Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in versions prior to Google Chrome 130.0.6723.58, which can be exploited by remote attackers to perform UI spoofing via a crafted HTML page...

KLA74034 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Inappropriate implementation vulnerability in Web Authenticatio...

The vulnerability of the Downloads component in Google Chrome and Microsoft Edge browsers allows a hacker to replace the user interface.

The vulnerability of the Downloads component in Google Chrome and Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker to replace the user interface with a specially created HTML page...

The vulnerability of the Autofill function in Microsoft Edge and Google Chrome browsers allows a hacker to replace the user’s interface.

The vulnerability of the Autofill function in Microsoft Edge and Google Chrome browsers is related to improper security checks for standard elements. Exploiting this vulnerability could allow a malicious actor to replace the user interface with a specially created HTML page...

The vulnerabilities of Google Chrome and Microsoft Edge involve security checks for standard elements, which allow attackers to replace the user interface.

The vulnerability of Google Chrome and Microsoft Edge is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...

Introducing the Enhanced User Interface of the Qualys Enterprise TruRisk™ Platform

Launching the Enhanced User Interface The Qualys Product Team is excited to announce upcoming enhancements to the Qualys User Interface. These User Experience UX enhancements will make your platform experience faster, smoother, and more immersive. We continuously leverage insights from channels...

Google Search user interface: A/B testing shows security concerns remain

For the past few days, Google has been A/B testing some subtle visual changes to its user interface for the search results page. You may only get the new UI for certain types of searches or based on your current geolocation. This test is not to be confused with but could part of a previously...

firefox: thunderbird: Potential directory upload bypass via clickjacking

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...

firefox: thunderbird: Potential directory upload bypass via clickjacking

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking...

GHSA-FFCV-V6PW-QHRP Denial of Service in TYPO3 Bookmark Toolbar

Problem Due to insufficient input validation, manipulated data saved in the bookmark toolbar of the backend user interface causes a general error state, blocking further access to the interface. Exploiting this vulnerability requires an administrator-level backend user account. Solution Update to...

Denial of Service in TYPO3 Bookmark Toolbar

Problem Due to insufficient input validation, manipulated data saved in the bookmark toolbar of the backend user interface causes a general error state, blocking further access to the interface. Exploiting this vulnerability requires an administrator-level backend user account. Solution Update to...

KLA73915 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of...

KLA73908 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Office c...

KLA73909 SUI vulnerabilities in Microsoft SQL Server

A spoofing user interface vulnerabilities was found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to spoof user interface. Original advisories CVE-2024-43481 CVE-2024-43612 Related products Microsoft-Power-BI CVE list CVE-2024-43481 high CVE-2024-43612 high Solution...

VulnCheck KEV: CVE-2024-7575

In Progress Telerik UI for WPF versions prior to 2024 Q3 2024.3.924, a command injection attack is possible through improper neutralization of hyperlink elements...

PT-2024-8724 · Google +1 · Google Chrome +1

Name of the Vulnerable Software and Affected Versions: Google Chrome on iOS versions prior to 131.0.6778.69 Description: The issue is related to insufficient policy enforcement in the Navigation component of Google Chrome on iOS. This allows a remote attacker to perform privilege escalation via a...

The vulnerability of Microsoft Teams’ corporate platform for the iOS operating system allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Teams’ operating system on iOS is related to information representation errors in the user interface. Exploiting this vulnerability could allow a malicious actor to perform spear-phishing attacks remotely...

PT-2024-8626 · Cisco · Cisco Nexus Dashboard

Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard affected versions not specified Description: A vulnerability in the REST API endpoints of Cisco Nexus Dashboard could allow an authenticated, low-privileged, remote attacker to perform limited Administrator actions on an...

Amazon Linux 2 : libreoffice (ALASLIBREOFFICE-2024-004)

The version of libreoffice installed on the remote host is prior to 5.3.6.1-21. It is, therefore, affected by a vulnerability as referenced in the ALAS2LIBREOFFICE-2024-004 advisory. Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts tha...

KLA73804 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, spoof user interface, perform cross-site scripting attack, execute arbitrary code. Below is a complete list of...