CVE-2016-4844

Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks...

CVE-2016-4844

Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks...

CVE-2016-4844

Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks...

CVE-2016-4844

CVE-2016-4844 : Cybozu Mailwise is vulnerable to clickjacking in versions before 5.4.0. Several sources (NVD entry for CVE-2016-4844 and OpenVAS/JS references) specify vulnerable ranges such as 5.0.0–5.3.2 and indicate that an attacker could trick authenticated users into unintended actions by lo...

Debian DLA-897-1 : qbittorrent security update

CVE-2017-6503 WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS. CVE-2017-6504 WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which could potentially lead to clickjacking. For Debian 7 'Wheezy', these problems have been...

[SECURITY] [DLA 897-1] qbittorrent security update

Package : qbittorrent Version : 2.9.8-1+deb7u1 CVE ID : CVE-2017-6503 CVE-2017-6504 CVE-2017-6503 WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS. CVE-2017-6504 WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which coul...

Stories From Two Years in an IoT Honeypot

SINT MAARTEN—Curious just how susceptible some of the more vulnerable IoT devices are, a researcher set up a series of honeypots at his friends’ houses to record traffic, exploit attempts and other statistics. Dan Demeter, a junior security researcher with Kaspersky Lab’s Global Research and...

QNAP QTS < 4.2.4 Build 20170313 Multiple Vulnerabilities - Active Check

QNAP QTS web user interface is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts";...

Missing 'X-Frame-Options' Header

Clickjacking User Interface redress attack, UI redress attack, UI redressing is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their...

Novell eDirectory Multiple Vulnerabilities (Mar 2017)

Novell / NetIQ eDirectory is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netiq:edirectory"...

NetIQ Access Manager Clickjacking Vulnerability

NetIQ Access Manager NAM is a resource access control solution from NetIQ, USA. The solution provides multiple authentication, data encryption, single sign-on and SSL VPN for local and remote users. A clickjacking vulnerability exists in NetIQ Access Manager. A remote attacker could exploit this...

Novell eDirectory Clickjacking Vulnerability

Novell eDirectory is an identity management infrastructure platform that combines identity management architecture and directory services technology from Novell, USA. The platform provides authentication policies, data backup and recovery services, data disaster recovery and other functions. A...

Red Hat Dashbuilder Clickjacking Vulnerability

Red Hat Dashbuilder is the United States Red Hat Red Hat company developed a set of open source for building business dashboards and reporting platform. A clickjacking vulnerability exists in Red Hat Dashbuilder. An unauthenticated attacker could exploit the vulnerability to compromise an affecte...

QNAP QTS < 4.2.4 Build 20170313 Multiple Vulnerabilities - Version Check

QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

Design/Logic Flaw

NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to clickjacking attacks due to a missing SAMEORIGIN filter in the "high encryption" setting...

CVE-2016-9168

A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking...

CVE-2016-5755

NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to clickjacking attacks due to a missing SAMEORIGIN filter in the "high encryption" setting...

CVE-2016-9168

A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking...

Design/Logic Flaw

A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking...

CVE-2016-5755

NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to clickjacking attacks due to a missing SAMEORIGIN filter in the "high encryption" setting...