gnome-shell, gnome-menus, and gnome-shell-extensions bug fix update

An update is available for gnome-menus. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNOME Shell acts as a compositing manager for the desktop, and displays...

PT-2024-22571 · Ibm · Ibm Urbancode Deploy

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.20 IBM UrbanCode Deploy versions 7.1 through 7.1.2.16 IBM UrbanCode Deploy versions 7.2 through 7.2.3.9 IBM UrbanCode Deploy versions 7.3 through 7.3.2.4 IBM UrbanCode Deploy versions 8.0 throug...

Debian dsa-5684 : gir1.2-javascriptcoregtk-4.0 - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5684 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5684-1 [email protected]...

The vulnerability of the user interface of the LoadMaster platform for deploying and managing applications allows a perpetrator to execute arbitrary commands.

The vulnerability of the user interface of the LoadMaster platform for application deployment and management exists due to the lack of measures taken to neutralize special elements used in the operating system command line. Exploiting this vulnerability allows a remote attacker to execute arbitra...

Samsung One UI 安全漏洞

SAMSUNG One UI Home is the official Samsung launcher for one Galaxy from the South Korean company Samsung SAMSUNG. It is used to open apps and adjust components of the home screen, such as widgets and themes. A security vulnerability previously existed in Samsung One UI version 5.1.1, which stemm...

PT-2024-3928 · Google +6 · Google Chrome +6

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 125.0.6422.141 Microsoft Edge affected versions not specified Description: The issue is related to an out of bounds memory access in the Browser UI, specifically in the Keyboard Inputs component, which could...

CVE-2023-32145

D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...

The vulnerability of the Admin Screens and Grants UI components in the Oracle Workflow system, a task management system for enterprise automation in Oracle E-Business Suite, allows a perpetrator to execute arbitrary code.

The vulnerability of the Admin Screens and Grants UI components in the Oracle Workflow system, a component of the Oracle E-Business Suite for enterprise automation, is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to...

IBM WebSphere Automation 跨站脚本漏洞

IBM WebSphere Automation is an operations platform from International Business Machines IBM that automates operational activities to proactively reduce security risks and accelerate threat remediation. A cross-site scripting vulnerability exists in IBM WebSphere Automation version 1.7.0, which ca...

The vulnerability of the user interface of SolarWinds Platform’s network monitoring and IT infrastructure management software allows a hacker to execute arbitrary code.

The vulnerability of the user interface of SolarWinds software for network monitoring and IT infrastructure management is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Networks components in Microsoft Edge and Google Chrome browsers allows attackers to access confidential information.

The vulnerability of Microsoft Edge and Google Chrome browsers’ Networks component is related to improper limitation of the number of user interface layers or frames displayed. Exploiting this vulnerability can allow an attacker, operating remotely, to access confidential information...

CVE-2022-36028

Greenlight is an end-user interface for BigBlueButton servers. Versions prior to 2.13.0 have an open redirect vulnerability in the Login page due to unchecked the value of the returnto cookie. Versions 2.13.0 contains a patch for the issue...

CVE-2022-36029 BigBlueButton Greenlight Open Redirect vulnerability

Greenlight is an end-user interface for BigBlueButton servers. Versions prior to 2.13.0 have an open redirect vulnerability in the Login page due to unchecked the value of the returnto cookie. Versions 2.13.0 contains a patch for the issue...

CVE-2022-36029

CVE-2022-36029 affects Greenlight (end-user UI for BigBlueButton). The issue is an open redirect on the Login page caused by the unchecked value of the return_to cookie in versions prior to 2.13.0. A patch was released in 2.13.0 to fix this. The connected sources confirm the vulnerable component ...

PT-2024-28350 · Welotec · Smart Ems +2

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: An unauthenticated remote attacker can deceive users into performing unintended actions due to improper restriction of rendered UI layers or frames. Recommendations: At the moment, there i...

PT-2024-3189 · Ibm · Ibm Cloud Pak For Security +1

Name of the Vulnerable Software and Affected Versions: IBM QRadar Suite Software versions 1.10.12.0 through 1.10.19.0 IBM Cloud Pak for Security versions 1.10.0.0 through 1.10.11.0 Description: The issue is related to stored cross-site scripting, allowing users to embed arbitrary JavaScript code ...

The vulnerability of the software’s user interface for running large language models (LLMs) like GPT NVIDIA ChatRTX for Windows allows a hacker to execute arbitrary code, cause service failures, or disclose sensitive information.

The vulnerability of the user interface of the software for running large language models LLM GPT NVIDIA ChatRTX for Windows exists due to the lack of measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code, cause service...

Microsoft Edge’s vulnerability, related to improper limitation of the number of user interface layers or frames displayed, allows attackers to perform spoofing attacks.

The vulnerability of Microsoft Edge relates to improper limitation of the layers or frames that are displayed on the user interface. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks remotely...

CVE-2024-29003

The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction...

CVE-2024-29001

A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This vulnerability requires authentication and user interaction to be exploited...