8173 matches found
CVE-2020-4909
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191273...
CVE-2020-4910
IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191274...
CVE-2020-4757
IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
CVE-2020-4845
IBM Security Key Lifecycle Manager 3.0.1 and 4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
CVE-2020-4657
IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...
IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2020-73017)
IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. IBM Sterling B2B Integrator Standard Edition suffers from a...
IBM Sterling B2B Integrator 跨站脚本漏洞
IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. IBM Sterling B2B Integrator Standard Edition suffers from a...
[SECURITY] Fedora 33 Update: php-oojs-oojs-ui-0.39.3-1.fc33
OOjs UI Object-Oriented JavaScript =EF=BF=BD=EF=BF=BD=EF=BF=BD User Interf ace is a library that allows developers to rapidly create front-end web applications that operate consistently across a multitude of browsers...
The vulnerability of the preview function of Google Chrome tabs, which allows attackers to perform spear-phishing attacks
The vulnerability of the preview function in Google Chrome browsers is related to errors in information representation by the user interface. Exploiting this vulnerability could allow a malicious actor to perform spoofing attacks remotely...
The vulnerability of the screen-sharing function in Google Chrome browsers allows attackers to perform spoofing attacks.
The vulnerability of the screen-sharing function in Google Chrome browser relates to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks remotely...
The vulnerability in the implementation of the WebUSB protocol in Google Chrome web browsers allows attackers to perform spoofing attacks.
The vulnerability of the WebUSB protocol implementation in Google Chrome’s web browser is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...
CVE-2019-4738
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system. IBM X-Force ID: 172753...
CVE-2020-12595
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4...
CVE-2020-9987
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 14.0. Visiting a malicious website may lead to address bar spoofing...
CVE-2020-9987
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 14.0. Visiting a malicious website may lead to address bar spoofing...
Design/Logic Flaw
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 14.0. Visiting a malicious website may lead to address bar spoofing...
The vulnerability of the Google Chrome web browser’s user interface allows a hacker to execute arbitrary code.
The vulnerability of the Google Chrome web browser’s user interface is related to overflowing buffers in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Schneider Electric Easergy T300 安全漏洞
Easergy T300 is a new generation of intelligent terminals for distribution network automation, adhering to the design concepts of "modularity, flexibility, and application orientation", which can be widely used in medium-voltage distribution network management, fault location, isolation, and...
KLA12019 Multiple vulnerabilities in Microsoft Browsers
Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Edge for Android can be exploited remotely to spoof...
The vulnerability of the software for Cisco Webex Meetings Server and Cisco Webex Meetings allows a intruder to gain unauthorized access to protected information.
The vulnerability of the user interface of Cisco Webex Meetings Server and Cisco Webex Meetings relates to insufficient validation of entered data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...