Lucene search
K

88 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:34 a.m.8 views

CVE-2024-52270

User Interface UI Misrepresentation of Critical Information vulnerability in DropBox SignHelloSign allows Content Spoofing. Displayed version does not show the layer flattened version, once download, If printed e.g. via Google Chrome - Examine the print preview: Will render the vulnerability only...

8.2CVSS6.7AI score0.00191EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:4 p.m.7 views

CVE-2022-0858

A cross-site scripting XSS vulnerability in McAfee Enterprise ePolicy Orchestrator ePO prior to 5.10 Update 13 allows a remote attacker to potentially obtain access to an ePO administrator's session by convincing the attacker to click on a carefully crafted link. This would lead to limited abilit...

4.7CVSS5.6AI score0.00781EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:43 p.m.7 views

CVE-2020-14560

Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion component: UI and Visualization. The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hyperion BI+. Successful...

4.2CVSS5.4AI score0.01018EPSS
Exploits0
Cvelist
Cvelist
added 2025/05/22 1:30 p.m.18 views

CVE-2025-4979 Insufficient Granularity of Access Control in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. An attacker may be able to reveal masked or hidden CI variables that they did not author in the WebUI, by simply creating their own variable and observing the HTTP...

4.9CVSS0.00387EPSS
Exploits0References1
OSV
OSV
added 2025/05/07 12:0 a.m.9 views

ALSA-2025:4649 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...

6.4CVSS6.5AI score0.00313EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.7 views

RHEL 8 : thunderbird (RHSA-2025:4654)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:4654 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachmen...

6.4CVSS7AI score0.00313EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.6 views

RHEL 8 : thunderbird (RHSA-2025:4649)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:4649 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachmen...

6.4CVSS7AI score0.00313EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2025/05/07 12:0 a.m.13 views

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: User Interface UI Misrepresentation of attachment URL CVE-2025-3523 thunderbird: Information Disclosure of /tmp directory listing CVE-2025-2830 thunderbird: Leak of hashed Window credentials via crafted...

6.4CVSS6.7AI score0.00313EPSS
Exploits0References8
OSV
OSV
added 2025/05/02 9:15 p.m.3 views

UBUNTU-CVE-2025-4215

A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as problematic. Affected is the function currentStateChanged of the file src/js/1p-filters.js of the component UI. The manipulation leads to inefficient regular expression complexity. It is possible to laun...

3.7CVSS4.3AI score0.0057EPSS
Exploits1References7
CVE
CVE
added 2025/04/09 9:3 a.m.50 views

CVE-2025-25213

The CVE-2025-25213 issue affects Inaba Denki Sangyo Co., Ltd. Wi‑Fi AP UNIT AC-WPS-11ac series (affected versions include v2.0.03P and prior). Root cause: improper restriction of rendered UI layers or frames, enabling unintended operations when a logged‑in user views/clicks on content hosted on a...

6.5CVSS6.9AI score0.00298EPSS
Exploits0References2
CNVD
CNVD
added 2025/03/24 12:0 a.m.2 views

Schneider Electric EcoStruxure Power Automation System User Interface Authorization Issue Vulnerability

Schneider Electric EcoStruxure Power Automation System User Interface is a Schneider Electric user interface software for power automation systems from Schneider Electric France. It is used for operators to interact with the power automation system to improve operational efficiency. The Schneider...

7CVSS6.5AI score0.00258EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/21 12:0 a.m.7 views

The vulnerability of the user interface of Windows operating systems allows a hacker to hide files that have been decompiled from a specially created archive from users’ sight.

The vulnerability of Windows operating systems’ user interfaces is related to the improper handling of file attributes. Exploiting this vulnerability can allow attackers to hide files that have been decompressed from a specially crafted archive from users’ sight...

4.5CVSS5.5AI score
Exploits0References1
CNVD
CNVD
added 2025/02/18 12:0 a.m.4 views

Dell Avamar Access Token Reuse Vulnerability

Dell Avamar is a data backup and recovery solution from Dell that focuses on providing organizations with efficient and flexible data protection services that support physical, virtual and cloud environments. Dell Avamar suffers from an access token reuse vulnerability that stems from the inclusi...

6.6CVSS6.9AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2024/12/05 1:56 p.m.5 views

CVE-2024-52271 PDF Document Spoofing in Documenso

User Interface UI Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed e.g. via Google Chrome - Examine the print preview: Will render the vulnerability only, not all...

8.2CVSS6.6AI score0.00208EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2024/11/12 12:0 a.m.16 views

KLA77113 SUI vulnerability in Microsoft Server Software

Security UI vulnerability was found in Microsoft Server Software. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2024-49040 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. Related...

7.5CVSS8.6AI score0.07748EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/11/06 12:0 a.m.8 views

The vulnerability of the user interface of the TwinCAT Package Manager allows a hacker to execute arbitrary commands.

The vulnerability of the TwinCAT Package Manager’s user interface is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

6.8CVSS5.8AI score0.00187EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/10/20 12:0 a.m.6 views

The vulnerability of the user interfaces of Google Chrome and Microsoft Edge allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the user interfaces of Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information through a specially created...

10CVSS5.5AI score0.00377EPSS
Exploits1References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/10/02 12:0 a.m.5 views

The vulnerability of Microsoft Teams’ corporate platform for the iOS operating system allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Teams’ operating system on iOS is related to information representation errors in the user interface. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...

6.5CVSS5.9AI score0.16084EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/09/30 12:0 a.m.7 views

The vulnerability of Google Chrome’s user interface allows a hacker to replace the user interface with a malicious one.

The vulnerability of Google Chrome’s user interface is related to errors in the way information is presented on the user interface. Exploiting this vulnerability can allow a malicious actor to replace the user interface with a specially created HTML page...

5CVSS5.5AI score0.00265EPSS
Exploits1References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/04/26 12:0 a.m.6 views

The vulnerability of the user interface of SolarWinds Platform’s network monitoring and IT infrastructure management software allows a hacker to execute arbitrary code.

The vulnerability of the user interface of SolarWinds software for network monitoring and IT infrastructure management is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

7.5CVSS6.1AI score0.0059EPSS
Exploits0References3
Rows per page
Query Builder