The vulnerability of Microsoft SharePoint Server’s software packages, related to errors in information presentation by the user interface, allows attackers to carry out spoofing attacks.

The vulnerability of Microsoft SharePoint Server packages is related to errors in information presentation by the user interface. Exploiting this vulnerability can allow a malicious actor to carry out spoofing attacks remotely...

PT-2023-20584 · Ibm · Ibm Websphere Application Server

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server version 9.0 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted session...

com.adobe.aem:aem-sdk-api (=2020.6.3800.20200626T210738Z-200604), net.distilledcode.aem:aem-touch-ui-support-package (>=0.1.0 <=0.1.32) potentially affected by CVE-2023-26513 via org.apache.sling:org.apache.sling.resourcemerger (=1.3.10)

org.apache.sling:org.apache.sling.resourcemerger MAVEN version =1.3.10 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.sling:org.apache.sling.resourcemerger and may be impacted: - com.adobe.aem:aem-sdk-api =2020.6.3800.20200626T210738Z-20060...

CVE-2022-43874

IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

[SECURITY] Fedora 38 Update: k3b-22.12.3-2.fc38

K3b provides a comfortable user interface to perform most CD/DVD burning tasks. While the experienced user can take influence in all steps of the burning process the beginner may find comfort in the automatic settings and the reasonable k3b defaults which allow a quick start...

KLA48557 SUI vulnerability in Microsoft Browser

A spoofing vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2023-24892 Related products Microsoft-Edge CVE list CVE-2023-24892 critical KB list Solution Install necessary updates from the Settings and mor...

PT-2023-1767 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. It allows a remote attacker to conduct spoofing attacks, affecting the system...

KLA48552 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in...

PT-2023-1720 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Webview2 control in Microsoft Edge. Exploitation of this issue may all...

PT-2023-1763

Name of the Vulnerable Software and Affected Versions Office for Android affected versions not specified Description The issue is related to errors in the representation of information by the user interface. Exploitation of this issue may allow an attacker to conduct spoofing attacks...

PT-2023-1867 · Microsoft · Azure Service Fabric

Name of the Vulnerable Software and Affected Versions: Azure Service Fabric affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the Azure Service Fabric platform. Exploitation of this issue may allow a remote...

PT-2023-1780 · Microsoft · Office Excel

Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Description: The issue is related to errors in the representation of information by the user interface in Microsoft Excel, allowing an attacker to conduct spoofing attacks. This can affect the...

KLA48571 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to spoof user interface, cause denial of service, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in...

KLA48561 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics 365. Malicious users can exploit these vulnerabilities to spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Security UI vulnerability in Microsoft Dynamics 365 on-premises can be exploited...

PT-2023-16929 · Unilogies · Bumsys

Name of the Vulnerable Software and Affected Versions: unilogies/bumsys versions prior to 2.0.2 Description: The issue is related to improper restriction of rendered UI layers or frames. Recommendations: For versions prior to 2.0.2, update to version 2.0.2 or later to resolve the issue...

bumsys 安全漏洞

bumsys is an open source project called Business Management System by unilogies individual developers. A security vulnerability exists in unilogies bumsys versions prior to v2.0.2, which stems from an improper restriction in the UI layer or framework in which the software is rendered...

KLA48544 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Policy enforcement...

The vulnerability of the Microsoft OneNote note-taking software, related to errors in information presentation on the user interface, allows a perpetrator to exploit their privileges.

The vulnerability of the Microsoft OneNote note-taking software relates to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

SUSE CVE-2023-1235

Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. Chromium security severity: Low...

MeterSphere 路径遍历漏洞

MeterSphere is MeterSphere open source one-stop open source continuous testing platform. MeterSphere 2.7.1 before the version of the path traversal vulnerability , the vulnerability stems from the user in the UI operation to create a resource file in the process of the path will be appended to th...