[SECURITY] Fedora 38 Update: roundcubemail-1.6.5-1.fc38

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

PT-2023-19031 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.2.0p15 Checkmk versions prior to 2.1.0p37 Checkmk versions prior to 2.0.0p40 Description: The issue is related to improper input validation, allowing privileged attackers to cause a partial denial of service of the...

CVE-2023-36393

Windows User Interface Application Core Remote Code Execution Vulnerability...

CVE-2023-36393

Windows User Interface Application Core Remote Code Execution Vulnerability...

Remote code execution

Windows User Interface Application Core Remote Code Execution Vulnerability...

CVE-2023-36393 Windows User Interface Application Core Remote Code Execution Vulnerability

...

Authentication flaw

Affected devices do not properly validate the authentication when performing certain modifications in the web interface allowing an authenticated attacker to influence the user interface configured by an administrator...

CVE-2023-44320

CVE-2023-44320 affects Siemens SCALANCE and RUGGEDCOM devices (e.g., RM1224 LTE EU/NAM, SCALANCE M8xx/MUm/WM/ S-series) with all versions before V7.2.2. The issue is improper authentication validation in the web interface, allowing an authenticated attacker to influence the administrator’s UI. Ex...

Windows User Interface Application Core Remote Code Execution Vulnerability

...

PT-2023-7195 · Microsoft · Dynamics 365 Customer Voice

Name of the Vulnerable Software and Affected Versions: Dynamics 365 Customer Voice affected versions not specified Description: The issue is related to errors in the representation of information in the user interface of the Microsoft Dynamics 365 Customer Voice application. Exploitation of this...

KLA61975 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, gain privileges, obtain sensitive information, spoof user interface. Below is a complete list of...

PT-2023-6948 · Microsoft · Windows User Interface Application Core +1

Name of the Vulnerable Software and Affected Versions: Windows User Interface Application Core affected versions not specified Description: The issue is related to insufficient input validation in the Windows User Interface Application Core, which can be exploited by attackers to execute arbitrar...

KLA61976 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability Microsoft Dynamics 365 on-premises can be exploited remotely to spoof user...

Microsoft Windows User Interface security vulnerability

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation. A security vulnerability exists in Microsoft Windows User Interface. An attacker could exploit this vulnerability to remotely execute code. The following products and versions...

PT-2023-7271 · Microsoft · Visual Studio Code Jupyter Extension

Name of the Vulnerable Software and Affected Versions: Visual Studio Code Jupyter Extension affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. It may allow an attacker to conduct spoofing attacks. Recommendations...

PT-2023-7031 · Microsoft · Dynamics 365 Sales

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics 365 Sales affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Microsoft Dynamics 365 server. It may allow a remote attacker to conduc...

CVE-2023-38364

IBM CICS TX Advanced 10.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 260821...

IBM CICS TX 安全漏洞

IBM CICS TX is a comprehensive, single transaction runtime package from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM CICS TX Advanced version 10.1, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can...

IBM QRadar SIEM 安全漏洞

IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to errors in information representation by the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks...