Lucene search
K

98 matches found

NVD
NVD
added 2026/07/03 9:17 p.m.11 views

CVE-2026-45488

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

5.9CVSS0.00249EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 8:21 p.m.16 views

CVE-2026-9106

The CVE-2026-9106 issue concerns GitHub Enterprise Server where a UI misrepresentation allowed an OAuth app to gain unauthorized access to an organization’s runner management. A victim could be tricked into authorizing an app requesting the manage_runners:org scope because the scope was not shown...

5.5CVSS5.8AI score0.00176EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/30 8:21 p.m.36 views

CVE-2026-9106 UI misrepresentation vulnerability in GitHub Enterprise Server allowed unauthorized organization runner management via undisclosed OAuth scope on consent screen

A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed an OAuth application to gain unintended access to an organization's runner management. An attacker could exploit this by creating an OAuth application requesting the managerunners:org scope and directing ...

4.8CVSS0.00176EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/30 8:21 p.m.6 views

CVE-2026-9106

A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed an OAuth application to gain unintended access to an organization's runner management. An attacker could exploit this by creating an OAuth application requesting the managerunners:org scope and directing ...

4.8CVSS5.8AI score0.00176EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-53988

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.22 Description A UI misrepresentation issue allows an OAuth application to obtain unauthorized access to organization runner management. An attacker can exploit this by creating an OAuth application...

5.5CVSS5.8AI score0.00176EPSS
Exploits0References14
Snyk
Snyk
added 2026/05/20 3:35 p.m.12 views

User Interface (UI) Misrepresentation of Critical Information

Overview symfony/html-sanitizer is a Provides an object-oriented API to sanitize untrusted HTML input for safe insertion into a document's DOM. Affected versions of this package are vulnerable to User Interface UI Misrepresentation of Critical Information via UrlSanitizer::parse in the...

7.1CVSS5.8AI score0.00069EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.12 views

CVE-2026-35429

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

4.3CVSS5.8AI score0.00497EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.16 views

EUVD-2026-29673

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

4.3CVSS5.8AI score0.00349EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 6:17 p.m.12 views

CVE-2026-35429

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

4.3CVSS0.00497EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:59 p.m.6 views

CVE-2026-40416

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

4.3CVSS5.8AI score0.00349EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:59 p.m.7 views

CVE-2026-42891

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.8AI score0.00285EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/14 1:22 a.m.7 views

CVE-2026-33119

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS5.8AI score0.00311EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/04/10 2:0 p.m.114 views

Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS5.8AI score0.00311EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.19 views

Microsoft Edge (Chromium) < 147.0.3912.60 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 147.0.3912.60. It is, therefore, affected by multiple vulnerabilities as referenced in the April 10, 2026 advisory. - Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who...

9.8CVSS7.7AI score0.00608EPSS
Exploits0References125
NVD
NVD
added 2026/02/19 11:16 p.m.7 views

CVE-2026-1658

User Interface UI Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning. The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users. This issue affects Director...

5.3CVSS0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/19 10:40 p.m.7 views

CVE-2026-1658 Content spoofing vulnerability discovered in OpenText™ Directory Services

User Interface UI Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning. The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users. This issue affects Director...

5.3CVSS5.9AI score0.00242EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/11 7:45 p.m.7 views

CVE-2026-21527

User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.5AI score0.0768EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 6:16 p.m.7 views

CVE-2026-21527

User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.8AI score0.0768EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/10 5:51 p.m.4 views

CVE-2026-21527

User interface ui misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.5AI score0.0768EPSS
Exploits0References2Affected Software4
RedhatCVE
RedhatCVE
added 2026/02/07 1:23 a.m.7 views

CVE-2026-0391

User interface ui misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.4AI score0.00595EPSS
Exploits0References1
Rows per page
Query Builder