The vulnerability of the Security Support Provider Interface (SSPI) and the implementation of the Server Message Block (SMB) network protocol in the Squid proxy server allows a perpetrator to disclose protected information or cause service failures.

The vulnerability of the Security Support Provider Interface SSPI and the implementation of the Server Message Block SMB network protocol in the Squid proxy server is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensiti...

SUSE CVE-2011-2192

The Curlinputnegotiate function in httpnegotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests...

SUSE CVE-2018-6178

Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension...

SUSE CVE-2019-13759

Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page...

SUSE CVE-2020-6441

Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page...

SUSE CVE-2021-21215

Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page...

GSS-NTLMSSP 缓冲区错误漏洞

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication from the gssapi open source. A buffer error vulnerability exists in GSS-NTLMSSP versions prior to 1.2.0, which stems from a failure of ntlmstrconvert that could result in a zero being written to an arbitra...

DEBIAN-CVE-2023-0697

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 110.0.5481.77 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2022-3313

Incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Medium...

The vulnerability of the Microsoft Security Support Provider Interface (SSPI) in the Microsoft Windows operating system allows attackers to escalate their privileges.

The vulnerability of the Microsoft Security Support Provider Interface SSPI in the Microsoft Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

UBUNTU-CVE-2022-0110

Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

UBUNTU-CVE-2022-0112

Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL...

The vulnerability of the “security” software interface of the software environment for implementing the MediaWiki hypertext environment allows a perpetrator to compromise the integrity of the protected information.

The vulnerability of the “security” programming interface of the software environment for implementing the MediaWiki hypertext environment is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to compromise the integrity of...

DEBIAN-CVE-2021-21216

Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page...

DEBIAN-CVE-2021-21215

Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page...

Mozilla: Fullscreen could be enabled without displaying the security UI

It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

DEBIAN-CVE-2020-6547

Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page...

UBUNTU-CVE-2020-6547

Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page...

Google Chrome PWA has an unspecified vulnerability

Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A security vulnerability exists in versions prior to Google Chrome 84.0.4147.89, which stems from an incorrect security user interface and can be exploited by...

chromium-browser: Inappropriate implementation in full screen

Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page...