Qualys WAS Unveils New Features in an Upgraded User Interface

Qualys Web Application Scanning WAS has been at the forefront of web application and API security innovation, and today, were excited to announce a significant leap - the launch of our New User Interface UI. From improved performance and reliability to cutting-edge technology adoption and enhance...

DEBIAN-CVE-2024-0814

Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2024-0806

Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. Chromium security severity: Medium...

The vulnerability of the HTML UI component of the Oracle Installed Base information storage center in the Oracle E-Business Suite allows a perpetrator to gain access to read, modify, add, or delete data.

The vulnerability of the HTML UI component of the Oracle Installed Base information storage center in the Oracle E-Business Suite relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to read, modify, add, or delete data using the HTT...

The vulnerability of the Nginx UI server’s user interface allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Nginx UI server’s user interface relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

CVE-2024-0814

Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. Chromium security severity: Medium...

KLA63223 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information, execute arbitrary code, gain privileges, spoof user interface. Below is a complete list of...

KLA63224 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information, execute arbitrary code, gain privileges, spoof user interface. Below is a complete list of...

Huawei HarmonyOS and EMUI device authentication module out-of-bounds access vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. An out-of-bounds access vulnerability exists in the...

Huawei HarmonyOS and EMUI Parameter Unchecked Vulnerability (CNVD-2025-29305)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI suffer from a parameter uncheck...

KLA63225 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, obtain sensitive information, execute arbitrary code, gain privileges, spoof user interface. Below is a complete list of...

Huawei HarmonyOS and EMUI Parameter Unchecked Vulnerability

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scene distributed operating system based on a microkernel.Huawei EMUI is an emotional operating system developed by Huawei based on Android Android. Huawei HarmonyOS and EMUI suffer from a parameter uncheck...

The vulnerability of the Safari browser on the macOS operating system allows a hacker to replace the user interface.

The vulnerability of the Safari browser on the macOS operating system is related to information representation errors in the user interface. Exploiting this vulnerability allows a remote attacker to replace the user interface...

PT-2024-5221 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 121.0.6167.85 Description: The issue is related to insufficient data validation in DevTools, allowing a remote attacker to execute arbitrary code via a crafted HTML page if a user is convinced to engage in...

Important: webkitgtk4

Issue Overview: Impact: Visiting a website that frames malicious content may lead to UI spoofing. Description: The issue was addressed with improved UI handling. CVE-2022-32919 A website may be able to track the websites a user visited in Safari private browsing mode. CVE-2022-32933 A spoofing...

The vulnerability of the Advanced UI component of the Oracle WebCenter Sites application allows a malicious actor to gain access to read, modify, or delete data.

The vulnerability of the Advanced UI component in Oracle WebCenter Sites applications relates to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to gain access to read, modify, or delete data...

The vulnerability of the user interface of Juniper Networks Junos OS routers in the MX and EX9200 series allows a attacker to influence the integrity of protected information.

The vulnerability of the user interface of Juniper Networks Junos OS routers in the MX and EX9200 series is related to an improperly implemented payload-protocol function. Exploiting this vulnerability allows a remote attacker to influence the integrity of the protected information...

The vulnerability of Bluetooth drivers for Windows operating systems, which allows attackers to carry out spoofing attacks

The vulnerability of Bluetooth driver in Windows operating systems is related to information representation errors in the user interface. Exploiting this vulnerability allows a remote attacker to perform spoofing attacks...

The vulnerability of software for downloading pyload files is related to improper restrictions on the number of displayed layers or frames in the user interface. This allows a perpetrator to carry out a clickjacking attack.

The vulnerability of the software for downloading pyload files is related to improper restrictions on the number of layers or frames that can be displayed in the user interface. Exploiting this vulnerability allows a remote attacker to carry out a clickjacking attack...

CVE-2024-20251

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability exists because the web-based...