CVE-2022-47983

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 243161...

Security feature bypass

Dell PowerScale OneFS, 8.2.0 through 9.3.0, contain an User Interface Security Issue. An unauthenticated remote user could unintentionally lead an administrator to enable this vulnerability, leading to disclosure of information...

CVE-2022-45096

CVE-2022-45096 affects Dell PowerScale PowerScale OneFS versions 8.2.0 through 9.3.0, where an unauthenticated remote user could inadvertently cause an administrator to enable a UI-related issue leading to information disclosure. The connected documents consistently describe the affected product ...

PT-2023-1393 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM Infosphere Information Server version 11.7 Description: The issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted sessio...

The vulnerability of the UI Desktop software lies in its lack of access control mechanisms, allowing a perpetrator to execute arbitrary commands.

The vulnerability of the UI Desktop software is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to execute arbitrary commands...

The vulnerability of the IBM Robotic Process Automation software lies in errors in the user interface’s information representation, which allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the IBM Robotic Process Automation software is related to errors in information representation by the user interface. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information through a specially create...

CVE-2022-32517

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause an adversary to trick the interface user/admin into interacting with the application in an unintended way when the product does not implement restrictions on the ability to render within frames ...

Schneider Electric Conext ComBox 安全漏洞

The Schneider Electric Conext ComBox is a powerful communication and monitoring device from Schneider Electric France. A security vulnerability exists in the Schneider Electric Conext ComBox that stems from an improper restriction on its rendering UI layer or frames that could allow an attacker t...

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spoofing attacks...

KLA20188 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in GuestView can be exploited to cause...

KLA20181 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in GuestView can be exploited to cause...

gnome-shell bug fix and enhancement update

An update is available for gnome-shell. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GNOME Shell acts as a compositing manager for the desktop, and displays...

The vulnerability of the user interface of the Windows Credential Manager service allows a perpetrator to escalate their privileges.

The vulnerability of the Credential Manager user interface in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

UBUNTU-CVE-2022-47024

A null pointer dereference issue was discovered in function guix11createblankmouse in guix11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts...

CVE-2023-20019

A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform, Cisco BroadWorks Application Server, and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user ...

IBM Robotic Process Automation 跨站脚本漏洞

IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM. It helps you automate more business and IT processes at scale with the ease and speed of traditional RPA. A cross-site scripting vulnerability in IBM Robotic Process Automation in Clou...

KLA20182 Multiple vulnerabilities in Git for Windows

Multiple vulnerabilities were found in Git for Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. Integer overflow vulnerability can be exploited to execute arbitrary code. 2. Remote code execution vulnerability in...

KLA20168 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Security vulnerability in SystemPrincipal can be exploited to...

The vulnerability of FortiWAN’s traffic balancing system allows a attacker to perform a spoofing attack.

The vulnerability of the FortiWAN traffic balancing system is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a malicious actor, operating remotely, to perform a spoofing attack...

CVE-2023-21726

Windows Credential Manager User Interface Elevation of Privilege Vulnerability...