Lucene search
K

8173 matches found

ATTACKERKB
ATTACKERKB
added 2021/01/02 12:0 a.m.1 views

CVE-2020-4909

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191273...

4.8CVSS5AI score0.00545EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/01/02 12:0 a.m.1 views

CVE-2020-4910

IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 191274...

4.8CVSS5AI score0.00545EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/12/21 6:15 p.m.5 views

CVE-2020-4757

IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

6.4CVSS5.2AI score0.01277EPSS
Exploits1References3
OSV
OSV
added 2020/12/17 7:15 p.m.4 views

CVE-2020-4845

IBM Security Key Lifecycle Manager 3.0.1 and 4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS5.9AI score0.00554EPSS
Exploits0References2
OSV
OSV
added 2020/12/16 9:15 p.m.5 views

CVE-2020-4657

IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted...

6.1CVSS6AI score0.00721EPSS
Exploits0References2
CNVD
CNVD
added 2020/12/16 12:0 a.m.2 views

IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability (CNVD-2020-73017)

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. IBM Sterling B2B Integrator Standard Edition suffers from a...

6.1CVSS6.2AI score0.00721EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.7 views

IBM Sterling B2B Integrator 跨站脚本漏洞

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. IBM Sterling B2B Integrator Standard Edition suffers from a...

6.1CVSS6.4AI score0.00721EPSS
Exploits0References4
Fedora
Fedora
added 2020/12/14 12:59 a.m.39 views

[SECURITY] Fedora 33 Update: php-oojs-oojs-ui-0.39.3-1.fc33

OOjs UI Object-Oriented JavaScript =EF=BF=BD=EF=BF=BD=EF=BF=BD User Interf ace is a library that allows developers to rapidly create front-end web applications that operate consistently across a multitude of browsers...

7.5CVSS3AI score0.01752EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2020/12/11 12:0 a.m.3 views

The vulnerability of the preview function of Google Chrome tabs, which allows attackers to perform spear-phishing attacks

The vulnerability of the preview function in Google Chrome browsers is related to errors in information representation by the user interface. Exploiting this vulnerability could allow a malicious actor to perform spoofing attacks remotely...

6.4CVSS6.7AI score0.00687EPSS
Exploits1References11Affected Software6
BDU FSTEC
BDU FSTEC
added 2020/12/11 12:0 a.m.3 views

The vulnerability of the screen-sharing function in Google Chrome browsers allows attackers to perform spoofing attacks.

The vulnerability of the screen-sharing function in Google Chrome browser relates to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks remotely...

4.3CVSS6.7AI score0.00656EPSS
Exploits0References13Affected Software6
BDU FSTEC
BDU FSTEC
added 2020/12/11 12:0 a.m.5 views

The vulnerability in the implementation of the WebUSB protocol in Google Chrome web browsers allows attackers to perform spoofing attacks.

The vulnerability of the WebUSB protocol implementation in Google Chrome’s web browser is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to perform spoofing attacks remotely...

4.3CVSS6.7AI score0.00707EPSS
Exploits0References13Affected Software6
OSV
OSV
added 2020/12/10 11:15 p.m.4 views

CVE-2019-4738

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system. IBM X-Force ID: 172753...

6.5CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2020/12/10 6:15 a.m.5 views

CVE-2020-12595

An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4...

4.9CVSS6.4AI score0.00856EPSS
Exploits0References1
NVD
NVD
added 2020/12/08 8:15 p.m.22 views

CVE-2020-9987

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 14.0. Visiting a malicious website may lead to address bar spoofing...

4.3CVSS3.8AI score0.00823EPSS
Exploits0References1
OSV
OSV
added 2020/12/08 8:15 p.m.3 views

CVE-2020-9987

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 14.0. Visiting a malicious website may lead to address bar spoofing...

4.3CVSS6.6AI score0.00823EPSS
Exploits0References1
Prion
Prion
added 2020/12/08 8:15 p.m.14 views

Design/Logic Flaw

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in Safari 14.0. Visiting a malicious website may lead to address bar spoofing...

4.3CVSS5.1AI score0.00823EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/12/08 12:0 a.m.4 views

The vulnerability of the Google Chrome web browser’s user interface allows a hacker to execute arbitrary code.

The vulnerability of the Google Chrome web browser’s user interface is related to overflowing buffers in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.3CVSS8.1AI score0.01909EPSS
Exploits0References13Affected Software6
CNNVD
CNNVD
added 2020/12/08 12:0 a.m.5 views

Schneider Electric Easergy T300 安全漏洞

Easergy T300 is a new generation of intelligent terminals for distribution network automation, adhering to the design concepts of "modularity, flexibility, and application orientation", which can be widely used in medium-voltage distribution network management, fault location, isolation, and...

6.5CVSS6.6AI score0.01075EPSS
Exploits0References4
Kaspersky
Kaspersky
added 2020/12/08 12:0 a.m.40 views

KLA12019 Multiple vulnerabilities in Microsoft Browsers

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Edge for Android can be exploited remotely to spoof...

7.5CVSS5.6AI score0.02059EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2020/12/03 12:0 a.m.6 views

The vulnerability of the software for Cisco Webex Meetings Server and Cisco Webex Meetings allows a intruder to gain unauthorized access to protected information.

The vulnerability of the user interface of Cisco Webex Meetings Server and Cisco Webex Meetings relates to insufficient validation of entered data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

5.3CVSS5.9AI score0.01546EPSS
Exploits0References2
Rows per page
Query Builder