PT-2021-6279 · Microsoft · Powershell

Name of the Vulnerable Software and Affected Versions: Microsoft PowerShell affected versions not specified Description: The issue is related to errors in the representation of information by the user interface of the PowerShell interpreter. Exploitation of this issue may allow an attacker to...

PT-2021-5671

Name of the Vulnerable Software and Affected Versions Microsoft Office affected versions not specified Description The issue is related to errors in the representation of information by the user interface, allowing an attacker to conduct a spoofing attack. This can affect the system, potentially...

KLA12386 Multiple vulnerabilities in Microsoft Apps

Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Office app can be exploited remotely to...

PT-2021-6349 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to errors in the user interface's representation of information. It may allow a remote attacker to perform a spoofing attack. Recommendations: At th...

KLA62329 ACE vulnerability in Microsoft Mariner

A spoofing vulnerability was found in Microsoft Mariner. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2021-43896 Related products CBL-Mariner-2.0 PowerShell CVE list CVE-2021-43896 warning Solution Install necessary updates from the KB section,...

The vulnerability of the Android EMUI operating system’s shell, related to improper memory release before deleting the last link, allows a hacker to trigger a service failure.

The vulnerability of the Android EMUI operating system’s shell is related to the improper release of memory before deleting the last link. Exploiting this vulnerability can allow a malicious actor to cause service failure remotely...

CVE-2021-40834 User interface Spoofing in F-Secure SAFE browser for Android

A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When user click on a specially crafted seemingly legitimate URL SAFE browser goes into full screen and hides the user interface. A remote attacker can leverage this to perform spoofing attack...

KLA12381 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, inject malicious code, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free...

DEBIAN-CVE-2021-38506

Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox 94, Thunderbird 91.3, and Firefox ESR 91.3...

CVE-2021-31850 Denial of Service in Database Security on Windows

A denial-of-service vulnerability in Database Security DBS prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files i...

Mozilla: Cursor spoofing could overlay user interface when native cursor is zoomed

It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

Mozilla: Cursor spoofing could overlay user interface when native cursor is zoomed

It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

Fortinet FortiWLC 访问控制错误漏洞

The Fortinet FortiWLC is a wireless LAN controller from Fortinet. An access control error vulnerability exists in the Fortinet FortiWLC, which arises from the product's GUI restrictions not validating the user's identity. The vulnerability can be exploited to execute arbitrary commands. The...

The vulnerability of Microsoft Exchange Server servers, related to errors in information representation by the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Exchange Server servers is related to errors in information representation by the user interface. Exploiting this vulnerability can allow attackers to perform spear-phishing attacks remotely...

The vulnerability in the implementation of the Windows Authenticode signature technology of the Microsoft Windows operating system allows attackers to perform spoofing attacks.

The vulnerability of the Authenticode signature technology implemented in Microsoft Windows operating systems is related to errors in information presentation by the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks...

KLA12374 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to spoof user interface, perform cross-site scripting attack, obtain sensitive information, cause denial of service, bypass security restrictions, execute arbitrary code. Below is a complete...

Huawei Smartphone 安全漏洞

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI incorrect access control vulnerability. An attacker can exploit the vulnerability to compromise service confidentiality...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android 12. The vulnerability arises due to a possible bypass of user interaction requirements due to an unclear UI in onCreate in AllowBindAppWidgetActivity.java. An...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a resource management error vulnerability that stems from post-free use in the UI. No details of the vulnerability are provided at this time...

KLA12373 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, inject malicious code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...