3800 matches found
Unspecified Vulnerability in Green Electronics RainMachine Mini-8 and Touch HD 12 Web Applications
Green Electronics RainMachine Mini-8 and Touch HD 12 Web Application are both products of Green Electronics USA.Green Electronics RainMachine Mini-8 is a smart irrigation sprinkler. Green Electronics RainMachine Mini-8 is a smart irrigation sprinkler and Touch HD 12 Web Application is a web-based...
CVE-2018-6909
A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 2nd Generation and Touch HD 12 web application could be used by a remote attacker for clickjacking, as demonstrated by triggering an API page request...
Design/Logic Flaw
A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 2nd Generation and Touch HD 12 web application could be used by a remote attacker for clickjacking, as demonstrated by triggering an API page request...
CVE-2018-6909
A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 2nd Generation and Touch HD 12 web application could be used by a remote attacker for clickjacking, as demonstrated by triggering an API page request...
CVE-2018-6909
CVE-2018-6909 affects Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 Web Application. Root cause: missing X-Frame-Options header. Impact: allows clickjacking by remote attacker via an API page request; CVSSv3 base score 6.5 (NETWORK, LOW toward exploitation, user interactio...
Clickjacking Vulnerability in Hitachi Device Manager
Overview A Clickjacking Vulnerability was found in Hitachi Device Manager. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...
GHSA-G4GG-9F62-JFPH OrientDB Studio web management interface is vulnerable to clickjacking attacks
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...
OrientDB Studio web management interface is vulnerable to clickjacking attacks
The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...
Cisco HyperFlex Software UI Clickjacking Vulnerability
Cisco HyperFlex Software is a scalable distributed file system from Cisco USA. The system provides unified compute, storage and networking through cloud management, providing enterprise-class data management and optimization services. A security vulnerability exists in the Web UI in Cisco HyperFl...
CVE-2018-15423
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...
CVE-2018-15423
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...
Input validation
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...
CVE-2018-15423 Cisco HyperFlex UI Clickjacking Vulnerability
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...
CVE-2018-15423 Cisco HyperFlex UI Clickjacking Vulnerability
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...
CVE-2018-15423
CVE-2018-15423 affects the web UI of Cisco HyperFlex Software. The vulnerability stems from insufficient input validation of iFrame data in HTTP requests, allowing an unauthenticated, remote attacker to affect device integrity via a clickjacking attack. Details from multiple sources (including Ci...
Cisco HyperFlex UI Clickjacking Vulnerability
A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. A...
GLSA-201810-01 : Mozilla Firefox: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201810-01 Mozilla Firefox: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the referenced CVE identifiers for details. Impact : A remote attacker could entice a user to view...
Mozilla Firefox: Multiple vulnerabilities
Background Mozilla Firefox is a popular open-source web browser from the Mozilla Project. Description Multiple vulnerabilities have been discovered in Mozilla Firefox. Please review the referenced CVE identifiers for details. Impact A remote attacker could entice a user to view a specially crafte...
BOHEMIA INTERACTIVE a.s.: Clickjacking at ylands.com
Hi team, While performing security testing of your website i have found the vulnerability called Clickjacking. Many URLS are in scope and vulnerable to Clickjacking. What is Clickjacking ? Clickjacking User Interface redress attack, UI redress attack, UI redressing is a malicious technique of...
Security Bulletin: IBM API Connect is affected by a clickjacking vulnerability (CVE-2018-1599)
Summary IBM API Connect has addressed the following vulnerability. API Connect could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious website, a remote attacker could exploit this vulnerability to hijack the victim's click actions an...