EUVD-2025-201222

In the Linux kernel, the following vulnerability has been resolved: fs/notify: call exportfsencodefid with sumount Calling intotifyshowfdinfo on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing NULL ptr. This issue was found by syzkaller. Race...

PT-2025-47346

Name of the Vulnerable Software and Affected Versions Drupal versions 8.0.0 through 10.4.9 Drupal versions 10.5.0 through 10.5.6 Drupal versions 11.0.0 through 11.1.9 Drupal versions 11.2.0 through 11.2.8 Description A flaw exists in Drupal core that allows for content spoofing through a user...

EUVD-2017-11294

Malware in sbrugna...

PT-2023-7751 · Microsoft · Azure Devops Server

Name of the Vulnerable Software and Affected Versions: Azure DevOps Server affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. Exploitation of this issue may allow a remote attacker to bypass security restrictions...

PT-2023-7271 · Microsoft · Visual Studio Code Jupyter Extension

Name of the Vulnerable Software and Affected Versions: Visual Studio Code Jupyter Extension affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. It may allow an attacker to conduct spoofing attacks. Recommendations...

PT-2023-7031 · Microsoft · Dynamics 365 Sales

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics 365 Sales affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Microsoft Dynamics 365 server. It may allow a remote attacker to conduc...

lg-informationdisplay.com Cross Site Scripting vulnerability OBB-3727502

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2023-3528 · Microsoft · Office Onenote

Name of the Vulnerable Software and Affected Versions: Microsoft OneNote affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to conduct spoofing attacks. Recommendations...

lg-informationdisplay.com Cross Site Scripting vulnerability OBB-3375389

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

PT-2023-2716 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to perform a spoofing attack...

PT-2023-1767 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. It allows a remote attacker to conduct spoofing attacks, affecting the system...

SUSE CVE-2011-2644

Cross-site scripting XSS vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an RPM info display...

SUSE CVE-2011-2650

Cross-site scripting XSS vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted pattern name that is included in an RPM info display...

PT-2022-5629 · Microsoft · Exchange Server

Name of the Vulnerable Software and Affected Versions: Microsoft Exchange Server affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to perform a spoofing attack. This c...

PT-2022-2864 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can allow a remote attacker to conduct spoofing attacks...

PT-2022-1693 · Microsoft · Azure Data Explorer

Name of the Vulnerable Software and Affected Versions: Azure Data Explorer affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to conduct spoofing attacks...

PT-2021-4737 · Microsoft · Windows Print Spooler +1

Name of the Vulnerable Software and Affected Versions: Windows Print Spooler affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Windows Print Spooler in Windows operating systems. This can allow a remote...

Mozilla Thunderbird < 78.12

The version of Thunderbird installed on the remote Windows host is prior to 78.12. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-30 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially...

PT-2021-5718 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in presenting information to the user interface, which can be exploited by a remote attacker to conduct spoofing attacks. This allows attackers to affect the...

PT-2021-6024 · Microsoft · Visual Studio

Name of the Vulnerable Software and Affected Versions: Microsoft Visual Studio affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. It may allow a remote attacker to conduct spoofing attacks using a specially craft...