CVE-2024-20270

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This...

The vulnerability of Themes component in the Windows operating system, which allows a hacker to disclose protected information

The vulnerability of Themes component in the Windows operating system is related to information representation errors in the user interface. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the system...

The vulnerability of the microprogramming software in the Moxa OnCell G3150A-LTE industrial LTE modem series arises from improper limitation of the number of displayed layers or frames on the user interface. This allows attackers to carry out a clickjacking attack.

The vulnerability of the microprogramming software in the Moxa OnCell G3150A-LTE industrial LTE modem series lies in improper restrictions on the layers or frames displayed by the user interface. Exploiting this vulnerability allows a remote attacker to carry out a clickjacking attack...

CVE-2023-37522

HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower has missing or insecure tags that could allow an attacker to execute a malicious script on the user's browser...

PT-2024-12627 · Hcl · Hcl Bigfix Bare Osd Metal Server Webui

Name of the Vulnerable Software and Affected Versions: HCL BigFix Bare OSD Metal Server WebUI versions 311.19 or lower Description: The issue concerns the inclusion of sensitive information in a query string, potentially allowing an attacker to execute a malicious attack. Recommendations: For HCL...

PT-2024-12629 · Hcl · Hcl Bigfix Bare Osd Metal Server Webui

Name of the Vulnerable Software and Affected Versions: HCL BigFix Bare OSD Metal Server WebUI versions 311.19 or lower Description: The issue is related to missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI, which could allow an attacker to execute a malicious script on the...

HCL Technologies BigFix OSD Security Vulnerability

HCL Technologies BigFix OSD is part of a lifecycle management software from HCL Technologies, Inc. It is used for the deployment of operating systems. A security vulnerability exists in HCL Technologies BigFix Bare OSD Metal Server WebUI 311.19 and prior versions, which stems from the absence or...

Swagger UI Security Vulnerability

Swagger UI is an open source tool that supports visualizing and being able to interact with API resources. A security vulnerability exists in Swagger UI versions prior to v2.1.0, which stems from the default swagger-ui configuration exposing all files in the module...

CVE-2023-49253

Root user password is hardcoded into the device and cannot be changed in the user interface...

CVE-2023-49253

Root user password is hardcoded into the device and cannot be changed in the user interface...

CVE-2023-49253 Predefined root password

Root user password is hardcoded into the device and cannot be changed in the user interface...

The vulnerability of the Nearby Share function in Windows operating systems, which allows attackers to perform spoofing attacks

The vulnerability of the Nearby Share function in Windows operating systems is related to information representation errors in the user interface. Exploiting this vulnerability can allow remote attackers to perform spoofing attacks...

DEBIAN-CVE-2022-32919

The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing...

OPENSUSE-SU-2024:0016-1 Security update for opera

This update for opera fixes the following issues: opera was updated to 106.0.4998.28 CHR-9566 Update Chromium on desktop-stable-120-4998 to 120.0.6099.200 DNA-113161 Weather 'Weather Location' description is almost invisible in dark mode DNA-113351 'Previous tile' should be the same size as 'next...

SAP GUI Security Vulnerability

SAP GUI is an application from SAP, a German company. graphical user interface for SAP systems. A security vulnerability exists in the SAP GUI connector for Microsoft Edge, which arises from allowing an attacker, under certain circumstances, to access highly sensitive information that would...

KLA62827 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of...

PT-2024-1020 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in the representation of information by the user interface in the Nearby Share feature of Windows operating systems. This can allow a remote attacker to condu...

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including SAP, Netweaver, SAP GUI and HANA. A malicious person could exploit them to carry out attacks that can lead to the following categories of damage: Cross-Site Scripting XSS. Denial-of-Service DoS. Circumvention of security measure. Remote...

KLA62824 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information, bypass security restrictions, gain privileges, cause denial of service, execute arbitrary code. Below is a...

PT-2024-1099

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description The issue is related to errors in the representation of information by the user interface of the Windows operating system, specifically in the Themes component. This can allow a remote attack...