KLA12413 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc. A security bypass vulnerability exists in the Google Chrome Browser UI, which can be exploited by attackers to bypass security restrictions...

HuaWei Smartphone 安全漏洞

Huawei Emui is an Android-based mobile operating system. magic Ui is an Android-based mobile operating system. Huawei Emui and Magic UI are vulnerable to a configuration flaw that could be exploited by attackers to elevate MEID IMEI privileges...

Huawei Smartphone 资源管理错误漏洞

Huawei Emui is a mobile operating system developed on Android. Magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI have security vulnerabilities that could be exploited by attackers to cause a kernel crash or elevation of privilege...

CVE-2021-38876

IBM i 7.2, 7.3, and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208404...

[SECURITY] Fedora 34 Update: gnome-shell-40.7-1.fc34

GNOME Shell provides core user interface functions for the GNOME 3 desktop, like switching to windows and launching applications. GNOME Shell takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts to provide a visually attractive and easy...

CVE-2021-38961

IBM OPENBMC OP910 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212049...

DEBIAN-CVE-2021-4053

Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Security Bulletin: Vulnerability in Apache Log4j affects IBM Spectrum Scale (CVE-2021-44228)

Summary A vulnerability in Apache Log4j could allow an attacker to execute arbitrary code on the system. This library is used by the Graphical User Interface GUI of IBM Spectrum Scale for logging. This vulnerability may affect IBM Spectrum Scale. Vulnerability Details CVEID: CVE-2021-44228...

SUSE-SU-2021:4150-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - Update to version 91.4 MFSA 2021-54 bsc1193485 - CVE-2021-43536: URL leakage when navigating while executing asynchronous function - CVE-2021-43537: Heap buffer overflow when using structured clone - CVE-2021-43538: Missing fullscre...

CVE-2021-38966

IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 212357...

CVE-2021-36316

Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. A malicious user with high privileges could potentially exploit this vulnerability, leading to the disclosure of the AUI info and performing some unauthorized operation ...

KLA12397 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Buffer overflow vulnerability in libolm can be exploited remotely via special crafted...

CVE-2021-38883

IBM Business Automation Workflow 18.0, 19.0, 20,0 and 21.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

The vulnerability of Microsoft Bing Search for Android, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Bing Search for Android relates to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spearishing attacks...

IBM Business Automation Workflow 跨站脚本漏洞

IBM Business Automation Workflow is a workflow automation solution from IBM USA. The product is primarily used for workflow management, compliance management, and features workflow visibility and scalability.IBM Business Automation Workflow has a security vulnerability that stems from the...

The vulnerability of the Google Chrome browser’s WebUI user interface allows a hacker to circumvent existing access restrictions.

The vulnerability in the user interface of Google Chrome’s WebUI exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to circumvent existing access restrictions by using a specially created HTML page...

The vulnerability of Microsoft Exchange Server servers, related to errors in information representation by the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Exchange Server servers is related to errors in information representation by the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks remotely...

Security update for seamonkey (important)

openSUSE Security Update: Security update for seamonkey Announcement ID: openSUSE-SU-2021:1588-1 Rating: important References: Affected Products: openSUSE Backports SLE-15-SP3 An update that contains security fixes can now be installed. Description: This update for seamonkey fixes the following...

CVE-2021-38701

Certain Motorola Solutions Avigilon devices allow XSS in the administrative UI. This affects T200/201 before 4.10.0.68; T290 before 4.4.0.80; T008 before 2.2.0.86; T205 before 4.12.0.62; T204 before 3.28.0.166; and T100, T101, T102, and T103 before 2.6.0.180...