105 matches found
CVE-2023-32331
IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. IBM X-Force ID: 254979...
IBM Sterling Connect:Express for UNIX 缓冲区错误漏洞
IBM Sterling Connect:Express for UNIX is a file transfer solution for the UNIX platform from International Business Machines IBM. A buffer overflow vulnerability exists in IBM Sterling Connect:Express for UNIX version 1.5.0, which originates from the program's failure to properly validate the...
The vulnerability in the Web Browser UI interface of Google Chrome and Microsoft Edge allows attackers to perform spoofing attacks.
The vulnerability of the Web Browser UI interface in Google Chrome and Microsoft Edge is related to improperly implemented security checks for standard elements. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks using a specially created HTML page...
Security Bulletin: IBM Sterling Connect:Direct Browser User Interface vulnerable to remote code execution due to IBM Java (CVE-2022-40609)
Summary IBM Sterling Connect:Direct Browser User Interface uses IBM® Runtime Environment Java™ Versions 8.0 which has a remote code execution vulnerability. IBM Sterling Connect:Direct Browser User Interface has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-40609 DESCRIPTION:...
Security Bulletin: IBM Sterling Connect:Direct Browser User Interface vulnerable to multiple issues due to IBM Runtime Environment Java
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions. Sterling Connect:Direct Browser User Interface has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-21830 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization...
SUSE CVE-2017-5419
If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service DOS attack. This vulnerability affects Firefox 52 and Thunderbird 52...
CVE-2023-22464
ViewVC is a browser interface for CVS and Subversion version control repositories. Versions prior to 1.2.3 and 1.1.30 are vulnerable to cross-site scripting. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository exposed by a...
CVE-2023-22456
CVE-2023-22456 affects ViewVC, a browser interface for CVS/Subversion repositories. The vulnerability is an cross-site scripting (XSS) flaw that impacts ViewVC versions before 1.2.2 (and 1.1.29). The attack requires the attacker to have commit privileges to a Subversion repository exposed by a tr...
CVE-2023-22456 ViewVC XSS vulnerability in revision view changed paths
ViewVC, a browser interface for CVS and Subversion version control repositories, as a cross-site scripting vulnerability that affects versions prior to 1.2.2 and 1.1.29. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a Subversion repository...
DEBIAN-CVE-2022-45418
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...
Mozilla: Custom mouse cursor could have been drawn over browser UI
The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks...
Mozilla: Custom mouse cursor could have been drawn over browser UI
The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks...
Mozilla: Custom mouse cursor could have been drawn over browser UI
The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks...
Mozilla: Custom mouse cursor could have been drawn over browser UI
The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks...
Mozilla: Custom mouse cursor could have been drawn over browser UI
The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks...
Mozilla: Custom mouse cursor could have been drawn over browser UI
The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks...
Mozilla: Custom mouse cursor could have been drawn over browser UI
The Mozilla Foundation Security Advisory describes this flaw as: If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks...
UBUNTU-CVE-2022-45418
If a custom mouse cursor is specified in CSS, under certain circumstances the cursor could have been drawn over the browser UI, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...
Security Bulletin: IBM Sterling Connect:Direct Browser User Interface has multiple vulnerabilities due to IBM Java
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions. Sterling Connect:Direct Browser User Interface has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-21365 DESCRIPTION: An unspecified vulnerability in Java SE related to the ImageIO componen...
Vulnerability of Google Chrome’s browser interface, allowing a hacker to execute arbitrary code
The vulnerability of Google Chrome’s browser interface relates to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...