CVE-2023-40050

CVE-2023-40050 affects Chef Automate versions prior to and including 4.10.29. A remote code execution flaw exists when uploading a profile through the API or the user interface using the InSpec check command with a maliciously crafted profile. Affected component is the profile upload pathway in C...

Google Chrome Security Vulnerability

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome that stems from an incorrect security user interface in the Downloads module...

Google Chrome Security Vulnerability

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome that originates from an incorrect security user interface in the Picture In Picture module...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that originates from an incorrect security user interface in the Downloads module. An attacker can exploit this vulnerability to bypass security restrictions...

KLA61760 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Payments can be exploited to cause deni...

PT-2023-6633 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 119.0.6045.105 Description: The issue is related to a use after free vulnerability in the Profiles component of Google Chrome. This vulnerability can be exploited by a remote attacker who convinces a user to...

PT-2023-6660 · Google +3 · Google Chrome +3

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 119.0.6045.105 Description: The issue is related to an inappropriate implementation in the WebApp Provider component of Google Chrome, which may allow a remote attacker to obfuscate the security UI via a crafte...

CVE-2023-21374

In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

The vulnerabilities of Firefox and Firefox ESR browsers, as well as the Thunderbird email client, are related to information representation errors in the user interface. These vulnerabilities allow attackers to carry out clickjacking attacks.

The vulnerabilities of Firefox and Firefox ESR browsers, as well as the Thunderbird email client, are related to information representation errors in the user interface during the processing of requests and dialog boxes. Exploiting these vulnerabilities can allow a remote attacker to carry out a...

The vulnerability in the full-screen mode of the Firefox browser allows attackers to perform spoofing attacks.

The vulnerability of the full-screen mode of the Firefox browser is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spoofing attacks...

CVE-2023-42438

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. Visiting a malicious website may lead to user interface spoofing...

CVE-2023-42438

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. Visiting a malicious website may lead to user interface spoofing...

CVE-2023-40408

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Hide My Email may be deactivated unexpectedly...

CVE-2023-40408

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Hide My Email may be deactivated unexpectedly...

CVE-2023-40408

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Hide My Email may be deactivated unexpectedly...

CVE-2023-40408

CVE-2023-40408 is an Apple product issue described as an inconsistent user interface problem addressed by improved state management. The NVD entry notes the patch is included in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, and iOS 17.1/iPadOS 17.1, with Hide My Email potentially...

CVE-2023-40408

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Hide My Email may be deactivated unexpectedly...

CVE-2023-42438

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. Visiting a malicious website may lead to user interface spoofing...

CVE-2023-42438

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1. Visiting a malicious website may lead to user interface spoofing...

PT-2023-8358 · Apple · Safari +1

Name of the Vulnerable Software and Affected Versions: Safari versions prior to macOS Sonoma 14.1 Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to spoof the user interface. Visiting a malicious...