Mozilla: Firefox could be coaxed into going into fullscreen mode without notification or warning

The Mozilla Foundation Security Advisory describes this flaw as: Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing...

Mozilla: Firefox could be coaxed into going into fullscreen mode without notification or warning

The Mozilla Foundation Security Advisory describes this flaw as: Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing...

CVE-2021-40115

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

CVE-2021-34784 Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an...

CVE-2021-40115 Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

CVE-2021-34773 Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated,...

USN-5131-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the browser UI, confuse the user, conduct phishing attacks, or execut...

Mozilla: Firefox could be coaxed into going into fullscreen mode without notification or warning

The Mozilla Foundation Security Advisory describes this flaw as: Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing...

CVE-2021-33210

An issue was discovered in Fimer Aurora Vision before 2.97.10. An attacker can in the WebUI obtain plant information without authentication by reading the response of APIs from a kiosk view of a plant...

CVE-2021-29771

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

CVE-2021-42763

Couchbase Server before 6.6.3 and 7.x before 7.0.2 stores Sensitive Information in Cleartext. The issue occurs when the cluster manager forwards a HTTP request from the pluggable UI query workbench etc to the specific service. In the backtrace, the Basic Auth Header included in the HTTP request,...

CVE-2021-33593

Whale browser for iOS before 1.14.0 has an inconsistent user interface issue that allows an attacker to obfuscate the address bar which may lead to address bar spoofing...

CVE-2021-33593

Whale browser for iOS is affected (versions before 1.14.0) by an inconsistent user interface that allows an attacker to obfuscate the address bar, which may lead to address bar spoofing. The Red Hat and NVD entries corroborate the vulnerability description across multiple feeds. The available doc...

Couchbase Server 加密问题漏洞

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that primarily supports data querying, full-text searching, and active global replication. A cryptographic issue vulnerability exists in Couchbase Server, which stems from the inclusion of plaintext...

PT-2021-8017 · Mozilla +2 · Firefox +2

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 94 Description: The issue is related to incorrect restriction of visualized layers in the user interface, which can be exploited by a remote attacker to conduct spoofing attacks. When parsing internationalize...

IBM InfoSphere Information Server 跨站脚本漏洞

IBM InfoSphere Information Server is a data integration platform from IBM Corporation in the United States. The platform can be used to integrate data information obtained from various sources. IBM InfoSphere Information Server has a security vulnerability that allows users to embed arbitrary...

Huawei Smartphone 安全漏洞

Huawei Emui is a mobile operating system developed based on Android.Magic Ui is a mobile operating system developed based on Android. An unauthorized file access vulnerability exists in Huawei Emui and Magic UI that originates from a network system or product that does not properly validate...

Huawei Smartphone 安全漏洞

Huawei Emui is a mobile operating system developed based on Android.Magic Ui is a mobile operating system developed based on Android. Huawei Emui and Magic UI have security vulnerabilities that can be exploited by attackers to compromise service integrity...

Huawei HarmonyOS 安全漏洞

Huawei Emui is a mobile operating system based on Android.Magic Ui is a mobile operating system based on Android.Magic Ui is a mobile operating system based on Android.Magic Ui is a mobile operating system based on Android.Magic Ui is a mobile operating system based on Android.Magic Ui is a mobil...

Huawei Smartphone 缓冲区错误漏洞

Huawei Emui is a mobile operating system developed based on Android.Magic Ui is a mobile operating system developed based on Android. A memory leak vulnerability exists in Huawei Emui and Magic UI, which is caused by improper handling of abnormal events. An attacker could exploit this vulnerabili...