4.2 Red Hat JBoss Data Virtualization & Services versions prior to 6.4.3 Description: A security issue was found in the Dashbuilder login page, which could be opened in an IFRAME. This allowed for t...

6.5CVSS5.3AI score0.0148EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2018/07/23 7:28 p.m.3 views

Dashbuilder: Lack of clickjacking protection on the login page

It was discovered that the Dashbuilder login page could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a user into performing arbitrary actions in the Console clickjacking...

6.5CVSS5.9AI score0.0148EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2018/07/23 7:28 p.m.85 views

Low: Red Hat Security Advisory: Red Hat JBoss Data Virtualization 6.4 Update 3 security update

An update is now available for Red Hat JBoss Data Virtualization. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

6.5CVSS6.5AI score0.0148EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletinsadded 2018/07/10 8:34 a.m.16 views

Security Bulletin: Rational ClearCase and ClearQuest Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Summary Java API Documentation contains a frame injection vulnerability. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires login with your IBM ID ---|--- CVEID: CVE-2013-1571...

4.3CVSS0.5AI score0.66817EPSS
Exploits1Affected Software2
OSV
OSVadded 2018/07/02 4:29 p.m.3 views

CVE-2018-12576

TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking...

4.3CVSS5.8AI score0.00698EPSS
Exploits0References1
NVD
NVDadded 2018/07/02 4:29 p.m.18 views

CVE-2018-12576

TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking...

4.3CVSS4.8AI score0.00698EPSS
Exploits0References1
Prion
Prionadded 2018/07/02 4:29 p.m.16 views

Security feature bypass

TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking...

4.3CVSS4.9AI score0.00698EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2018/07/02 4:0 p.m.52 views

CVE-2018-12576

CVE-2018-12576 affects TP-Link TL-WR841N v13 (firmware 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n). The issue is a clickjacking vulnerability in the device’s web UI. CVSSv3.0 shows an attacker would need network access with user interaction required to trigger impact on UI integrity, with no conf...

4.3CVSS4.8AI score0.00698EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2018/07/02 4:0 p.m.25 views

CVE-2018-12576

TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking...

4.8AI score0.00698EPSS
Exploits0References1
Rows per page
Query Builder