22 matches found
CVE-2026-13998
Incorrect security UI in File Input in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
PT-2026-46797
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the user interface allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that...
CVE-2026-9937
Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-9984
Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-9951
Use after free in UI in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-8575
Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8561
Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7991
Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-38317
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
DEBIAN-CVE-2024-5497
Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
BIT-GRAFANA-2022-32276
Grafana 8.4.3 allows unauthenticated access via for example a /dashboard/snapshot/?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability...
CVE-2023-30961 Palantir Gotham UI bug that could lead to incorrect data classification
Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the frontend could have applied an incorrect classification to a newly created property or link...
CVE-2023-30961 Palantir Gotham UI bug that could lead to incorrect data classification
Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the frontend could have applied an incorrect classification to a newly created property or link...
CVE-2022-32276
Grafana 8.4.3 allows unauthenticated access via for example a /dashboard/snapshot/?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability...
CVE-2022-32276
Grafana 8.4.3 allows unauthenticated access via for example a /dashboard/snapshot/?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability...
CVE-2022-32276
Grafana 8.4.3 allows unauthenticated access via for example a /dashboard/snapshot/?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability...
CVE-2022-32276
Grafana 8.4.3 allows unauthenticated access via for example a /dashboard/snapshot/?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability...
CVE-2022-32276
Grafana 8.4.3 allows unauthenticated access via a /dashboard/snapshot/*?orgId=0 URI. The vendor labels this as a UI bug, not a vulnerability. Connected Red Hat and OSV entries reiterate the same issue and list Grafana 8.4.3 as affected. No public exploit details are provided in the documents. Rem...
UBUNTU-CVE-2021-37971
Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
Reddit: Email Verification Bypass And Get access to user's private invitation.
Part 2 of my previous report : https://hackerone.com/reports/1225499 I am sending this report again because you closed my previous report. i posed new impact of this vulnerability in my previous report but i didn't get any reply. So i reported it again. First Vulnerability : Email verification...