EUVD-2025-200286

The BigFix SaaS's HTTP responses were missing some security headers. The absence of these headers weakens the application's client-side security posture, making it more vulnerable to common web attacks that these headers are designed to mitigate, such as Cross-Site Scripting XSS, Clickjacking, an...

CVE-2025-52622 HCL BigFix SaaS Remediate is affected by a security vulnerability

The BigFix SaaS's HTTP responses were missing some security headers. The absence of these headers weakens the application's client-side security posture, making it more vulnerable to common web attacks that these headers are designed to mitigate, such as Cross-Site Scripting XSS, Clickjacking, an...

CVE-2025-52622 HCL BigFix SaaS Remediate is affected by a security vulnerability

The BigFix SaaS's HTTP responses were missing some security headers. The absence of these headers weakens the application's client-side security posture, making it more vulnerable to common web attacks that these headers are designed to mitigate, such as Cross-Site Scripting XSS, Clickjacking, an...

CVE-2025-52622

Technical details about CVE-2025-52622 are not publicly provided in the supplied documents. Monitor for updates from Red Hat, NVD, and CVE records to obtain affected products, fixed versions, and remediation guidance.

HCL BigFix SaaS 安全漏洞

HCL BigFix SaaS is an endpoint management platform from HCL India. A security vulnerability exists in HCL BigFix SaaS, which stems from a missing security header and could lead to cross-site scripting and clickjacking attacks...

PT-2025-48738

The BigFix SaaS's HTTP responses were missing some security headers. The absence of these headers weakens the application's client-side security posture, making it more vulnerable to common web attacks that these headers are designed to mitigate, such as Cross-Site Scripting XSS, Clickjacking, an...

CVE-2025-36149

IBM Concert Software (versions 1.0.0–2.0.0) is affected by CVE-2025-36149, a remote-click hijacking (clickjacking) vulnerability in the UI that could allow an attacker to hijack a victim’s clicking actions. The issue is documented across multiple sources (IBM, Red Hat RH, EUVD, NVD, etc.), consis...

CVE-2025-36149 IBM Concert Software clickjacking

IBM Concert Software 1.0.0 through 2.0.0 could allow a remote attacker to hijack the clicking action of the victim...

CVE-2025-36149 IBM Concert Software clickjacking

IBM Concert Software 1.0.0 through 2.0.0 could allow a remote attacker to hijack the clicking action of the victim...

TencentOS Server 4: firefox (TSSA-2025:0417)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0417 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: mozjs (TSSA-2025:0474)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0474 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-64387

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

CVE-2025-64387

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

CVE-2025-64387 CLICKJACKING

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

CVE-2025-64387

CVE-2025-64387 is a documented clickjacking vulnerability described across multiple feeds (NVD/Red Hat/CIRCL etc.). The core issue is UI deception via embedding the vulnerable page in an attacker‑controlled page, potentially prompting users to click or enter credentials. NVD notes a CVSS v4.0 bas...

EUVD-2025-37353

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

CVE-2025-64387 CLICKJACKING

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

PT-2025-44629

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The web application is susceptible to a clickjacking attack. This involves embedding a vulnerable page within a page controlled by an attacker to mislead users...

Circutor TCPRS1plus 安全漏洞

Circutor TCPRS1plus is a communication converter from Circutor Spain. Circutor TCPRS1plus suffers from a security vulnerability that stems from susceptibility to clickjacking attacks...

EUVD-2024-28045

HCL DRYiCE AEX is impacted by a lack of clickjacking protection in the AEX web application. An attacker can use multiple transparent or opaque layers to trick a user into clicking on a button or link on another page than the one intended...