8025 matches found
Privilege escalation
Tablet Windows User Interface Application Elevation of Privilege Vulnerability...
CVE-2022-24460
Technical details for CVE-2022-24460 are not publicly provided in the supplied documents; no concrete affected product versions or remediation are specified. Monitor for updates.
The vulnerability of the Autofill function implementation in Google Chrome browser allows attackers to exploit and disclose protected information.
The vulnerability of the Autofill function in Google Chrome browser is related to errors in information representation by the user interface. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose sensitive information through a specially crafted HTML page...
Tablet Windows User Interface Application Elevation of Privilege Vulnerability
...
Microsoft Tablet Windows User Interface 权限许可和访问控制问题漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A vulnerability exists in Microsoft Tablet Windows User Interface with privilege permission and access control issues. The following products and editions are affected: Windows Server...
PT-2022-1978 · Microsoft · Defender For Endpoint
Name of the Vulnerable Software and Affected Versions: Microsoft Defender for Endpoint affected versions not specified Description: The issue is related to errors in information representation by the user interface. It may allow a remote attacker to conduct spoofing attacks. Recommendations: At t...
KLA12480 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A security feature bypass...
KLA12481 Multiple vulnerabilities in Microsoft System Center
Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Defender for IoT c...
KLA12484 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in tex...
Security Bulletin: Multiple Vulnerabilities in Sterling Connect:Direct Browser User Interface
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Versions. Sterling Connect:Direct Browser User Interface has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-35560 DESCRIPTION: An unspecified vulnerability in Java SE related to the Deployment...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser from Google, Inc. A heap buffer overflow vulnerability exists in the Google Chrome Cast UI, which can be exploited by attackers to cause arbitrary code execution...
GHSA-3V7G-4PG3-7R6J OS Command injection in Apache Airflow
In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making them susceptible to OS Command Injection from the web UI...
CVE-2022-24288
In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making them susceptible to OS Command Injection from the web UI...
PYSEC-2022-30
In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making them susceptible to OS Command Injection from the web UI...
PYSEC-2022-30
In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making them susceptible to OS Command Injection from the web UI...
HUAWEI EMUI 输入验证错误漏洞
Huawei Emui is a mobile operating system developed on Android. Magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI are vulnerable to integer overflow, which can be exploited by attackers to cause random address access...
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Enterprise Server, and Microsoft SharePoint Server Subscription Edition packages lies in information representation errors in the user interface, which allows attackers to perform spoofing attacks.
The vulnerability of Microsoft SharePoint Server, Microsoft SharePoint Enterprise Server, and Microsoft SharePoint Server Subscription Edition packages is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to perform a...
The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to perform spear-phishing attacks remotely...
The vulnerability of the Azure Data Explorer data analysis service, related to errors in information presentation on the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of the Azure Data Explorer data analysis service is related to errors in information representation by the user interface. Exploiting this vulnerability may allow attackers to perform spear-phishing attacks remotely...
The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.
The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to perform spear-phishing attacks remotely...