unstreamed not updated in withdraw()

Handle gpersoon Vulnerability details Impact The function stake increases unstreamed, however the function withdraw, that does the inverse of stake doesn't decrease unstreamed. The function withdraw does update all the other relevant variables so this seems to be an omission. Thus the value of...

IBM Cognos Analytics 跨站脚本漏洞

IBM Cognos Analytics is a suite of business intelligence software from IBM Corporation. A cross-site scripting vulnerability exists in IBM Cognos Analytics, which stems from a failure to validate user data data in the product's web ui. An attacker could cause credentials in a trusted session to b...

CVE-2021-29849

IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205281...

CVE-2021-20847

Cross-site scripting vulnerability in Wi-Fi STATION SH-52A 38JP111G, 38JP111J, 38JP111K, 38JP111L, 38JP126F, 38JP126G, 38JP126J, 38JP203B, and 38JP203C allows a remote unauthenticated attacker to inject an arbitrary script via WebUI of the device...

The vulnerability in the implementation of the IE Mode feature of the Microsoft Edge browser on Windows operating systems allows attackers to perform spoofing attacks.

The vulnerability of the Microsoft Edge browser’s IE Mode implementation on Windows operating systems is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks remotely...

The vulnerability of the Mozilla Firefox browser, related to improper restriction of the displayed user interface layers, allows attackers to carry out attacks using a suphin.

The vulnerability of the Mozilla Firefox browser is related to an improper limitation on the displayed layers of the user interface. Exploiting this vulnerability allows a malicious actor to carry out attacks using a spoofing technique, by hiding requests from users for access to additional...

PUB-A-184676316

In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2021-36326

Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface UI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted forma...

Format string

Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface UI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted forma...

CVE-2021-36326

Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the User Interface UI. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to a downgrade in the communications between the client and server into an unencrypted forma...

Wi-Fi STATION SH-52A vulnerable to cross-site scripting

Overview Wi-Fi STATION SH-52A provided by NTT DOCOMO, INC. contains a cross-site scripting vulnerability CWE-79. Takayuki Sasaki of Yokohama National University reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impac...

IBM QRadar SIEM 跨站脚本漏洞

IBM QRadar SIEM is a solution from IBM America that leverages security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, etc. A cross-site...

Huawei Emui 注入漏洞

Huawei Emui is a mobile operating system developed on Android.Magic Ui is a mobile operating system developed on Android.An injection attack vulnerability exists in Huawei Emui and Magic UI. An attacker can exploit this vulnerability to affect service availability...

Huawei HarmonyOS 安全漏洞

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. Huawei Emui and Magic UI are vulnerable to a data handling error. An attacker can exploit this vulnerability to cause a kernel crash...

Huawei Emui 安全漏洞

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. a remote DoS vulnerability exists in Huawei Emui and Magic UI. An attacker could exploit the vulnerability to cause the application to exit unexpectedly...

Huawei Emui 安全漏洞

Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. a remote DoS vulnerability exists in Huawei Emui and Magic UI. An attacker could exploit the vulnerability to cause the application to exit unexpectedly...

[SECURITY] Fedora 33 Update: js-jquery-ui-1.13.0-1.fc33

A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library...

[SECURITY] Fedora 34 Update: js-jquery-ui-1.13.0-1.fc34

A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library...

[SECURITY] Fedora 35 Update: js-jquery-ui-1.13.0-1.fc35

A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library...

OPENSUSE-SU-2021:1489-1 Security update for opera

This update for opera fixes the following issues: Update to version 81.0.4196.31: - DNA-95733 Implement the “Manage” menu in card details view - DNA-95736 Update UI for paused card - DNA-95791 Crash at base::operator - DNA-95794 Sometimes the sidebar UI fails to load - DNA-95812 Retrieve cards in...