7312 matches found
CVE-2026-20233
A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed. This vulnerability...
Cisco Webex Meetings Cross-Site Scripting Vulnerability
A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed. This vulnerability...
CVE-2026-38978
A flaw was found in Transmission. A clickjacking weakness exists in the browser-facing WebUI and RPC Remote Procedure Call response paths. This vulnerability could allow a remote attacker to trick a user into performing unintended actions by overlaying malicious content over legitimate interface...
SUSE CVE-2026-38978
transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...
CVE-2026-38978
transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...
DEBIAN-CVE-2026-38978
transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...
EUVD-2026-33804
In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...
EUVD-2026-33803
In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-45777
transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...
EUVD-2026-33971
transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...
CVE-2026-38978
transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...
CVE-2026-38978
transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...
CVE-2026-38978
transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...
CVE-2026-0094
In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...
CVE-2026-0093
In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0094
In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...
CVE-2026-0096
In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0094
In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo...
CVE-2026-0096
In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0094
Technical details for CVE-2026-0094 are not publicly available in the provided documents; monitor for updates.