Code injection

HP Systems Insight Manager SIM before 7.4 allows remote attackers to conduct clickjacking attacks via unknown vectors...

CVE-2014-2645

HP Systems Insight Manager SIM before 7.4 allows remote attackers to conduct clickjacking attacks via unknown vectors...

CVE-2014-2645

CVE-2014-2645 concerns HP Systems Insight Manager (SIM) prior to 7.4, where a remote attacker can induce a clickjacking vulnerability. The HP security bulletin notes SIM v7.4 as the remediation (software updates for Linux/Windows), addressing the issue alongside related vulnerabilities (e.g., XSS...

[security bulletin] HPSBMU03118 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04468121 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04468121 Version: 1 HPSBMU03118 rev....

[security bulletin] HPSBMU03112 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04463322 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04463322 Version: 1 HPSBMU03112 rev....

HP Systems Insight Manager multiple security vulnerability

Privilege escalation, crossite scripting, clickjacking...

CVE-2014-2642

HP System Management Homepage SMH before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

Code injection

HP System Management Homepage SMH before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

CVE-2014-2642

HP System Management Homepage SMH before 7.4 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

CVE-2014-2642

CVE-2014-2642 applies to HP System Management Homepage (SMH) prior to version 7.4, with a clickjacking vulnerability described in multiple sources (HP Security Bulletin HPSBMU03112 rev.1 and related CVE mappings). The connected documents confirm the affected product and the specific issue (clickj...

CVE-2014-3823

The Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS 8.0 before 8.0r1, 7.4 before 7.4r5, and 7.1 before 7.1r18 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

Input validation

The Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS 8.0 before 8.0r1, 7.4 before 7.4r5, and 7.1 before 7.1r18 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

CVE-2014-3823

The Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS 8.0 before 8.0r1, 7.4 before 7.4r5, and 7.1 before 7.1r18 allows remote attackers to conduct clickjacking attacks via unspecified vectors...

CVE-2014-3823

CVE-2014-3823 affects Juniper Junos Pulse Secure Access Service (SSL VPN) IVE OS: 8.0 before 8.0r1, 7.4 before 7.4r5, and 7.1 before 7.1r18. The vulnerability is a clickjacking issue exposed via unspecified vectors, allowing remote attackers to leverage UI framing protections. The issue was addre...

Junos Pulse Secure Access IVE OS Clickjacking (JSA10647)

According to its self-reported version, the version of IVE running on the remote host is affected by a clickjacking vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid77691; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate",...

GlassWire: Clickjacking: X-Frame-Options header missing

Hello. Typical simple bug. Victim - www.glasswire.com "It allows remote attackers to do some clickjacking which can be used for adding arbitrary tasks . Why? Almost all of your page has missing X-FRAME-OPTIONS header. Websites are at risk of a clickjacking attack when they allow content to be...

Microsoft: Exploiting XSS with clickjacking

Little Insight: Click jacking just hide-the-button-and-follow-the-mouse. also know as UI Redressing its just playing with the UI of the victim application by clicking and mouse event . In this post we'll show UI-Redressing attack and how an attacker may trigger an unexploitable XSS flaw in an...

Fedora 20 : mediawiki-1.23.2-1.fc20 (2014-9583)

This is a major update from the 1.21 branch to the 1.23 long term support branch. - bug 68187 SECURITY: Prepend jsonp callback with comment. - CVE-2014-5241 - bug 66608 SECURITY: Fix for XSS issue in bug 66608: Generate the URL used for loading a new page in JavaScript,instead of relying on the U...

[SECURITY] [DSA 3011-1] mediawiki security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3011-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 23, 2014 http://www.debian.org/security/faq -...

XSS and CSRF vulnerabilities in Zyxel P660RT2 EE

Hello 3APA3A! These are Cross-Site Scripting and Cross-Site Request Forgery vulnerabilities in Zyxel P660RT2 EE ADSL Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: Zyxel P660RT2 EE. ZyNOS Firmware Version: V3.40 AXN.1. This model with...