PT-2023-1422 · Microsoft · Power Bi Report Server

Name of the Vulnerable Software and Affected Versions: Power BI Report Server affected versions not specified Description: The issue is related to errors in the user interface's representation of information. It may allow a remote attacker to conduct spoofing attacks. Recommendations: At the...

DEBIAN-CVE-2022-4176

Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. Chromium security severity: High...

DEBIAN-CVE-2022-3318

Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI interaction. Chromium security severity: Low...

PT-2022-2925 · Microsoft · Power Bi +1

Name of the Vulnerable Software and Affected Versions: Microsoft Power BI affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Microsoft Power BI local data gateway component, Microsoft On-Premises Data...

CVE-2020-20096

Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...

CVE-2022-24460

Tablet Windows User Interface Application Elevation of Privilege Vulnerability...

CVE-2022-22553

Dell EMC AppSync versions 3.9 to 4.3 contain an Improper Restriction of Excessive Authentication Attempts Vulnerability that can be exploited from UI and CLI. An adjacent unauthenticated attacker could potentially exploit this vulnerability, leading to password brute-forcing. Account takeover is...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security bypass vulnerability exists in the Google Chrome Browser UI, which can be exploited by attackers to bypass security restrictions...

PT-2021-7892 · Microsoft · Sharepoint Server

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to errors in the user interface's representation of information. Exploitation of this issue may allow a remote attacker to perform a spoofing attack...

PT-2021-7882 · Microsoft · Sharepoint Server

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, allowing a remote attacker to perform a spoofing attack. This can affect the...

PT-2021-5052 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in the representation of information by the user interface in the implementation of the Windows Authenticode code signing technology in the Microsoft Windows...

PT-2021-2621 · Microsoft · Windows Installer +1

Name of the Vulnerable Software and Affected Versions: Windows Installer affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Windows Installer component in Microsoft Windows operating systems. This can allow...

Cisco Unified Communications Manager 跨站脚本漏洞

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A SQL injection vulnerability...

CVE-2021-20520

IBM Jazz Foundation Products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198572...

F5 BIG-IQ 跨站脚本漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A cross-site scripting vulnerability exists in BIG-IQ, which could be exploited by an attacker using a specially crafted URL to reflect...

Mozilla Firefox and Mozilla Thunderbird Security Vulnerabilities

Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is a suite of standalone Mozilla Application Suite Mozilla Thunderbird is a stand-alone e-mail client software from the Mozilla...

PT-2020-4827 · Microsoft · Azure Devops Server +1

Name of the Vulnerable Software and Affected Versions: Azure DevOps Server and Team Foundation Services affected versions not specified Description: The issue is related to a spoofing vulnerability in the Team Foundation Services component of Azure DevOps Server, where the user interface can be...

PT-2020-4606

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description The issue is related to a spoofing vulnerability in the Windows operating system, which is associated with errors in the representation of information by the user interface. This vulnerabilit...

chromium-browser: Use after free in user interface

Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2019-8948

PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163...