KLA12270 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Use after...

The vulnerability of the WebReports server, the WebStation user interface, and the Enterprise Server installer, as well as the Enterprise Central installer, is related to insufficient protection of the web page structure, allowing a hacker to execute arbitrary code.

The vulnerabilities of the WebReports server, the WebStation user interface, and the Enterprise Server installer, as well as the Enterprise Central installer, are related to insufficient protection of the web page structure. Exploiting these vulnerabilities allows a malicious actor to execute...

CVE-2021-29743

IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force I...

OPENSUSE-SU-2021:1209-1 Security update for opera

This update for opera fixes the following issues: opera was updated to version 78.0.4093.147 - CHR-8251 Update chromium on desktop-stable-92-4093 to 92.0.4515.131 - DNA-93036 Opera not starting after closing window. Processes still working. - DNA-94516 Add ‘Detach tab’ entry to tab menu - DNA-945...

CVE-2021-29744

IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 2016...

adalanche - Active Directory ACL Visualizer and Explorer

Tags: API Documentation, Access, Active Directory, Analysis, Binary, LDAP, Linux, Max, Memory, Parameter, Reverse, Takeover, Windows, pwned, Adalanche adalanche - Active Directory ACL Visualizer - who's really Domain Admin? Adalanche - Active Directory Acl Visualizer - Who'S Really Domain Admin?...

UBUNTU-CVE-2021-30596

Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

yourls 安全漏洞

YOURLS is an open source PHP-based short linking platform. A security vulnerability exists in yourls, which stems from the fact that yourls is susceptible to improper restrictions on rendering UI layers or frames. An attacker could exploit this vulnerability to cause an operation to be performed...

CVE-2021-1592

A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...

CVE-2021-1581

Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller APIC or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more information about these vulnerabilities, see t...

CVE-2021-1580

Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy Infrastructure Controller APIC or Cisco Cloud APIC could allow a remote attacker to perform a command injection or file upload attack on an affected system. For more information about these vulnerabilities, see t...

CVE-2021-30948

CVE-2021-30948 affects Apple iOS and iPadOS; an inconsistent UI state management bug potentially allows a person with physical access to an iOS device to access stored passwords without authentication. The issue is fixed in iOS 15.2 / iPadOS 15.2. Vulnerable component details are not fully specif...

GHSA-C5C9-8C6M-727V Cross-Site Scripting via Rich-Text Content

Meta CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC 5.7 Problem Failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding rendering instructions via...

Cross-Site Scripting via Rich-Text Content

Meta CVSS: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:F/RL:O/RC 5.7 Problem Failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding rendering instructions via...

The vulnerability of the printing control software in PaperCut MF and PaperCut NG, which exists due to the lack of measures to neutralize special elements, allows a violator to implement a script through the user interface.

The vulnerability of the printing control software in PaperCut MF and PaperCut NG exists due to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor, operating remotely, to implement a malicious script through the user interface...

The vulnerability of the manager for Cockpit servers, related to errors in displaying the user interface or frames, allows a perpetrator to inject malicious code.

The vulnerability of the Cockpit server administrator relates to errors in displaying the user interface or frames. Exploiting this vulnerability allows a malicious actor to inject malicious code remotely...

The vulnerability of the Windows LSA component in the Windows Server operating system allows attackers to perform spear-phishing attacks.

The vulnerability of the Windows LSA component in the Windows Server operating system is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...

KLA12261 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. A type confusion vulnerability in JIT...

KLA12269 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Page Info UI can ...

KLA12255 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft SharePoint Server can be exploited remotely to to spoof...