Linux Distros Unpatched Vulnerability : CVE-2017-6504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which could potentially lead to clickjacking. CVE-2017-6504 Note that Nessus relies o...

CVE-2021-38472

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 management portal does not contain an X-FRAME-OPTIONS header, which an attacker may take advantage of by sending a link to an administrator that frames the router’s management portal and could lure the administrator to perform...

SRC-2021-0018 : Microsoft SharePoint Server OAuth Authorization Code Leak Elevation of Privilege Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to elevate privileges. User interaction is required required to exploit this vulnerability. The specific flaw exists in the oauthauthorize page. The issue results from a missing X-Frame-Options header when performing an authorizati...

CVE-2018-6909

CVE-2018-6909 affects Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 Web Application. Root cause: missing X-Frame-Options header. Impact: allows clickjacking by remote attacker via an API page request; CVSSv3 base score 6.5 (NETWORK, LOW toward exploitation, user interactio...