Lucene search
K

7 matches found

Redos
Redos
added 2026/03/10 12:0 a.m.3 views

ROS-20260310-73-0011

A vulnerability in the Digital Credentials component of Google Chrome browser is related to incorrect restriction of visualized user interface layers. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity of protected information...

5.4CVSS5.8AI score0.00168EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/19 12:0 a.m.5 views

Shopside App 安全漏洞

Shopside App is a shopping application by Shopside Turkey. A security vulnerability exists in Shopside App 05022025 and earlier versions, which stems from improper restriction of the rendering UI layer or frame, which may result in an iFrame override...

4.7CVSS6.7AI score0.00184EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/03/17 12:0 a.m.4 views

The vulnerability of Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird lies in improper restrictions on the display of user interface layers or frames, allowing attackers to access confidential information.

The vulnerabilities of Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird are related to improper restrictions on the layers or frames that are displayed in the user interface. Exploiting these vulnerabilities can allow a malicious actor to gain access to confidential...

7.6CVSS6.9AI score0.00672EPSS
Exploits0References12Affected Software8
OSV
OSV
added 2022/06/13 7:15 a.m.4 views

CVE-2017-20041

A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical. Affected is an unknown function of the component HTML Handler. The manipulation of the argument title leads to improper restriction of rendered ui layers URL. It is possible to launch the attack remotely...

6.5CVSS5.5AI score0.00669EPSS
Exploits1References2
NVD
NVD
added 2021/01/13 4:15 p.m.19 views

CVE-2021-3139

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopylocateudev in tcmurcmdhandler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if th...

8.1CVSS8.4AI score0.02649EPSS
Exploits0References5
Prion
Prion
added 2021/01/13 4:15 p.m.29 views

Directory traversal

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopylocateudev in tcmurcmdhandler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if th...

5.5CVSS8.1AI score0.06563EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2020/04/12 12:0 a.m.4 views

PT-2020-12797 · Kong · Docker-Kong

Name of the Vulnerable Software and Affected Versions: docker-kong versions through 2.0.3 Description: An issue was discovered where the admin API port may be accessible on interfaces other than 127.0.0.1. The vendor argues that this is not a vulnerability because it has an inaccurate bug scope a...

9.8CVSS6.8AI score0.33825EPSS
Exploits0References12
Rows per page
Query Builder