The vulnerability of the Google Chrome browser’s WebUI user interface allows a perpetrator to compromise data integrity.

The vulnerability of the WebUI user interface of Google Chrome is related to the lack of a mechanism for verifying entered data. Exploiting this vulnerability allows an attacker to compromise the integrity of data...

[SECURITY] Fedora 34 Update: gnome-shell-40.0~rc-1.fc34

GNOME Shell provides core user interface functions for the GNOME 3 desktop, like switching to windows and launching applications. GNOME Shell takes advantage of the capabilities of modern graphics hardware and introduces innovative user interface concepts to provide a visually attractive and easy...

[SECURITY] Fedora 34 Update: gnome-control-center-40~rc-1.fc34

This package contains configuration utilities for the GNOME desktop, which allow to configure accessibility options, desktop fonts, keyboard and mouse properties, sound setup, desktop theme and background, user interface properties, screen resolution, and other settings...

Fedora: Security Advisory for gnome-control-center (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Siemens Solid Edge Viewer Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

It is an offensive tool for Web applications. The primary CVE ID is 'CVE-2020-5902'. The target product/service is BIG-IP F5, and the vulnerability class/vector is Remote Code Execution RCE. The probable entry point is undisclosed pages in the Traffic Management User Interface TMUI, also referred...

OPENSUSE-SU-2021:0413-1 Security update for opera

This update for opera fixes the following issues: - Update to version 74.0.3911.203 - CHR-8324 Update chromium on desktop-stable-88-3911 to 88.0.4324.182boo1182358 - DNA-90762 Replace “Don’t show again” with “Discard” - DNA-90974 Crash at...

The vulnerability of Google Chrome’s user interface allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Google Chrome browser user interface is related to errors in cryptographic transformations. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

OPENSUSE-SU-2021:0410-1 Security update for crmsh

This update for crmsh fixes the following issues: - Update to version 4.3.0+20210305.9db5c9a8: Fix: bootstrap: Adjust qdevice configure/remove process to avoid race condition due to quorum lostbsc1181415 Dev: cibconfig: remove related code about detecting crmdiff support --no-verion Fix:...

The vulnerability of the FortiMail email security system, related to deficiencies in authentication procedures, allows attackers to escalate their privileges.

The vulnerability of the FortiMail email security system is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to enhance their privileges by requesting a password change through the user interface...

F5 BIG-IQ 跨站脚本漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A cross-site scripting vulnerability exists in BIG-IQ, which could be exploited by an attacker using a specially crafted URL to reflect...

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. The TMUI remote command execution vulnerability in F5 BIGIP Appliance mode can be exploited by an attacker to execute arbitrar...

F5 BIG-IP 跨站脚本漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. F5 BIG-IP suffers from a cross-site scripting vulnerability that can be exploited by an attacker to trigger cross-site scripti...

CVE-2020-29020

Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware...

IBM Engineering Test Management Cross-Site Scripting Vulnerability (CNVD-2021-14749)

IBM Engineering Test Management is a collaborative quality management solution that provides end-to-end test planning and test asset management with broad coverage from requirements to defects. A cross-site scripting vulnerability exists in IBM Engineering Test Management. An attacker could explo...

IBM Engineering Requirements Quality Assistant Cross-Site Scripting Vulnerability (CNVD-2021-14752)

IBM Engineering Requirements Quality Assistant is a Watson AI based software from IBM USA used to assist developers in improving the quality of engineering requirements. A cross-site scripting vulnerability exists in IBM Engineering Requirements Quality Assistant. An attacker can exploit the...

CVE-2020-4863

IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190566...

CVE-2020-4857

IBM Engineering products are vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190460...

CVE-2021-20340

IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 194451...

CVE-2020-4866

IBM Engineering products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190742...