CVE-2025-2694

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.71 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.71 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-2694

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.71 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.71 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI...

CVE-2024-43184

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

CVE-2024-43184

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

CVE-2024-43184

IBM Jazz Foundation (part of IBM Engineering Lifecycle Management) is affected by CVE-2024-43184. Affected versions are 7.0.2 with iFix033, 7.0.3 with iFix012, and 7.1.0 with iFix002. The vulnerability is a cross-site scripting flaw that allows an unauthenticated attacker to embed arbitrary JavaS...

CVE-2024-43184 IBM Jazz Foundation cross-site scripting

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

CVE-2024-43184 IBM Jazz Foundation cross-site scripting

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

PT-2025-35944

Name of the Vulnerable Software and Affected Versions IBM Jazz Foundation versions 7.0.2 through 7.0.2 iFix033 IBM Jazz Foundation versions 7.0.3 through 7.0.3 iFix012 IBM Jazz Foundation versions 7.1.0 through 7.1.0 iFix002 Description The software is susceptible to cross-site scripting XSS. Thi...

CVE-2025-9867

Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2025-9865

Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-9865

Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-9867

CVE-2025-9867 : The connected documents confirm a vulnerability in Google Chrome on Android before version 140.0.7339.80, described as an inappropriate implementation in Downloads that allowed a remote attacker to perform UI spoofing via a crafted HTML page. The impact is UI spoofing with a mediu...

CVE-2025-0656

IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2024-13066 iFrame Injection in Akinsoft's LimonDesk

Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows iFrame Overlay, CAPEC - 103 - Clickjacking. This issue affects LimonDesk: from s1.02.14 before v1.02.17...

CVE-2025-21029

Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display...

CVE-2025-21029

Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display...

CVE-2025-21029

Improper handling of insufficient permission in System UI prior to SMR Sep-2025 Release 1 allows local attackers to send arbitrary replies to messages from the cover display...

PT-2025-35686

Name of the Vulnerable Software and Affected Versions: One UI Home versions prior to SMR Sep-2025 Release 1 Description: Improper access control in One UI Home allows physical attackers to bypass Kiosk mode under limited conditions. Recommendations: Update One UI Home to SMR Sep-2025 Release 1 or...

PT-2025-44682

Name of the Vulnerable Software and Affected Versions Chromium affected versions not specified Description An issue exists within Chromium that could allow attackers to impact the system. The problem involves an incorrect security user interface element within the Omnibox. Recommendations At the...

PT-2025-35798

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 140.0.7339.80 Description: An inappropriate implementation in the Toolbar component of Google Chrome on Android allowed a remote attacker to perform domain spoofing. The attack required convincing a user to...