Lucene search
K

8133 matches found

BDU FSTEC
BDU FSTEC
added 2021/02/23 12:0 a.m.4 views

The vulnerability of Microsoft Exchange Server is related to the lack of protection for service data, which allows attackers to carry out spoofing attacks.

The vulnerability of Microsoft Exchange Server servers is related to errors in information representation by the user interface. Exploiting this vulnerability can allow a malicious actor to perform spear-phishing attacks remotely...

6.4CVSS6.8AI score0.01817EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/02/23 12:0 a.m.5 views

The vulnerability of the Downloads function in Google Chrome web browsers allows a hacker to circumvent existing security restrictions.

The vulnerability of the Downloads function in the Google Chrome web browser is related to an improper limitation on the displayed layers of the user interface. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions remotely...

7.3CVSS6.9AI score0.03036EPSS
Exploits0References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2021/02/23 12:0 a.m.4 views

The vulnerability of Microsoft Exchange Server servers, related to the false representation of information by the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Exchange Server is related to the false representation of information by the user interface. Exploiting this vulnerability allows a malicious actor to perform spear-phishing attacks remotely...

5.5CVSS7.1AI score0.04627EPSS
Exploits7References2
BDU FSTEC
BDU FSTEC
added 2021/02/19 12:0 a.m.6 views

The vulnerability of the DevTools set of tools in the Google Chrome web browser allows a hacker to bypass existing security restrictions.

The vulnerability of the DevTools set of tools in the Google Chrome web browser is related to an incorrect limitation on the visible layers of the user interface. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions remotely...

7.3CVSS7.7AI score0.23406EPSS
Exploits0References12Affected Software7
OSV
OSV
added 2021/02/18 3:15 p.m.3 views

CVE-2021-20446

IBM Maximo for Civil Infrastructure 7.6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196622...

5.4CVSS5.4AI score0.00502EPSS
Exploits0References2
NVD
NVD
added 2021/02/17 5:15 p.m.11 views

CVE-2021-1351

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied...

6.1CVSS0.00784EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/02/17 4:55 p.m.17 views

CVE-2021-1351 Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied...

6.1CVSS6.1AI score0.00784EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/02/17 4:55 p.m.9 views

CVE-2021-1351 Cisco Webex Meetings Cross-Site Scripting Vulnerability

A vulnerability in the web-based interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based interface of the affected service. The vulnerability is due to insufficient validation of user-supplied...

6.1CVSS6.1AI score0.00784EPSS
Exploits0References1
NVD
NVD
added 2021/02/17 10:15 a.m.12 views

CVE-2021-23885

Privilege escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page...

9CVSS0.01089EPSS
Exploits0References1
Prion
Prion
added 2021/02/17 10:15 a.m.14 views

Privilege escalation

Privilege escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page...

9CVSS9.1AI score0.01089EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/17 9:20 a.m.15 views

CVE-2021-23885 Privilege escalation vulnerability in McAfee Web Gateway (MWG) UI

Privilege escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page...

9CVSS9.7AI score0.01089EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/17 12:0 a.m.6 views

IBM Jazz Reporting Service 跨站脚本漏洞

IBM Jazz Reporting Service helps you quickly and easily integrate data from a variety of data sources across your tools and projects, and provides a set of ready-to-use reports for sharing information about your lifecycle management projects. A cross-site scripting vulnerability exists in IBM Jaz...

5.4CVSS6.1AI score0.00502EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2021/02/17 12:0 a.m.1 views

CVE-2020-4933

IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

5.4CVSS5AI score0.00502EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2021/02/17 12:0 a.m.5 views

IBM Maximo for Civil Infrastructure 跨站脚本漏洞

IBM Maximo for Civil Infrastructure integrates inspection, defect tracking and maintenance activities to help organizations improve asset life, keep critical systems up and running and reduce the total cost of ownership of civil infrastructure. A cross-site scripting vulnerability exists in IBM...

6.1CVSS6.4AI score0.00661EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/02/16 12:0 a.m.6 views

The vulnerability of the user interface of Cisco Webex Meetings Server and Cisco Webex Meetings software allows a perpetrator to insert hyperlinks into electronic invitations.

The vulnerability of the software user interfaces for Cisco Webex Meetings Server and Cisco Webex Meetings is related to insufficient validation of entered data. Exploiting this vulnerability allows a malicious actor to insert hyperlinks into electronic invitations...

4.1CVSS5.5AI score0.0103EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/02/15 10:15 p.m.3 views

CVE-2021-21511

Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. A remote low privileged attacker could potentially exploit this vulnerability, to gain unauthorized read or modification access to other users' backup data...

8.1CVSS7.3AI score0.01007EPSS
Exploits0References1
Virtuozzo
Virtuozzo
added 2021/02/15 12:0 a.m.42 views

Virtuozzo Hybrid Infrastructure 4.5 (4.5.0-284)

In this release, Virtuozzo Hybrid Infrastructure provides a wide range of new features that enhance the end-user experience and service providers' interoperability. The improvements cover compute services, networking, storage core, monitoring, and the administrative user interface. Additionally,...

0.7AI score
Exploits0
OSV
OSV
added 2021/02/11 5:15 p.m.5 views

CVE-2020-4768

IBM Case Manager 5.2 and 5.3 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure...

5.4CVSS5.5AI score0.00466EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/02/09 12:0 a.m.5 views

PT-2021-2070 · Microsoft · Skype For Business Server

Name of the Vulnerable Software and Affected Versions: Skype for Business Server Microsoft Lync Server affected versions not specified Description: The issue is related to errors in the user interface's representation of information. It may allow a remote attacker to conduct spoofing attacks...

7.1CVSS6.2AI score0.0162EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2021/02/09 12:0 a.m.51 views

KLA12068 SUI vulnerabilities in Microsoft Exchange Server

A spoofing vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2021-24085 CVE-2021-1730 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More...

6.5CVSS6.3AI score0.04627EPSS
Exploits7References8
Rows per page
Query Builder