CVE-2026-34258

SAPUI5 Search UI allows an unauthenticated attacker to manipulate specific URL parameters on the Search UI to include malicious content. Successful exploitation may mislead victim users into clicking and accessing attacker-controlled pages rendered by the application. This vulnerability has a low...

User Interface (UI) Misrepresentation Of Critical Information

Drupal core is vulnerable to User Interface UI Misrepresentation of Critical Information. The vulnerability is due to improper handling of UI content rendering, which allows an attacker to spoof or misrepresent content and mislead users within the application interface...

OESA-2025-1115 git security update

Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Git is easy to learn and has a tiny footprint with lightning fast performance. It outclasses SCM tools like Subversion, CVS, Perforce, and...

SUSE CVE-2024-6607

It was possible to prevent a user from exiting pointerlock when pressing escape and to overlay customValidity notifications from a select element over certain permission prompts. This could be used to confuse a user into giving a site unintended permissions. This vulnerability affects Firefox 128...

DEBIAN-CVE-2023-49343

Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...

CVE-2023-21260

In notification access permission dialog box, malicious application can embedded a very long service label that overflow the original user prompt and possibly contains mis-leading information to be appeared as a system message for user confirmation...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from incorrect input validation that could mislead users about accounts installed on the device...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a security vulnerability that stems from a mismanagement of privileges vulnerability, which could be exploited by an attacker t...

HUAWEI EMUI/Magic UI 安全漏洞

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI third-party pop-up override vulnerability can be exploited by attackers to cause system pop-ups to be overridden, thereby misleading users into...

CVE-2020-4725

IBM Monitoring IBM Cloud APM 8.1.4 could allow an authenticated user to modify HTML content by sending a specially crafted HTTP request to the APM UI, which could mislead another user. IBM X-Force ID: 187974...

chromium-browser: Insufficient policy enforcement in navigation

Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to confuse the user via a crafted domain name...

CVE-2019-0319

The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not...

Mozilla Firefox is vulnerable

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. Mozilla Firefox has a security vulnerability. Allow SSL indicators may mislead users about the real URLs visited. Note: This issue only affects Firefox for Android. Desktop Firefox is not...

Google Releases Chrome 5.0.375.55

Google has released Chrome 5.0.375.55 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to bypass security restrictions, execute script in an unsafe context, or mislead users. US-CERT encourages users and administrators to review the Goog...