3800 matches found
CVE-2013-2682
CVE-2013-2682 affects Cisco Linksys E4200, firmware 1.0.05 Build 7. It describes a Clickjacking vulnerability that could allow remote attackers to obtain sensitive information. The provided connected documents confirm the affected product and vulnerability type, but there are no explicit remediat...
CVE-2013-2682
Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote attackers to obtain sensitive information...
CVE-2013-2675
Brother MFC-9970CDW 1.10 devices with Firmware L contain a Frameable response Clickjacking vulnerability which could allow remote attackers to obtain sensitive information...
Spoofing
Brother MFC-9970CDW 1.10 devices with Firmware L contain a Frameable response Clickjacking vulnerability which could allow remote attackers to obtain sensitive information...
CVE-2013-2675
CVE-2013-2675 affects Brother MFC-9970CDW devices running Firmware L. The vulnerability is described as a Frameable response (Clickjacking) that could allow remote attackers to obtain sensitive information. Public materials in the provided documents identify the affected product and vulnerability...
CVE-2013-2675
Brother MFC-9970CDW 1.10 devices with Firmware L contain a Frameable response Clickjacking vulnerability which could allow remote attackers to obtain sensitive information...
Security Bulletin: WebSphere Application Server - Oracle CPU shipped with Rational Application Developer for WebSphere Software June 2013 (CVE-2013-1571)
Summary The IBM WebSphere Application Server shipped in Rational Application Developer for WebSphere Software includes an IBM Java SDK that is based on the Oracle JDK. Oracle has released June 2013 critical patch updates CPU which contain security vulnerability fixes and the IBM Java SDK has been...
IBM Security Directory Server Clickjacking Security Vulnerability
IBM Security Directory Server is a key component of enterprise-class directory infrastructure and unified identity management. A clickjacking security vulnerability exists in the implementation of IBM Security Directory Server version 6.4.0, which can be exploited by an attacker to hijack a...
CVE-2020-2105
REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks...
FreeBSD : jenkins -- multiple vulnerabilities (a250539d-d1d4-4591-afd3-c8bdfac335d8)
Jenkins Security Advisory : DescriptionHigh SECURITY-1682 / CVE-2020-2099 Inbound TCP Agent Protocol/3 authentication bypass Medium SECURITY-1641 / CVE-2020-2100 Jenkins vulnerable to UDP amplification reflection attack Medium SECURITY-1659 / CVE-2020-2101 Non-constant time comparison of inbound...
CVE-2020-2105
REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks...
CVE-2020-2105
REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks...
Design/Logic Flaw
REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks...
CVE-2020-2105
CVE-2020-2105 concerns Jenkins REST APIs being vulnerable to clickjacking due to missing X-Frame-Options header in versions up to 2.218 (and LTS up to 2.204.1). The root cause is that REST API responses were not served with deny framing, enabling an attacker to embed endpoints in an iframe and tr...
CVE-2020-2105
REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks...
PT-2020-15312 · Jenkins · Jenkins
Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.218 and earlier Jenkins LTS versions 2.204.1 and earlier Description: The issue allows for clickjacking attacks due to the absence of the X-Frame-Options: deny HTTP header in REST API responses. An attacker could exploit th...
jenkins -- multiple vulnerabilities
Jenkins Security Advisory: Description High SECURITY-1682 / CVE-2020-2099 Inbound TCP Agent Protocol/3 authentication bypass Medium SECURITY-1641 / CVE-2020-2100 Jenkins vulnerable to UDP amplification reflection attack Medium SECURITY-1659 / CVE-2020-2101 Non-constant time comparison of inbound...
Gener8: Clickjacking to change email address
Summary Clickjacking User Interface redress attack, UI redress attack, UI redressing is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of the...
CVE-2013-6772
Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking...
Security feature bypass
Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking...