The vulnerability of the Google Chrome browser’s Navigation function, which allows attackers to perform spoofing attacks

The vulnerability of the Google Chrome browser’s Navigation function is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks using a specially created HTML page...

The vulnerability of Google Chrome’s Autofill function allows a hacker to replace the user interface.

The vulnerability of Google Chrome’s Autofill function is related to information representation errors in the user interface. Exploiting this vulnerability could allow an attacker to replace the user interface through a specially created HTML page...

The vulnerability of Google Chrome’s Compositing component allows attackers to replace the user interface.

The vulnerability of the Compositing component in the Google Chrome browser is related to errors in information representation by the user interface. Exploiting this vulnerability could allow an attacker to replace the user interface with a specially created HTML page...

ROS-20240927-02

A vulnerability in the Google Chrome browser is related to the execution of certain user interface gestures Exploitation of the vulnerability could allow an attacker acting remotely to perform a spoofed the user interface using a specially crafted HTML page A vulnerability in Google Chrome browse...

CVE-2024-47045

Privilege chaining issue exists in the installer of e-Tax softwarecommon program. If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege...

LayUI 安全漏洞

Layui is a set of Web UI component libraries that follow the original development model of Layui open source. A security vulnerability exists in LayUI prior to version 2.9.17, which stems from pages containing uncleaned tags...

Versa Director Authenticated Remote Code Execution (CVE-2024-39717)

The version of Versa Director installed on the remote host is affected by an authenticated remote code execution vulnerability: - The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with...

CVE-2024-20414

A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration...

CVE-2024-40866

A flaw was found in WebKit. This flaw allows a remote attacker to conduct spoofing attacks by exploiting an inconsistent user interface issue. The attacker could perform address bar spoofing by tricking a victim into visiting a specially crafted website. Mitigation Mitigation for this issue is...

Telerik UI 命令注入漏洞

Telerik UI is a suite of UI User Interface controls for application development from Telerik Bulgaria. A command injection vulnerability exists in Telerik UI 2024 Q3 2024.3.806 and earlier versions, which stems from a command injection attack that can be performed via improper neutralization of...

Telerik UI 命令注入漏洞

Telerik UI is a suite of UI User Interface controls for application development from Telerik Bulgaria. A command injection vulnerability exists in Telerik UI versions prior to 2024 Q3 2024.3.821, which originates from a command injection attack that can be initiated by disrupting the middle and...

DEBIAN-CVE-2024-7019

Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit lies in the improper limitation of the visible layers of the user interface. This allows attackers to access confidential data and compromise its integrity.

The vulnerability of the WebPage Rendering Modules in WebKitGTK and WPE WebKit is related to an incorrect limitation on the layers of the user interface that can be rendered. Exploiting this vulnerability allows a remote attacker to gain access to confidential data and compromise its integrity...

The vulnerability of the Permissions control element in Google Chrome and Microsoft Edge allows a hacker to replace the user interface.

The vulnerability of the Permissions control element in Google Chrome and Microsoft Edge is related to improperly implemented security checks for standard elements. Exploiting this vulnerability could allow a malicious actor to replace the user interface with a specially created HTML page...

The vulnerability of the Extensions component in Google Chrome and Microsoft Edge browsers allows a hacker to replace the user interface.

The vulnerability of the Extensions component in Google Chrome and Microsoft Edge is related to improper security checks for standard elements. Exploiting this vulnerability could allow a malicious actor to replace the user interface with a specially created HTML page...

[SECURITY] Fedora 40 Update: jupyterlab-4.2.5-1.fc40

JupyterLab is the next-generation user interface for Project Jupyter offering all the familiar building blocks of the classic Jupyter Notebook notebook, terminal, text editor, file browser, rich outputs, etc. in a flexible and powerful user interface...

[SECURITY] Fedora 41 Update: jupyterlab-4.2.5-1.fc41

JupyterLab is the next-generation user interface for Project Jupyter offering all the familiar building blocks of the classic Jupyter Notebook notebook, terminal, text editor, file browser, rich outputs, etc. in a flexible and powerful user interface...

PT-2024-41119 · Undefined · Undefined

Уязвимость механизма обработки .LNK-файлов пользовательского интерфейса операционных систем Windows связана с ошибками представления информации пользовательским интерфейсом. Эксплуатация уязвимости может позволить нарушителю скрытно выполнить произвольные команды операционной системы путем отправ...

SUSE CVE-2024-8906

Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-25768

The logic in place to facilitate the update process via the user interface lacks access control to verify if permission exists to perform the tasks. Prior to this patch being applied it might be possible for an attacker to access the Mautic version number or to execute parts of the upgrade proces...