Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android that stems from a clickjacking or overwriting attack that could lead to local elevation of privilege...

CVE-2025-52622

The BigFix SaaS's HTTP responses were missing some security headers. The absence of these headers weakens the application's client-side security posture, making it more vulnerable to common web attacks that these headers are designed to mitigate, such as Cross-Site Scripting XSS, Clickjacking, an...

EUVD-2025-200286

The BigFix SaaS's HTTP responses were missing some security headers. The absence of these headers weakens the application's client-side security posture, making it more vulnerable to common web attacks that these headers are designed to mitigate, such as Cross-Site Scripting XSS, Clickjacking, an...

CVE-2025-52622

Technical details about CVE-2025-52622 are not publicly provided in the supplied documents. Monitor for updates from Red Hat, NVD, and CVE records to obtain affected products, fixed versions, and remediation guidance.

CVE-2025-52622 HCL BigFix SaaS Remediate is affected by a security vulnerability

The BigFix SaaS's HTTP responses were missing some security headers. The absence of these headers weakens the application's client-side security posture, making it more vulnerable to common web attacks that these headers are designed to mitigate, such as Cross-Site Scripting XSS, Clickjacking, an...

CVE-2025-52622 HCL BigFix SaaS Remediate is affected by a security vulnerability

The BigFix SaaS's HTTP responses were missing some security headers. The absence of these headers weakens the application's client-side security posture, making it more vulnerable to common web attacks that these headers are designed to mitigate, such as Cross-Site Scripting XSS, Clickjacking, an...

HCL BigFix SaaS 安全漏洞

HCL BigFix SaaS is an endpoint management platform from HCL India. A security vulnerability exists in HCL BigFix SaaS, which stems from a missing security header and could lead to cross-site scripting and clickjacking attacks...

PT-2025-48738

The BigFix SaaS's HTTP responses were missing some security headers. The absence of these headers weakens the application's client-side security posture, making it more vulnerable to common web attacks that these headers are designed to mitigate, such as Cross-Site Scripting XSS, Clickjacking, an...

CVE-2025-36149

IBM Concert Software (versions 1.0.0–2.0.0) is affected by CVE-2025-36149, a remote-click hijacking (clickjacking) vulnerability in the UI that could allow an attacker to hijack a victim’s clicking actions. The issue is documented across multiple sources (IBM, Red Hat RH, EUVD, NVD, etc.), consis...

CVE-2025-36149 IBM Concert Software clickjacking

IBM Concert Software 1.0.0 through 2.0.0 could allow a remote attacker to hijack the clicking action of the victim...

CVE-2025-36149 IBM Concert Software clickjacking

IBM Concert Software 1.0.0 through 2.0.0 could allow a remote attacker to hijack the clicking action of the victim...

TencentOS Server 4: mozjs (TSSA-2025:0474)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0474 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 4: firefox (TSSA-2025:0417)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0417 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-64387

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

CVE-2025-64387

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

CVE-2025-64387 CLICKJACKING

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

EUVD-2025-37353

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

CVE-2025-64387

CVE-2025-64387 is a documented clickjacking vulnerability described across multiple feeds (NVD/Red Hat/CIRCL etc.). The core issue is UI deception via embedding the vulnerable page in an attacker‑controlled page, potentially prompting users to click or enter credentials. NVD notes a CVSS v4.0 bas...

CVE-2025-64387 CLICKJACKING

The web application is vulnerable to a so-called ‘clickjacking’ attack. In this type of attack, the vulnerable page is inserted into a page controlled by the attacker in order to deceive the victim. This deception can range from making the victim click on a button to making them enter their login...

Circutor TCPRS1plus 安全漏洞

Circutor TCPRS1plus is a communication converter from Circutor Spain. Circutor TCPRS1plus suffers from a security vulnerability that stems from susceptibility to clickjacking attacks...