941 matches found
CVE-2026-52690
Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...
CVE-2026-32208
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Edge Chromium-based allows an authorized attacker to perform spoofing over a network...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page...
CVE-2026-50009
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the...
CVE-2026-5792 Authentication Bypass in Hedef Media's Related Marketing Cloud (RMC)
Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...
CVE-2026-47639
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
CVE-2026-33113
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
ROS-20260610-73-0006
The vulnerability in Thunderbird relates to the bypassing of authentication mechanisms through spoofing. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks remotely...
EUVD-2026-35511
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
CVE-2026-47640
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
CVE-2026-47637
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
CVE-2026-45483
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network...
EUVD-2026-35580
Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...
CVE-2026-47639
CVE-2026-47639 affects Microsoft Office SharePoint Server. The description identifies an Improper neutralization of input during web page generation (XSS) that enables an authorized attacker to perform spoofing over a network. Connected sources corroborate an XSS payload risk in SharePoint, leadi...
CVE-2026-47637
CVE-2026-47637 describes an XSS issue in Microsoft Office SharePoint Server. The vulnerability arises from improper neutralization of input during web page generation, enabling an authorized attacker to perform spoofing over a network. {}Affected product/component: Microsoft Office SharePoint Ser...
CVE-2026-41098
Azure Stack Edge is affected by CVE-2026-41098 due to improper neutralization of input during web page generation, enabling cross-site scripting. The vulnerability is exploitable by an authorized attacker over the network to perform spoofing. The CVSS 3.1 metrics indicate a high-impact, network-e...
CVE-2026-45650
CVE-2026-45650 describes a UI misrepresentation vulnerability in Microsoft Bing Search that could enable an attacker to spoof information over a network. The exact root cause and affected UI components are not detailed in the provided documents. CVSSv3.1 base score is 4.3 (Medium): Network attack...
CVE-2026-45642
Microsoft Azure Attestation service and Device Health Attestation Service are affected by improper input validation, allowing an authorized attacker to perform spoofing with a physical attack. CVSS 3.1, base score 3.9 (LOW); attack vector Physical, privileges required High, integrity impact High,...
CVE-2026-45501
CVE-2026-45501 concerns Microsoft Exchange Server. The issue is improper neutralization of input during web page generation, i.e., a cross-site scripting vulnerability that can allow an unauthorized attacker to perform spoofing over a network. CVSS 3.1 base score 6.5 (Medium): attack vector Netwo...
PT-2026-48035
Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network. Cross-si...