The vulnerability in the BizTalk Server BizTalk ESB Toolkit allows a attacker to perform a spoofing attack.

The vulnerability of the BizTalk Server BizTalk ESB Toolkit relates to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to perform a spoofing attack remotely...

PT-2022-11088 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 0.8.0 through 14.2.5 GitLab CE/EE versions 14.3.0 through 14.3.3 GitLab CE/EE versions 14.4.0 Description: The issue allows certain Unicode characters to be abused, enabling the commitment of malicious code into projects...

CVE-2022-24796 Remote Command Injection in RaspberryMatic

RaspberryMatic is a free and open-source operating system for running a cloud-free smart-home using the homematicIP / HomeMatic hardware line of IoT devices. A Remote Code Execution RCE vulnerability in the file upload facility of the WebUI interface of RaspberryMatic exists. Missing input...

RaspberryMatic 操作系统命令注入漏洞

RaspberryMatic is a free and non-commercial open source operating system alternative from the individual developer Jens Maus in Germany. It is used to run cloud-free smart home IoT centers. RaspberryMatic suffers from an operating system command injection vulnerability that stems from a lack of...

CVE-2022-22404

IBM App Connect Enterprise Certified Container Dashboard UI IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1 may be vulnerable to denial of service due to excessive rate limiting...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which stems from an agent obfuscation in the SystemUI that could arbitrarily launch an Activity. An attacker could exploit this vulnerability to cause a...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, Inc.V8 is one of the open source JavaScript engines. A security vulnerability exists in Google Chrome due to a boundary error when handling untrusted HTML content in the WebUI. A remote attacker can create a specially crafted web page, trick a victim in...

Google Chrome缓冲区错误漏洞

Google Chrome is a web browser from Google, Inc.V8 is one of the open source JavaScript engines. A security vulnerability exists in Google Chrome due to a boundary error when handling untrusted HTML content in the WebUI. A remote attacker can create a specially crafted web page, trick a victim in...

Google Chrome资源管理错误漏洞

Google Chrome is a web browser from Google Inc.V8 is an open source JavaScript engine. Google Chrome suffers from a resource management error vulnerability that exists due to a use-after-free error in the Cast UI component in Google Chrome. A remote attacker could create a specially crafted web...

CVE-2022-0549

An issue has been discovered in GitLab CE/EE affecting all versions before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Under certain conditions, GitLab REST API may allow unprivileged users to add other users to groups even if that is not...

The vulnerability of Microsoft Defender for Endpoint’s operating system, Microsoft Windows, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Defender for Endpoint’s Windows operating system is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks remotely...

The vulnerability in the Google Chrome browser user interface allows attackers to perform spear-phishing attacks.

The vulnerability of the Google Chrome browser interface is related to errors in information representation by the user interface. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks using a specially created web page...

The vulnerability of the Microsoft Office software package, related to errors in information presentation at the user interface level, allows attackers to perform spear-phishing attacks.

The vulnerability of the Microsoft Office suite is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...

The vulnerability of the Tablet Windows User Interface Application component of the Microsoft Windows operating system, which allows a perpetrator to increase their privileges

The vulnerability of the Tablet Windows User Interface Application component of the Microsoft Windows operating system is related to the use of a common resource with incorrect synchronization. Exploiting this vulnerability can allow an attacker to increase their privileges...

Important: Red Hat Security Advisory: Red Hat Virtualization Host security and enhancement update [ovirt-4.4.10] Async #2

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

CVE-2020-20094

Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...

CVE-2020-20093

The Facebook Messenger app for iOS 227.0 and prior and Android 228.1.0.10.116 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...

CVE-2020-20096

Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...

Code injection

Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...

Code injection

Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...