Lucene search
K

35 matches found

bdu_fstec
bdu_fstec
added 2024/11/29 12:0 a.m.6 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in improper restrictions on the displayed layers of the user interface, which allows attackers to perform spoofing attacks.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to an improper limitation on the visually displayed user interface layers. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks using a specially created file with th...

10CVSS6.6AI score0.00833EPSS
Exploits0References12Affected Software4
bdu_fstec
bdu_fstec
added 2024/11/11 12:0 a.m.5 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in improper restrictions on the displayed layers of the user interface, which allows attackers to carry out clickjacking attacks.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to an improper limitation on the visually displayed layers of the user interface. Exploiting this vulnerability allows a remote attacker to carry out a clickjacking attack...

6.4CVSS6.8AI score0.00351EPSS
Exploits0References15Affected Software6
bdu_fstec
bdu_fstec
added 2024/04/30 12:0 a.m.6 views

The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird relates to an improper limitation on the visible layers of the user interface, allowing a malicious actor to compromise data integrity.

The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability allows a remote attacker to compromise data integrity...

7.8CVSS7.3AI score0.00545EPSS
Exploits0References13Affected Software6
ptsecurity
ptsecurity
added 2024/04/24 12:0 a.m.4 views

PT-2024-13488

Name of the Vulnerable Software and Affected Versions Automattic Jetpack versions prior to 12.7 Description The issue is related to an Improper Restriction of Rendered UI Layers or Frames vulnerability, which allows Clickjacking. Recommendations For versions prior to 12.7, update to version 12.7 ...

5.4CVSS8.2AI score0.00272EPSS
Exploits0References4
bdu_fstec
bdu_fstec
added 2024/02/29 12:0 a.m.5 views

The vulnerability in the full-screen mode of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows attackers to perform spear-phishing attacks.

The vulnerability in the full-screen mode of browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to an incorrect limitation on the number of user interface layers or frames that can be displayed. Exploiting this vulnerability allows a malicious actor to...

5CVSS6.6AI score0.00575EPSS
Exploits0References13Affected Software12
bdu_fstec
bdu_fstec
added 2024/02/29 12:0 a.m.10 views

The vulnerability in the implementation of the browser application interfaces of Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a hacker to display an alertdialog on a different website.

The vulnerability in the implementation of the browser application interfaces of Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to an incorrect limitation on the number of user interface layers or frames that can be displayed. Exploiting this vulnerability allows a...

5CVSS6.8AI score0.00673EPSS
Exploits0References13Affected Software12
cvelist
cvelist
added 2023/11/30 4:55 p.m.24 views

CVE-2023-2265 Improper restriction of rendered UI layers or frames could lead to clickjacking attack

An Improper Restriction of Rendered UI Layers or Frames in the Schweitzer Engineering Laboratories SEL-411L could allow an unauthenticated attacker to perform clickjacking based attacks against an authenticated and authorized user. See product Instruction Manual Appendix A dated 20230830 for more...

4.3CVSS6.5AI score0.0039EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/04/18 8:6 p.m.12 views

CVE-2022-43378

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause the user to be tricked into performing unintended actions when external address frames are not properly restricted. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

6.5CVSS6.5AI score0.00462EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2023/03/17 12:0 a.m.5 views

The vulnerability of Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird lies in improper restrictions on the display of user interface layers or frames, allowing attackers to access confidential information.

The vulnerabilities of Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird are related to improper restrictions on the layers or frames that are displayed in the user interface. Exploiting these vulnerabilities can allow a malicious actor to gain access to confidential...

7.6CVSS6.9AI score0.00672EPSS
Exploits0References12Affected Software8
nvd
nvd
added 2023/03/13 5:15 a.m.39 views

CVE-2023-1362

Improper Restriction of Rendered UI Layers or Frames in GitHub repository unilogies/bumsys prior to v2.0.2...

8.4CVSS6.8AI score0.01411EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2023/02/11 12:0 a.m.6 views

PT-2023-16522 · Cockpit · Cockpit

Name of the Vulnerable Software and Affected Versions: cockpit versions prior to 2.3.9 Description: The issue is related to improper restriction of rendered UI layers or frames. Recommendations: For versions prior to 2.3.9, update to version 2.3.9 or later to resolve the issue...

5.4CVSS4.3AI score0.00373EPSS
Exploits1References6
osv
osv
added 2022/06/13 7:15 a.m.5 views

CVE-2017-20041

A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical. Affected is an unknown function of the component HTML Handler. The manipulation of the argument title leads to improper restriction of rendered ui layers URL. It is possible to launch the attack remotely...

6.5CVSS5.5AI score0.00669EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2022/06/13 6:50 a.m.8 views

CVE-2017-20041 Ucweb UC Browser HTML URL improper restriction of rendered ui layers

A vulnerability was found in Ucweb UC Browser 11.2.5.932. It has been classified as critical. Affected is an unknown function of the component HTML Handler. The manipulation of the argument title leads to improper restriction of rendered ui layers URL. It is possible to launch the attack remotely...

5.4CVSS6.7AI score0.00669EPSS
Exploits1References2
kitploit
kitploit
added 2021/08/21 12:30 p.m.23 views

Brutus - An Educational Exploitation Framework Shipped On A Modular And Highly Extensible Multi-Tasking And Multi-Processing Architecture

An educational exploitation framework shipped on a modular and highly extensible multi-tasking and multi-processing architecture. Brutus: an Introduction Looking for version 1? See the branches in this repository. Brutus is an educational exploitation framework written in Python. It automates pre...

7.2AI score
Exploits0References5
cvelist
cvelist
added 2020/12/03 11:15 a.m.35 views

CVE-2020-5679

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. If a user accesses a specially crafted page while logged into the administrative page, unintended operations may be conducted...

6.3AI score0.00655EPSS
Exploits0References2
Rows per page
Query Builder