CVE-2022-20659 Cisco Prime Infrastructure and Evolved Programmable Network Manager Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network EPN Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This...

CVE-2022-0110

Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

DEBIAN-CVE-2022-0110

Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2021-39668

In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused deputy. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is needed for...

PT-2022-1679 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. Exploitation of this issue may allow a remote attacker to conduct spoofing...

The vulnerability of the Tablet Windows User Interface Application Core component in the Windows operating system allows a hacker to enhance their privileges.

The vulnerability of the Tablet Windows User Interface Application Core component of the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

KLA12461 Spoofing vulnerability in Microsoft Browser

A spoofing vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2022-23264 Related products Microsoft-Edge CVE list CVE-2022-23264 warning KB list Solution Install necessary updates from the Settings and more...

KLA12452 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Dynamics GP can be...

PT-2022-1693 · Microsoft · Azure Data Explorer

Name of the Vulnerable Software and Affected Versions: Azure Data Explorer affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to conduct spoofing attacks...

PT-2022-1676 · Microsoft · Dynamics Gp

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics GP affected versions not specified Description: The issue is related to errors in the representation of information by the user interface in Microsoft Dynamics GP, which can lead to spoofing attacks. An attacker, acting...

KLA12456 Spoofing vulnerability in Microsoft Azure

A spoofing vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2022-23256 Related products Microsoft-Azure CVE list CVE-2022-23256 warning KB list Solution Install necessary updates from the KB section, that a...

KLA12448 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, bypass security restrictions, perform cross-site scripting attack, spoof user interface. Below is a complete list of...

PT-2022-2153 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, which can allow a remote attacker to conduct spoofing attacks...

PT-2022-1889 · Microsoft · Visual Studio Code

Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to errors in the representation of information by the user interface, allowing a remote attacker to conduct spoofing attacks. Recommendations: At the moment,...

PT-2022-2757 · Microsoft · Sharepoint Server +2

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Server Subscription Edition affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Microsoft SharePoint Foundatio...

The vulnerability of Microsoft Visual Studio software, related to errors in user interface representation, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Visual Studio software relates to errors in information representation at the user interface level. Exploiting this vulnerability allows a malicious actor to carry out spear-phishing attacks using specially crafted requests...

PT-2022-1698 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. Exploitation of this issue may allow a remote attacker to conduct spoofing...

Cisco Small Business 缓冲区错误漏洞

Cisco Small Business is a switch from Cisco USA. A buffer error vulnerability exists in the Cisco Small Business RV Series routers, which results from the use of weak entropy in the session identifier generation function. An attacker could exploit this vulnerability by using brute force to...

ALBA-2022:0363 gnome-control-center bug fix update

The gnome-control-center package contains configuration utilities for the GNOME desktop, which allow to configure accessibility options, desktop fonts, keyboard and mouse properties, sound setup, desktop theme and background, user interface properties, screen resolution, and other settings. Bug...

CVE-2021-22819

A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause unintended modifications of the product settings or user accounts when deceiving the user to use the web interface rendered within iframes. Affected Products: EVlink City EVC1S22P4 / EVC1S7P4 All...