KLA79484 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code, obtain sensitive information, cause denial of service, perform cross-site scripting attack. Below is a...

PT-2025-5685 · Ibm · Ibm Cloud Pak For Business Automation

Name of the Vulnerable Software and Affected Versions: IBM Cloud Pak for Business Automation versions 18.0.0 through 22.0.2 Description: This issue allows an authenticated user to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to...

MAL-2025-880 Malicious code in ui-forms-embed-components-library (npm)

--- -= Per source details. Do not edit below this line.=-...

SUSE-SU-2025:20090-1 Security update for cups

This update for cups fixes the following issues: - Version upgrade to 2.4.11: See https://github.com/openprinting/cups/releases CUPS 2.4.11 brings several bug fixes regarding IPP response validation, processing PPD values, Web UI support checkbox support, modifying printers and others fixes...

Security update for qemu

This update for qemu fixes the following issues: Update to version 8.2.5: target/loongarch: fix a wrong print in cpu dump ui/sdl2: Allow host to power down screen target/i386: fix SSE and SSE2 feature check target/i386: fix xsave.flat from kvm-unit-tests disas/riscv: Decode all of the pmpcfg and...

CVE-2024-49807

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadin...

CVE-2024-40696

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

IBM Financial Transaction Manager 跨站脚本漏洞

IBM Financial Transaction Manager is a financial transaction manager from International Business Machines IBM. The product is primarily used to monitor, track and report on financial payments and transactions. IBM Financial Transaction Manager suffers from a cross-site scripting vulnerability tha...

IBM Sterling B2B Integrator 跨站脚本漏洞

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. A cross-site scripting...

PT-2025-2828 · Ibm · Ibm Financial Transaction Manager For Swift Services

Name of the Vulnerable Software and Affected Versions: IBM Financial Transaction Manager for SWIFT Services for Multiplatforms versions 3.2.4.0 through 3.2.4.1 Description: The issue allows authenticated users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended...

PT-2025-2829 · Ibm · Ibm Financial Transaction Manager For Swift Services

Name of the Vulnerable Software and Affected Versions: IBM Financial Transaction Manager for SWIFT Services for Multiplatforms versions 3.2.4.0 through 3.2.4.1 Description: The issue allows authenticated users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended...

PT-2025-2862 · Ibm · Ibm Sterling B2B Integrator

Name of the Vulnerable Software and Affected Versions: IBM Sterling B2B Integrator versions 6.0.0.0 through 6.1.2.5 IBM Sterling B2B Integrator versions 6.2.0.0 through 6.2.0.3 Description: The issue allows authenticated users to embed arbitrary JavaScript code in the Web UI, potentially altering...

IBM Sterling B2B Integrator 跨站脚本漏洞

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. IBM Sterling B2B Integrator suffe...

PT-2025-2594 · Ibm · Ibm Sterling B2B Integrator

Name of the Vulnerable Software and Affected Versions: IBM Sterling B2B Integrator versions 6.0.0.0 through 6.1.2.5 IBM Sterling B2B Integrator versions 6.2.0.0 through 6.2.0.3 Description: The issue allows a privileged user to embed arbitrary JavaScript code in the Web UI, altering the intended...

The vulnerability of Microsoft Edge browser (based on Chromium) relates to information representation errors in the user interface, allowing attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge based on Chromium is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...

CVE-2025-24113

The issue was addressed with improved UI. This issue is fixed in Safari 18.3, Safari 18.4, iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sequoia 15.4, visionOS 2.3, visionOS 2.4, watchOS 11.4. Visiting a malicious website may lead to user interface...

CVE-2025-24113

The issue was addressed with improved UI. This issue is fixed in Safari 18.3, Safari 18.4, iOS 18.3 and iPadOS 18.3, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.3, macOS Sequoia 15.4, visionOS 2.3, visionOS 2.4, watchOS 11.4. Visiting a malicious website may lead to user interface...

CVE-2025-24113

CVE-2025-24113: A UI spoofing vulnerability in Safari/WebKit is fixed in Safari 18.4 and related OS updates (macOS Ventura/ Sonoma, iOS/iPadOS 18.3–18.4, visionOS, watchOS). Exploitation status is not detailed in the provided documents.

CVE-2025-24113

The issue was addressed with improved UI. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3, visionOS 2.3. Visiting a malicious website may lead to user interface spoofing...

DEBIAN-CVE-2024-45598

Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the Poller Standard Error Log Path parameter in either Installation Step 5 or in Configuration-Settings-Paths tab to a local file inside the server. Then simply going to Logs tab and...