PT-2023-1561 · Mozilla +8 · Thunderbird +8

Name of the Vulnerable Software and Affected Versions: Thunderbird versions prior to 102.8 Description: The issue is related to the processing of OpenPGP and OpenPGP MIME data in a specific way, which could cause Thunderbird's user interface to lock up and no longer respond to user actions. An...

Virtuozzo Hybrid Infrastructure 5.4 (5.4.0-133)

In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover compute services, management node high availability, monitoring and alerts, and the user interface. Additionally, this release delivers stability improvements and addresses issues found in previous...

CVE-2022-3089

Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file...

CVE-2022-3089 EnOcean SmartServer Hard-coded credentials

Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file...

DNSrecon-gui - DNSrecon Tool With GUI For Kali Linux

DNSRecon is a DNS scanning and enumeration tool written in Python, which allows you to perform different tasks, such as enumeration of standard records for a defined domain A, NS, SOA, and MX. Top-level domain expansion for a defined domain. With this graph-oriented user interface, the different...

cockpit 安全漏洞

Cockpit is an interactive server management interface. A security vulnerability exists in versions prior to cockpit 2.3.9-dev that stems from improper restriction of the rendered UI layer or framework...

The vulnerability of the Google Chrome browser’s WebUI user interface allows a hacker to execute arbitrary code.

The vulnerability of the WebUI user interface of Google Chrome is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created HTML page...

PT-2023-1460 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to conduct spoofing attacks usin...

CVE-2023-21428

Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023 Release 1 allows attackers to configure Preferred Call. The patch removes unused code...

CVE-2023-23475

IBM Infosphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 245423...

IBM InfoSphere Information Server 跨站脚本漏洞

IBM InfoSphere Information Server is a data integration platform from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Infosphere Information Server version 11.7, which stems from the presence of cross-site scripting that could be exploited by an attacker to...

CVE-2023-0703

Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. Chromium security severity: Medium...

DEBIAN-CVE-2023-0703

Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. Chromium security severity: Medium...

DEBIAN-CVE-2023-0701

Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interaction . Chromium security severity: Medium...

UBUNTU-CVE-2023-0701

Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interaction . Chromium security severity: Medium...

UBUNTU-CVE-2023-0703

Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. Chromium security severity: Medium...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in Google Chrome versions prior to 110.0.5481.77 that stems from a type confusion issue in DevTools. An attacker could exploit the vulnerability to cause heap corruption via UI interaction...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in versions prior to Google Chrome 110.0.5481.77 that stems from a type confusion issue during data transfer. An attacker exploits the vulnerability to cause heap corruption via UI interaction...

Moderate: Red Hat Bug Fix Advisory: Red Hat Ansible Automation Platform 2.3 Product Release Update

An update is now available for Red Hat Ansible Automation Platform 2.3 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...

CVE-2023-24613

The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend...