88 matches found
The vulnerability of Google Chrome’s user interface allows a perpetrator to replace the user interface.
The vulnerability of Google Chrome’s user interface is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...
CVE-2024-1180 TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability
TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605. Authentication is required to exploit this vulnerability. The specific issue...
The vulnerability of the user interface of the Plesk Obsidian hosting platform allows a hacker to redirect users to arbitrary websites.
The vulnerability of the Plesk Obsidian web hosting platform’s user interface involves redirecting URLs to an unreliable website. Exploiting this vulnerability allows a malicious actor to redirect users to arbitrary websites by sending a specially crafted “Host” header in HTTP requests...
The vulnerability of the user interface of ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Endpoint Antivirus, ESET Endpoint Security, ESET Server Security for Microsoft Windows Server, ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, and ESET Security for Microsoft SharePoint Server allows attackers to increase their privileges.
The vulnerability of the user interface of ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium, ESET Endpoint Antivirus, ESET Endpoint Security, ESET Server Security for Microsoft Windows Server, ESET File Security for Microsoft Windows Server, ESET Mail Security for Microso...
The vulnerability of the Google Chrome browser’s WebUI user interface allows a hacker to execute arbitrary code.
The vulnerability of the WebUI user interface of Google Chrome is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created HTML page...
CVE-2022-32517
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause an adversary to trick the interface user/admin into interacting with the application in an unintended way when the product does not implement restrictions on the ability to render within frames ...
Huawei Emui 注入漏洞
Huawei Emui is a mobile operating system developed on Android.Magic Ui is a mobile operating system developed on Android.An injection attack vulnerability exists in Huawei Emui and Magic UI. An attacker can exploit this vulnerability to affect service availability...
IBM Application Performance Management Security Vulnerability
IBM Application Performance Management APM is a suite of IT service management software from IBM in the United States. The software is primarily used to monitor and manage cloud, on-premise and hybrid applications, and IT infrastructure. A security vulnerability exists in the IBM Application...
PT-2021-1920 · Cisco · Cisco Webex Meetings Server +1
Name of the Vulnerable Software and Affected Versions: Cisco Webex Meetings and Cisco Webex Meetings Server Software affected versions not specified Description: A vulnerability in the user interface could allow an authenticated, remote attacker to inject a hyperlink into a meeting invitation ema...
The vulnerability in the implementation of the WebUSB protocol in Google Chrome web browsers allows attackers to perform spoofing attacks.
The vulnerability of the WebUSB protocol implementation in Google Chrome’s web browser is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...
The vulnerability of Google Chrome’s user interface allows a perpetrator to compromise data integrity.
The vulnerability of Google Chrome’s user interface is related to the lack of a mechanism for checking entered data. Exploiting this vulnerability allows an attacker to affect the integrity of data through a specially created domain name...
The vulnerability of the User Interface sub-component of the Oracle Insurance Accounting Analyzer component in the bank analytics system’s simulation model, Oracle Financial Services Applications, allows a perpetrator to create, delete, or modify access rights to protected information, or gain read-only access to data.
The vulnerability of the User Interface component of the Oracle Insurance Accounting Analyzer component in the bank analytics system’s simulation model application relates to the lack of protection for operational data. Exploiting this vulnerability allows an attacker to create, delete, or modify...
The vulnerability of the User Interface sub-component of the Oracle Financial Services Balance Sheet Planning component in the bank analytics system’s simulation model allows a perpetrator to create, delete, or modify access rights to protected information, or gain read-only access to data.
The vulnerability of the User Interface sub-component of the Oracle Financial Services Balance Sheet Planning banking analytics system’s simulation model relates to the lack of protection for operational data. Exploiting this vulnerability allows an attacker to create, delete, or modify access...
The vulnerability of the User Interface sub-component of the Oracle Financial Services Profitability Management banking analytics system’s simulation model allows attackers to create, delete, or modify access rights to protected information, or gain read-only access to data.
The vulnerability of the User Interface sub-component of the Oracle Financial Services Profitability Management banking analytics system’s simulation model application relates to the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor to create, delete,...
The vulnerability of the SAP UI5 software-based HTTP handler allows attackers to compromise the integrity of protected information.
The vulnerability of the SAP UI5 software application’s HTTP handler is related to the ability to bypass authentication through spoofing. Exploiting this vulnerability allows a malicious actor to influence the integrity of the protected information...
CVE-2019-1719
A vulnerability in the web-based guest portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied...
CVE-2018-0458
CVE-2018-0458 affects Cisco Prime Collaboration Assurance (PCA) web-based management interface. The vulnerability stems from insufficient validation of user-supplied input, enabling unauthenticated, remote attackers to conduct a cross-site scripting (XSS) attack by tricking a user into clicking a...
Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2018-24104)
Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on a variety of management software collection, is a seamless integration of a management suite. An...
Oracle E-Business Suite Oracle Marketing is vulnerable (CNVD-2018-03936)
Oracle E-Business Suite E-Business Suite is Oracle's fully integrated suite of global business management software, of which Oracle Marketing is a component for managing marketing-related information and processes. A security vulnerability exists in the User Interface subcomponent of the Oracle...
Vulnerability in Oracle E-Business Suite Oracle Marketing
Oracle E-Business Suite E-Business Suite is Oracle's fully integrated suite of global business management software, of which Oracle Marketing is a component for managing marketing-related information and processes. A security vulnerability exists in the User Interface subcomponent of the Oracle...