The vulnerability of the Downloads component of the Google Chrome browser, which allows a hacker to perform a spoofing attack

The vulnerability of the Downloads component of the Google Chrome browser is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

SUSE CVE-2024-4950

Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge relates to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...

OPENSUSE-SU-2024:0128-1 Security update for opera

This update for opera fixes the following issues: - Update to 110.0.5130.23 CHR-9706 Update Chromium on desktop-stable-124-5130 to 124.0.6367.62 DNA-116450 Promote 110 to stable - Complete Opera 110 changelog at: https://blogs.opera.com/desktop/changelog-for-110/ - The update to chromium...

LoLLMs Command Injection Vulnerability

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A command injection vulnerability exists in LoLLMs that stems from a remote code execution vulnerability in the reinstallbinding function in...

LoLLMs Security Vulnerabilities

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A security vulnerability exists in LoLLMs that stems from insufficient cleanup of user-supplied input in configuration settings, allowing an attacker to execute arbitrary code...

PT-2024-25806 · Parisneo · Lollms-Webui

Name of the Vulnerable Software and Affected Versions: parisneo/lollms-webui versions prior to 9.5 Description: A path traversal issue exists in the "save settings" endpoint due to insufficient sanitization of the config parameter in the apply settings function. This allows an attacker to...

DEBIAN-CVE-2024-4950

Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

PT-2024-40106 · Drupal · Drupal

Name of the Vulnerable Software and Affected Versions: Drupal versions prior to 8.7.11 Drupal versions 8.8.x prior to 8.8.1 Description: The Media Library module has a security issue where it does not sufficiently restrict access to media items in certain configurations. Recommendations: If you a...

PT-2024-40496 · Ez Systems +1 · Ez Platform +4

Name of the Vulnerable Software and Affected Versions: eZ Platform versions prior to 1.13.x with ezsystems/PlatformUIAssetsBundle version 4.2.3 eZ Platform version 2.5.13 with ezsystems/ezplatform-admin-ui-assets version 4.2.1 eZ Platform version 3.0. with ezsystems/ezplatform-admin-ui-assets...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in Google Chrome prior to version 125.0.6422.60, which originates from a remote attacker being able to perform UI spoofing via a crafted HTML page...

CVE-2024-0098

NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user can cause a clear-text transmission of sensitive information issue by data sniffing. A successful exploit of this vulnerability might lead to information disclosure...

CVE-2024-0096

NVIDIA ChatRTX for Windows contains a vulnerability in Chat RTX UI, where a user can cause an improper privilege management issue by sending user inputs to change execution flow. A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data...

[SECURITY] Fedora 39 Update: gnome-shell-45.6-2.fc39

GNOME Shell provides core user interface functions for the GNOME 3 desktop, like switching to windows and launching applications. GNOME Shell takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts to provide a visually attractive and easy...

KLA67404 Multiple vulnerabilities in Microsoft Apps

Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to spoof user interface. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Bing Search can be exploited remotely to spoof user interface. 2. A tampering...

KLA67396 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface. Original advisories CVE-2024-30048 CVE-2024-30047 Related products Microsoft-Dynamics-365 CVE list CVE-2024-30048 warning CVE-2024-30047 warning Solution Install...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A denial of service vulnerability exists in the Huawei...

PT-2024-25052 · Sap · Sapui5

Name of the Vulnerable Software and Affected Versions: SAPUI5 affected versions not specified Description: The issue concerns the execution of embedded JavaScript in PDF documents by the PDFViewer control in SAPUI5. If a PDF contains harmful client-side scripts, including JavaScript, the PDFViewe...

[SECURITY] Fedora 40 Update: gnome-shell-46.1-2.fc40

GNOME Shell provides core user interface functions for the GNOME 3 desktop, like switching to windows and launching applications. GNOME Shell takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts to provide a visually attractive and easy...

[SECURITY] Fedora 40 Update: php-oojs-oojs-ui-0.48.1-1.fc40

OOjs UI Object-Oriented JavaScript =EF=BF=BD=EF=BF=BD=EF=BF=BD User Interfac e is a library that allows developers to rapidly create front-end web applications that operate consistently across a multitude of browsers...