PT-2022-12973 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 14.4.5 GitLab versions 14.5.0 through 14.5.3 GitLab versions 14.6.0 through 14.6.1 Description: An issue has been discovered in GitLab where it does not ignore replacement references with git sub-commands. This allows...

CVE-2022-22290

Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. GitLab suffers from a security vulnerability that stems from configuring in a...

The vulnerability of the Office Online Server web server, related to errors in information representation by the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of the Office Online Server web server is related to errors in information representation by the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks remotely...

Vulnerability of Windows operating system certificates, allowing attackers to perform spoofing attacks

The vulnerability of Windows operating system certificates is related to errors in information representation by the user interface. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

The vulnerability of the Microsoft Office software package, related to errors in information presentation on the user interface, allows a hacker to carry out a spear-phishing attack.

The vulnerability of the Microsoft Office suite is related to errors in information presentation at the user interface level. Exploiting this vulnerability can allow an attacker to carry out a spear-phishing attack...

CVE-2022-21870

Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability...

CVE-2022-21870

Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability...

CVE-2022-21870

Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability...

CVE-2022-21870 Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability

...

Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability

...

PT-2022-1515 · Microsoft · Windows Ui Immersive Server Api +1

Name of the Vulnerable Software and Affected Versions: Windows UI Immersive Server API affected versions not specified Description: The issue is related to insecure privilege management in the Windows UI Immersive Server API component of the Windows operating system. Exploitation of this issue ma...

KLA12420 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to perform cross-site scripting attack, spoof user interface. Below is a complete list of vulnerabilities: 1. Cross-site scripting XSS vulnerability in Microsoft Dynamics 365 Customer...

KLA12423 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface. Below is a...

Microsoft Windows 权限许可和访问控制问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A vulnerability exists in Microsoft Tablet Windows User Interface with privilege license and access control issues. The following products and editions are affected:Windows 10 Version 21H...

KLA12417 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to bypass security restrictions, spoof user interface, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1...

KLA12415 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, spoof user interface, gain privileges, cause denial of service, obtain sensitive information. Below is a complete list of...

The vulnerability of Google Chrome’s user interface allows a hacker to bypass existing security restrictions by using a specially created HTML page.

The vulnerability of Google Chrome’s user interface is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions by using a specially created HTML page...

The vulnerability in the user interface of the basic authentication mechanism for Google Chrome allows a hacker to manipulate the URL input by using a specially created HTML page.

The vulnerability of the basic authentication user interface of Google Chrome is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to forge the URL content using a specially created HTML page...

Facebook Launches 'Privacy Center' to Educate Users on Data Collection and Privacy Options

Meta Platforms, the company formerly known as Facebook, on Friday announced the launch of a centralized Privacy Center that aims to "educate people" about its approach with regards to how it collects and processes personal information across its family of social media apps. "Privacy Center provid...