8015 matches found
vulnerability scanner
This is a Java-based web vulnerability scanner. The tool is classified as an offensive tool for web vulnerability scanning. The primary vulnerability being targeted is not explicitly stated, but based on the code and metadata, it appears to be a web application scanner that can perform SQL...
CVE-2024-54503
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.2 and iPadOS 18.2. Muting a call while ringing may not result in mute being enabled...
CVE-2024-54503
The CVE-2024-54503 entry describes an inconsistent user interface issue related to muting a call during ringing, caused by flawed state management. Apple fixed this in iOS 18.2 and iPadOS 18.2 by improving state management. In the linked documents, there are no explicit exploitation details or at...
CVE-2024-54503
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.2 and iPadOS 18.2. Muting a call while ringing may not result in mute being enabled...
Teaching an Old Framework New Tricks: The Dangers of Windows UI Automation
...
The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...
About the security content of iOS18.2 and iPadOS18.2
About the security content of iOS18.2 and iPadOS18.2 This document describes the security content of iOS 18.2 and iPadOS 18.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
PT-2024-32413 · Ibm · Ibm Carbon Design System
Name of the Vulnerable Software and Affected Versions: IBM Carbon Design System Carbon Charts versions 0.4.0 through 1.13.16 Description: The issue allows an authenticated user to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to...
PT-2024-17563 · Sourcecodester · Sourcecodester Phone Contact Manager System
Name of the Vulnerable Software and Affected Versions: SourceCodester Phone Contact Manager System version 1.0 Description: The issue is related to a buffer overflow in memory. It is possible to launch the attack on the local host. The manipulation of the UserInterface::MenuDisplayStart function ...
IBM QRadar SIEM 跨站脚本漏洞
IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...
The vulnerability of the Mozilla Firefox browser on iOS operating systems relates to an improper limitation on the displayed layers of the user interface. This allows attackers to perform spoofing attacks.
The vulnerability of the Mozilla Firefox browser on iOS operating systems is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...
CVE-2024-52271
User Interface UI Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed e.g. via Google Chrome - Examine the print preview: Will render the vulnerability only, not all...
CVE-2024-52271 PDF Document Spoofing in Documenso
User Interface UI Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed e.g. via Google Chrome - Examine the print preview: Will render the vulnerability only, not all...
CVE-2024-52270 PDF Document Spoofing in DropBox Sign(HelloSign)
User Interface UI Misrepresentation of Critical Information vulnerability in DropBox SignHelloSign allows Content Spoofing. Displayed version does not show the layer flattened version, once download, If printed e.g. via Google Chrome - Examine the print preview: Will render the vulnerability only...
KLA77759 SUI vulnerability in Microsoft Browser
A spoofing vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2024-49041 Related products Microsoft-Edge CVE list CVE-2024-49041 warning Solution Install necessary updates from the Settings and more menu,...
VulnCheck KEV: CVE-2024-52276
User Interface UI Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing. 1. Displayed version does not show the layer flattened version, which is provided when the "Print" option is used. 2. Displayed version does not show the layer flattened version, which...
PT-2024-35141 · Dropbox · Dropbox Sign
Name of the Vulnerable Software and Affected Versions: DropBox SignHelloSign versions through 2024-12-04 Description: The issue is related to a User Interface UI Misrepresentation of Critical Information vulnerability, allowing Content Spoofing. The displayed version does not show the layer...
DropBox Sign 安全漏洞
DropBox Sign DropBox HelloSign is a DropBox company that sends, receives and manages legally binding electronic signatures. A security vulnerability exists in DropBox Sign versions 2024-12-04 and earlier that stems from a misrepresentation of a user interface critical information vulnerability th...
VulnCheck KEV: CVE-2024-52270
User Interface UI Misrepresentation of Critical Information vulnerability in DropBox SignHelloSign allows Content Spoofing. Displayed version does not show the layer flattened version, once download, If printed e.g. via Google Chrome - Examine the print preview: Will render the...
VulnCheck KEV: CVE-2024-52269
User Interface UI Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing. The SaaS AI assistant ignores hidden content that is rendered after signing, misleading the user. For reference see: CVE-2024-52276 This issue affects DocuSign: through 2024-12-04...