PT-2023-8490 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 3.5-milestone-1 through 14.10.8 XWiki Platform versions 15.3-rc-1 and earlier Description: The issue is related to the disclosure of information in the error data area of the XWiki Platform, specifically in the...

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...

Red Hat Ansible automation controller 跨站脚本漏洞

Red Hat Ansible automation controller is a centralized management tool from Red Hat, Inc. It is used for managing inventory, initiating and scheduling workflows, tracking changes, and integrating reports with a centralized user interface. A security vulnerability exists in the Red Hat Ansible...

Oracle Primavera Unifier (Jul 2023 CPU)

The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory. - Security-in-Depth issue in the Primavera Unifier product of Oracle Construction and Engineering component: User Interface JSZip. This vulnerabilit...

Microsoft Edge browser’s vulnerability on iOS, related to information representation errors in the user interface, allows attackers to perform spoofing attacks.

The vulnerability of Microsoft Edge browser for iOS is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform a spear-phishing attack...

The vulnerability of Microsoft Edge browser on Android, related to information representation errors in the user interface, allows a hacker to perform a spoofing attack.

The vulnerability of Microsoft Edge browser on Android is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to perform a spoofing attack remotely...

The vulnerability of the Microsoft Power Apps development environment, related to errors in the user interface’s information representation, allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft Power Apps development environment is related to errors in information representation by the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks remotely...

July 25, 2023—KB5028245 (OS Build 22000.2245) Preview

July 25, 2023—KB5028245 OS Build 22000.2245 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 21H2, see its update history page.Note Follow @WindowsUpdate to fin...

CVE-2023-25929

IBM Cognos Analytics 11.1 and 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 247861...

IBM Cognos Analytics 跨站脚本漏洞

IBM Cognos Analytics is a suite of business intelligence software from International Business Machines IBM. The software includes reports, dashboards, and scorecards, and can assist organizations in adjusting their decision-making by analyzing such things as key factors and key people. A security...

PT-2023-3913 · Microsoft · Edge For Android

Name of the Vulnerable Software and Affected Versions: Microsoft Edge for Android affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. It may allow a remote attacker to perform a spoofing attack. Recommendations: A...

PT-2023-3921 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to errors in presenting information to the user interface, which can allow a remote attacker to perform a spoofing attack. Recommendations: At the...

KLA51267 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Web API Permission...

IBM Sterling Connect:Express for UNIX 安全漏洞

IBM Sterling Connect:Express for UNIX is a file transfer solution from International Business Machines IBM for the UNIX platform. A security vulnerability exists in IBM Sterling Connect:Express for UNIX version 1.5, which stems from the vulnerability of the browser UI to cookies...

CVE-2023-28023

A cross site request forgery vulnerability in the BigFix WebUI Software Distribution interface site version 44 and before allows an NMO attacker to access files on server side systems server machine and all the ones in its network...

Fides 资源管理错误漏洞

Fides is an open source privacy engineering platform for managing the implementation of data privacy requests in the runtime environment and the enforcement of privacy regulations in code. A resource management error vulnerability exists in Fides versions 2.11.0 through 2.15.1, which stems from...

HCL BigFix Platform 加密问题漏洞

HCL Technologies HCL BigFix Platform is a suite of endpoint security management platforms from HCL Technologies, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in the HCL BigFix WebUI that stems from the use ...

HCL BigFix Platform 输入验证错误漏洞

HCL Technologies HCL BigFix Platform is a suite of endpoint security management platforms from HCL Technologies, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in the HCL BigFix WebUI that originates from a...

The vulnerability of the Microsoft Outlook email client, related to errors in information presentation on the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft Outlook email client is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks remotely...

The vulnerability of Windows Admin Center’s server management tool, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of the Windows Admin Center WAC management tool is related to information representation errors in the user interface. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...