962 matches found
PT-2025-49177
Name of the Vulnerable Software and Affected Versions Microsoft Edge for iOS affected versions not specified Description A flaw in the user interface UI of Microsoft Edge for iOS can allow an attacker to perform spoofing attacks over a network by misrepresenting critical information. This could...
CVE-2025-62459
Microsoft Defender Portal Spoofing Vulnerability...
Security Bulletin: Due to the use of Swagger UI, IBM Security SOAR is vulnerable to spoofing attacks..
Summary IBM Security SOAR uses Swagger-UI internally. CVE-2025-25031 Vulnerability Details CVEID:CVE-2018-25031 DESCRIPTION: Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this...
ROS-20251117-05
A vulnerability in the LXD container and lightweight virtual machine management system is related to redundant API data output. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information The vulnerability in the LXD container and...
ROS-20251117-04
A vulnerability in the LXD container and lightweight virtual machine management system is related to redundant API data output. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to potentially sensitive information The vulnerability in the LXD container and...
SUSE SLES15 Security Update : bind (SUSE-SU-2025:4107-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4107-1 advisory. - CVE-2025-40778: Address various spoofing attacks bsc1252379. - CVE-2025-40780: Cache-poisoning due to weak pseudo-random number...
CVE-2025-62211
Improper neutralization of input during web page generation 'cross-site scripting' in Dynamics 365 Field Service online allows an authorized attacker to perform spoofing over a network...
CVE-2025-62211
Improper neutralization of input during web page generation 'cross-site scripting' in Dynamics 365 Field Service online allows an authorized attacker to perform spoofing over a network...
Dynamics 365 Field Service (online) Spoofing Vulnerability
Improper neutralization of input during web page generation 'cross-site scripting' in Dynamics 365 Field Service online allows an authorized attacker to perform spoofing over a network...
Microsoft Dynamics 365 跨站脚本漏洞
Microsoft Dynamics 365 is a suite of ERP business solutions for multinational organizations from Microsoft USA. It is used for financial management, production management and business intelligence management. A cross-site scripting vulnerability exists in Microsoft Dynamics 365 Field Service...
ROS-20251110-03
Vulnerability in Google Chrome browser is related to insufficient input data validation when processing DOM elements. Exploitation of the vulnerability allows a remote attacker to launch a spoofing attack or cause a denial of service. Spoofing attack or cause a denial of service Vulnerability in...
SUSE SLES12: bind / bind-chrootenv / bind-devel / bind-doc / bind-utils / etc (SUSE-SU-2025:3976-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:3976-1 advisory. - CVE-2025-40778: Address various spoofing attacks bsc1252379. Tenable has extracted the preceding description block directly from the SUSE security...
FreeBSD 安全漏洞
FreeBSD is a Unix-like operating system from the FreeBSD Foundation. A security vulnerability exists in FreeBSD, which stems from the kernel adding sockets to a load balancing group without checking the connection state, and matching load balancing group sockets while connected, which could lead ...
Playwright downloads and installs browsers without verifying the authenticity of the SSL certificate
Summary Use of curl with the -k or --insecure flag in installer scripts allows attackers to deliver arbitrary executables via Man-in-the-Middle MitM attacks. This can lead to full system compromise, as the downloaded files are installed as privileged applications. Details The following scripts in...
CVE-2025-59284
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally...
CVE-2025-59288
Improper verification of cryptographic signature in Github: Playwright allows an unauthorized attacker to perform spoofing over an adjacent network...
CVE-2025-59288
Improper verification of cryptographic signature in Github: Playwright allows an unauthorized attacker to perform spoofing over an adjacent network...
CVE-2025-59244
External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network...
Microsoft NTLM 安全漏洞
Microsoft NTLM is a Microsoft USA authentication protocol used on networks including systems running the Windows operating system as well as standalone systems. A security vulnerability exists in Microsoft NTLM that originates from an attacker exploiting the vulnerability to perform a spoofing...
Microsoft NTLM 安全漏洞
Microsoft NTLM is a Microsoft USA authentication protocol used on networks including systems running the Windows operating system as well as standalone systems. A security vulnerability exists in Microsoft NTLM that originates from an attacker exploiting the vulnerability to perform a spoofing...