CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8021 matches found

NVD•added 2023/08/08 6:15 p.m.•20 views

CVE-2023-36898

Tablet Windows User Interface Application Core Remote Code Execution Vulnerability...

7.8CVSS7.8AI score0.00678EPSS

Exploits0References1

Kaspersky•added 2023/08/08 12:0 a.m.•66 views

KLA51713 Multiple vulnerabilities in Microsoft Server Software

Multiple vulnerabilities were found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Exchange Serve...

9.8CVSS9.4AI score0.16813EPSS

Exploits0References9

Positive Technologies•added 2023/08/08 12:0 a.m.•2 views

PT-2023-5505 · Microsoft · Visual Studio Tools For Office Runtime

Name of the Vulnerable Software and Affected Versions: Visual Studio Tools for Office Runtime affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. Exploitation of this issue may allow a remote attacker to conduct...

9.4CVSS9.3AI score0.01603EPSS

Exploits0References9

Positive Technologies•added 2023/08/08 12:0 a.m.•2 views

PT-2023-5478 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient input validation in the user interface for Windows tablet devices, allowing an attacker to execute arbitrary code. This can be exploited by remote...

7.8CVSS9.6AI score0.00678EPSS

Exploits0References9

Positive Technologies•added 2023/08/08 12:0 a.m.•3 views

PT-2023-4299 · Microsoft · Outlook

Name of the Vulnerable Software and Affected Versions: Microsoft Outlook affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Microsoft Outlook email client. Exploitation of this issue may allow a remote...

7.2CVSS9.2AI score0.01969EPSS

Exploits0References10

Positive Technologies•added 2023/08/08 12:0 a.m.•1 views

PT-2023-4310 · Microsoft · Exchange Server

Name of the Vulnerable Software and Affected Versions: Microsoft Exchange Server affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, allowing a remote attacker to perform a spoofing attack. This can enable an...

9CVSS9.3AI score0.16813EPSS

Exploits0References11

Kaspersky•added 2023/08/08 12:0 a.m.•94 views

KLA51717 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A spoofing...

8.8CVSS9.5AI score0.74288EPSS

Exploits1References35

RustSec•added 2023/08/07 12:0 p.m.•6 views

`tui` is unmaintained; use `ratatui` instead

The tui crate is no longer maintained. Consider using the ratatui crate instead...

7.2AI score

Exploits0

Vulnrichment•added 2023/08/03 9:15 p.m.•13 views

CVE-2023-20204

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web-based management interface...

5.4CVSS6AI score0.00358EPSS

Exploits0References1

OSV•added 2023/08/01 11:15 p.m.•2 views

DEBIAN-CVE-2023-3738

Inappropriate implementation in Autofill in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS4.9AI score0.00527EPSS

Exploits0References1

Kaspersky•added 2023/08/01 12:0 a.m.•29 views

KLA51573 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of...

9.8CVSS10AI score0.13694EPSS

Exploits1References3

BDU FSTEC•added 2023/08/01 12:0 a.m.•5 views

The vulnerability of the UI and visualization components of the Oracle Hyperion Workspace application allows a malicious individual to gain unauthorized access to protected information. This access enables them to modify, add, or delete data, or cause service interruptions.

The vulnerability of the UI and visualization components of the Oracle Hyperion Workspace reporting application relates to insecure management of privileges. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information, to modify, add, or delete data,...

8.7CVSS7.2AI score0.00468EPSS

Exploits0References3Affected Software1

RedHat Linux•added 2023/07/31 6:19 p.m.•6 views

Controller: Html injection in custom login info

An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise...

7.3CVSS5.8AI score0.00672EPSS

Exploits0References4

OSV•added 2023/07/31 2:15 a.m.•2 views

CVE-2023-22595

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

5.4CVSS5.4AI score

Exploits0References1

CNNVD•added 2023/07/29 12:0 a.m.•4 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability previously existed in Google Chrome version 96.0.4664.45, which stemmed from an improperly executed Cast UI...

4.3CVSS7AI score0.00415EPSS

Exploits1References4

BDU FSTEC•added 2023/07/28 12:0 a.m.•4 views

The vulnerability of Microsoft Edge browser on Android, related to information representation errors in the user interface, allows a hacker to perform a spoofing attack.

The vulnerability of Microsoft Edge browser on Android is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to perform a spoofing attack remotely...

5CVSS5.4AI score0.00581EPSS

Exploits0References4Affected Software1

BDU FSTEC•added 2023/07/28 12:0 a.m.•5 views

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server packages lies in information representation errors in the user interface, which allows attackers to perform spoofing attacks.

The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Server Subscription Edition, and Microsoft SharePoint Enterprise Server is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks...

10CVSS7.7AI score0.01464EPSS

Exploits0References3

BDU FSTEC•added 2023/07/28 12:0 a.m.•4 views

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows a hacker to perform a spoofing attack.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to perform a spoofing attack remotely...

5CVSS5.4AI score0.00721EPSS

Exploits0References4Affected Software1