8015 matches found
PT-2025-6125 · Sap · Sap Fiori +1
Name of the Vulnerable Software and Affected Versions: SAP ERP affected versions not specified Description: The issue concerns the SAP OData endpoint in SAP Fiori for SAP ERP, where cached values could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter...
PT-2025-6303 · Microsoft · Outlook
Name of the Vulnerable Software and Affected Versions: Microsoft Outlook affected versions not specified Description: The issue concerns a spoofing vulnerability in Microsoft Outlook. It is related to errors in the representation of information by the user interface. Exploitation of this issue ma...
KLA80106 Multiple vulnerabilities in Microsoft Apps
Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft PC Manager can be exploited remotely to gain...
CVE-2025-24980
pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an error message discloses existing accounts and leads to user enumeration on the target via "Forgot password" function. No generic error message has been implemented. This issue has been addressed in version...
CVE-2025-23413
When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2024-3976
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.0 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2. It was possible to disclose via the UI the confidential issues title and description from a public project to...
Vulnerability of operating systems macOS, iOS, iPadOS, and the Safari browser, related to information representation errors in the user interface, allowing attackers to perform spear-phishing attacks
The vulnerabilities of operating systems such as macOS, iOS, iPadOS, and the Safari browser are related to information representation errors in the user interface. Exploiting these vulnerabilities can allow attackers to perform spear-phishing attacks remotely...
CVE-2024-57957
Vulnerability of improper log information control in the UI framework module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2024-49793
IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
KLA79599 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Edge...
Apache ShardingSphere ElasticJob-UI 安全漏洞
Apache ShardingSphere ElasticJob-UI is an administrator console for ElasticJob from the Apache USA Foundation. A security vulnerability exists in Apache ShardingSphere ElasticJob-UI version 3.0.1 and earlier. An attacker can exploit the vulnerability to execute arbitrary code...
PT-2025-5815 · Unknown · Ui Framework
Name of the Vulnerable Software and Affected Versions: UI Framework affected versions not specified Description: The issue concerns a vulnerability of improper log information control in the UI framework module. Successful exploitation of this vulnerability may affect service confidentiality...
PT-2025-5886 · Microsoft · Edge
Name of the Vulnerable Software and Affected Versions: Microsoft Edge for iOS and Android affected versions not specified Description: The issue is related to a spoofing vulnerability in Microsoft Edge, where errors in presenting information to the user interface can be exploited. This can allow ...
CVE-2024-56472
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2025-23413
When users log in through the webUI or API using local authentication, BIG-IP Next Central Manager may log sensitive information in the pgaudit log files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2020-2935
Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 - 8.0.8. Easily exploitable vulnerability allows low privileged attacker with network...
CVE-2020-2854
Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Advanced...
CVE-2020-2939
Vulnerability in the Oracle Financial Services Asset Liability Management product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 and 8.0.7. Easily exploitable vulnerability allows low privileged attacker with network access via...
CVE-2020-2940
Vulnerability in the Oracle Financial Services Profitability Management product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 and 8.0.7. Easily exploitable vulnerability allows low privileged attacker with network access via HT...
CVE-2020-2937
Vulnerability in the Oracle Insurance Accounting Analyzer product of Oracle Financial Services Applications component: User Interface. Supported versions that are affected are 8.0.6 - 8.0.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...