16 matches found
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...
EUVD-2024-54261
Malicious code in bioql PyPI...
CVE-2025-6434
CVE-2025-6434 corresponds to the HTTPS-Only exception page lacking an anti-clickjacking delay, enabling potential user trickery to grant an exception and load an HTTP page. Public sources in the provided documents indicate affected products are Mozilla Firefox and Mozilla Thunderbird, specificall...
PT-2025-18093 · Dify · Dify
Name of the Vulnerable Software and Affected Versions: DIFY versions prior to 1.3.0 Description: A clickjacking issue was found in the default setup of the DIFY application, allowing malicious actors to trick users into clicking on elements of the web page without their knowledge or consent. This...
CVE-2024-54558
A clickjacking issue was addressed with improved out-of-process view handling. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to trick a user into granting access to photos from the user's photo library...
CVE-2024-54558
A clickjacking issue was addressed with improved out-of-process view handling. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to trick a user into granting access to photos from the user's photo library...
CVE-2024-54558
CVE-2024-54558 describes a clickjacking issue related to out-of-process view handling. The flaw could allow an app to trick a user into granting access to the Photos Library. It affects Apple platforms and is fixed in macOS Sequoia 15, iOS 18, and iPadOS 18. The CVE’s base metrics show a low seve...
CVE-2024-54558
A clickjacking issue was addressed with improved out-of-process view handling. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to trick a user into granting access to photos from the user's photo library...
CVE-2024-54558
A clickjacking issue was addressed with improved out-of-process view handling. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to trick a user into granting access to photos from the user's photo library...
PT-2024-25223 · Lb Link · Lb-Link Bl-W1210M
Name of the Vulnerable Software and Affected Versions: LB-LINK BL-W1210M version 2.0 Description: A clickjacking issue was discovered via the Administrator login page. Attackers can cause victim users to perform arbitrary operations by interacting with crafted elements on the web page...
PT-2023-8289 · Moxa · Oncell G3150A-Lte Series
Name of the Vulnerable Software and Affected Versions: OnCell G3150A-LTE Series firmware versions v1.3 and prior Description: A clickjacking vulnerability has been identified, caused by incorrectly restricting frame objects. This can lead to user confusion about which interface the user is...
PT-2023-30408 · Yamcs · Yamcs
Name of the Vulnerable Software and Affected Versions: Yamcs version 5.8.6 Description: An issue in Yamcs allows attackers to send arbitrary telecommands in a Command Stack via Clickjacking. Recommendations: For Yamcs version 5.8.6, at the moment, there is no information about a newer version tha...
JSA10647 - 2014-09 Security Bulletin: Junos Pulse Secure Access Service (SSL VPN): Clickjacking issue (CVE-2014-3823)
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. A clickjacking issue has been found in the Pulse Connect Secure product. 'X-Frame-Options' has been added to defend against this type of attack. The attack could take place against...
Design/Logic Flaw
Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."...
CVE-2009-0114
Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."...
CVE-2009-0114
Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."...