8009 matches found
CVE-2025-49736
The ui performs the wrong action in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-49755
User interface ui misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-49755
User interface ui misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-49755
Microsoft Edge for Android is affected by CVE-2025-49755, a UI misrepresentation spoofing vulnerability in which an attacker could exploit network access to deceive users. The associated data identifies the affected product as Edge (Chromium-based) on Android and cites a CVSSv3.1 base score of 4....
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
User interface ui misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network...
KLA86584 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service. Below is a complete list of vulnerabilitie...
KLA86589 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A denial of service...
KLA86582 Multiple vulnerabilities in Microsoft Dynamics
Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability Microsoft Dynamics 365 on-premises can be...
KLA86592 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to spoof user interface. Original advisories CVE-2025-49755 CVE-2025-49736 Related products Microsoft-Edge CVE list CVE-2025-49755 warning CVE-2025-49736 warning Solution Install necessary...
PT-2025-32887
Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server Liberty versions 17.0.0.3 through 25.0.0.8 Description: IBM WebSphere Application Server Liberty is susceptible to stored cross-site scripting. A privileged user can embed arbitrary JavaScript code into the We...
PT-2025-32766 · Microsoft · Edge For Android
Name of the Vulnerable Software and Affected Versions: Microsoft Edge for Android affected versions not specified Description: The user interface performs an incorrect action, potentially allowing an unauthorized attacker to perform spoofing over a network. Recommendations: At the moment, there i...
KLA86583 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Azure File Sync ca...
PT-2025-32962 · Google +1 · Google Chrome +1
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 139.0.7258.127 Description: A use-after-free issue existed in Aura within Google Chrome. This allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page by convincing a user to...
CVE-2025-54992
CVE-2025-54992 affects OpenKilda (OpenFlow controller). Multiple connected sources describe an XML external entity (XXE) injection vulnerability, specifically in the SAML/XML handling, that could allow unauthenticated attackers to exfiltrate information from the OpenKilda UI instance, leading to ...
DEBIAN-CVE-2025-8577
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2025-8580
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-8580
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
The vulnerability of the Permissions control element in the Google Chrome browser allows a hacker to replace the user interface.
The vulnerability of the Permissions control element in Google Chrome is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a remote attacker to replace the user interface...
The vulnerability of the chrome.fileSystem interface in the Google Chrome browser allows a perpetrator to replace the user interface.
The vulnerability of the chrome.fileSystem interface in the Google Chrome browser is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a remote attacker to replace the user’s interface...
SUSE CVE-2025-43228
The issue was addressed with improved UI. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6. Visiting a malicious website may lead to address bar spoofing...