PT-2022-24125 · Aruba · Aruba Clearpass Policy Manager

Name of the Vulnerable Software and Affected Versions: Aruba ClearPass Policy Manager versions 6.10.6 and below Aruba ClearPass Policy Manager versions 6.9.11 and below Description: A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated...

KLA19255 SUI vulnerability in Microsoft System Center

A spoofing vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2022-37972 Related products Microsoft-Endpoint-Configuration-Manager CVE list CVE-2022-37972 critical KB list Solution Install necessary...

[SECURITY] Fedora 36 Update: kdiskmark-3.1.0-1.fc36

KDiskMark is an HDD and SSD benchmark tool with a very friendly graphical user interface. KDiskMark with its presets and powerful GUI calls Flexible I/O Tester and handles the output to provide an easy to view and interpret comprehensive benchmark result...

Huawei EMUI和Huawei Magic UI 缓冲区错误漏洞

Huawei EMUI is a mobile operating system based on Android development.Huawei Magic UI is a smart device operating system. Huawei EMUI and Magic UI have an out-of-bounds write vulnerability that can be exploited by an attacker to cause the system to reboot...

OPENSUSE-SU-2022:10121-1 Security update for opera

This update for opera fixes the following issues: Update to 90.0.4480.84 - DNA-101690 Cherry-pick fix for CVE-2022-3075 from chromium Update to 90.0.4480.80 - DNA-99188 Tab Tooltip doesn't disappear - DNA-100664 Shopping corner widget - DNA-100843 Options to install and update VPN Pro app, when...

CVE-2020-19586

Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI...

Vulnerabilities fixed in Safari

Apple has fixed vulnerabilities in Safari. The vulnerabilities allow a malicious party to execute arbitrary code execute within the scope of the browser and to spoof user interfaces. spoofing. To do this, however, the malicious party must entice the victim to open rogue content. -= Apple =- Apple...

Hitachi Energy MicroSCADA X SYS600 安全漏洞

Hitachi Energy MicroSCADA X SYS600 is a SCADA product from Hitachi Japan. It ensures optimal control and reliable operation of your switching station through seamless integration and connectivity between different devices and systems. A security vulnerability exists in Hitachi Energy MicroSCADA X...

PYSEC-2022-268

Improper Restriction of Rendered UI Layers or Frames in GitHub repository ikus060/rdiffweb prior to 2.4.1...

CVE-2022-36736

Jitsi-2.10.5550 was discovered to contain a vulnerability in its web UI which allows attackers to perform a clickjacking attack via a crafted HTTP request. NOTE: this is disputed by the vendor...

[SECURITY] Fedora 35 Update: insight-13.0.50.20220502-1.fc35

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for the latest GDB version...

多款 XWiki Platform 产品代码注入漏洞

XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from XWiki France. A security vulnerability exists in the XWiki Platform Tag UI versions prior to 13.10.6 and 14.4, which stems from the fact that the tag document "Main.Tags" is not properly cleaned up from...

PT-2022-23596 · Jitsi · Jitsi

Name of the Vulnerable Software and Affected Versions: Jitsi version 2.10.5550 Description: The issue allows attackers to perform a clickjacking attack via a crafted HTTP request in the web UI. It is noted that this is disputed by the vendor. Recommendations: For Jitsi version 2.10.5550, as a...

PT-2022-23189 · Xwiki · Xwiki Platform Wiki Ui Main Wiki

Name of the Vulnerable Software and Affected Versions: XWiki Platform Wiki UI Main Wiki versions 5.3-milestone-2 through 13.10.5 XWiki Platform Wiki UI Main Wiki versions 5.3-milestone-2 through 14.3 Description: It's possible to inject arbitrary wiki syntax including Groovy, Python and Velocity...

The vulnerability of the User Interface sub-component of the Oracle WebCenter Sites Support Tools software platform allows a malicious individual to gain unauthorized access to read, modify, or add data, or to cause service interruptions.

The vulnerability of the User Interface sub-component of the Oracle WebCenter Sites Support Tools software platform exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to read, modify, or add...

The vulnerability of the Google Chrome browser’s WebUI user interface allows a hacker to execute arbitrary code.

The vulnerability of the Google Chrome browser’s WebUI interface is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Weave GitOps 跨站脚本漏洞

Weave GitOps is a simple open source developer platform open sourced by Weaveworks. A security vulnerability exists in Weave GitOps Enterprise prior to version 0.9.0-rc.5, which stems from having cross-site scripting XSS that allows a malicious user to inject a javascript link into the UI, which...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, an American company. A buffer overflow vulnerability exists in versions of Google Chrome prior to 105.0.5195.52, which originates from a boundary error when handling untrusted input in the WebUI. An attacker can exploit the vulnerability to trick a user...

CVE-2021-38934

IBM Engineering Test Management 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Forc...

IBM Engineering Test Management 跨站脚本漏洞

IBM Engineering Test Management is a collaborative quality management software from IBM USA that provides end-to-end test planning and test asset management to improve team efficiency. A security vulnerability exists in IBM Engineering Test Management version 7.0, 7.0.1, and 7.0.2, which stems fr...