Lucene search
K

8183 matches found

Prion
Prion
added 2020/10/20 5:15 p.m.14 views

Design/Logic Flaw

User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the RITS Browser version 3.3.9 and prior versions...

4.3CVSS4.6AI score0.00982EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2020/10/20 4:40 p.m.54 views

CVE-2020-7371

CVE-2020-7371 describes a UI misrepresentation in the address bar exploited via JavaScript timing to spoof the perceived source of content in the RITS Browser 3.3.9 and earlier. Exploitation requires visiting a site that can run JavaScript; the attacker can cause UI elements to appear as if they ...

4.3CVSS4.5AI score0.00982EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/10/20 4:40 p.m.19 views

CVE-2020-7370 Danyil Vasilenko Bolt Browser Address Bar Spooofing

User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of Danyil Vasilenko's Bolt Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Bolt Browser version 1.4 and prior versions...

4.3CVSS4.6AI score0.00982EPSS
Exploits1References2
Cvelist
Cvelist
added 2020/10/20 4:40 p.m.25 views

CVE-2020-7369 Yandex Browser Address Bar Spooofing

User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Yandex Browser version 20.8.3 and prior versions, and was fixed in version...

4.3CVSS4.6AI score0.00982EPSS
Exploits1References2
CVE
CVE
added 2020/10/20 4:40 p.m.48 views

CVE-2020-7369

Summary of CVE-2020-7369 : A UI misrepresentation vulnerability in Yandex Browser’s address bar allows an attacker to obfuscate the true data source shown to the user. The issue affects Yandex Browser 20.8.3 and earlier and was fixed in 20.8.4 (Oct 1, 2020). The NVD lists a CVSS v3.1 base score o...

4.3CVSS4.5AI score0.00982EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/10/20 4:40 p.m.26 views

CVE-2020-7364 UCWeb UC Browser Address Bar Spooofing

User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions...

4.3CVSS4.6AI score0.00733EPSS
Exploits1References2
OSV
OSV
added 2020/10/20 3:15 p.m.3 views

CVE-2020-4755

IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188595...

5.4CVSS5.7AI score0.00554EPSS
Exploits0References2
CNVD
CNVD
added 2020/10/20 12:0 a.m.1 views

IBM Sterling B2B Integrator and IBM Sterling File Gateway Cross-Site Scripting Vulnerabilities

IBM Sterling B2B Integrator and others are products of IBM Corporation in the U.S.A. IBM Sterling B2B Integrator is a suite of software that integrates essential B2B processes, transactions, and relationships.IBM Sterling File Gateway is a suite of file transfer software.IBM Sterling File Gateway...

5.4CVSS6.2AI score0.00739EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2020/10/20 12:0 a.m.81 views

KLA11982 Multiple vulnerabilitieis in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in WebRTC...

9.8CVSS9.8AI score0.02743EPSS
Exploits1References3
CNVD
CNVD
added 2020/10/19 12:0 a.m.1 views

Juniper Networks Mist Cloud UI Input Validation Error Vulnerability

Juniper Networks Mist Cloud is a Juniper Networks USA platform that simplifies cloud management and helps users prevent vendor and complexity lock-in. It provides cost and utilization reporting, RBAC, management, provisioning, orchestration, monitoring and automation for servers across public and...

7.2CVSS6.8AI score0.00876EPSS
Exploits0References1
OSV
OSV
added 2020/10/16 9:15 p.m.5 views

CVE-2020-1677

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle child elements in SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue...

7.2CVSS5.8AI score0.0042EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/10/16 12:0 a.m.4 views

The vulnerability of Google Chrome’s user interface allows a perpetrator to compromise the integrity of the protected information.

The vulnerability of the Google Chrome browser’s user interface is related to errors in the use of standard permissions. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...

7.1CVSS6.9AI score0.00879EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2020/10/14 12:0 a.m.2 views

The vulnerability in the Web UI of the Cisco Unified Communications Manager system, as well as the Cisco Unified Communications Manager Session Management Edition (SME) system for managing IP telephony, allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the Web UI of the Cisco Unified Communications Manager system, as well as the Cisco Unified Communications Manager Session Management Edition SME system for managing IP telephony, is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability cou...

6.4CVSS6AI score0.00833EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/10/13 8:22 a.m.1 views

chromium-browser: Inappropriate implementation in Blink

Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page...

6.5CVSS7.4AI score0.01624EPSS
Exploits1References5
Kaspersky
Kaspersky
added 2020/10/13 12:0 a.m.158 views

KLA11977 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, spoof user interface, cause denial of service, bypass security restrictions. Below is a complete list of...

9.3CVSS9.9AI score0.13348EPSS
Exploits12References76
Kaspersky
Kaspersky
added 2020/10/13 12:0 a.m.27 views

KLA11972 Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Dynamics 365 Commerce can be exploited remotely via...

6.5CVSS6.2AI score0.01326EPSS
Exploits0References7
OSV
OSV
added 2020/10/12 2:15 p.m.2 views

CVE-2020-4680

IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186426...

5.4CVSS5.8AI score0.00554EPSS
Exploits0References2
OSV
OSV
added 2020/10/12 2:15 p.m.5 views

CVE-2020-4681

IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186427...

5.4CVSS5.8AI score0.00554EPSS
Exploits0References2
OSV
OSV
added 2020/10/12 2:15 p.m.2 views

CVE-2020-4679

IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186424...

4.8CVSS5.7AI score0.00545EPSS
Exploits0References2
OSV
OSV
added 2020/10/10 12:22 p.m.4 views

OPENSUSE-SU-2020:1646-1 Security update for grafana

This update for grafana fixes the following issues: Update to version 7.1.5: Features / Enhancements - Stats: Stop counting the same user multiple times. - Field overrides: Filter by field name using regex. - AzureMonitor: map more units. - Explore: Don't run queries on datasource change. - Graph...

8.2CVSS7.1AI score0.99856EPSS
Exploits5References4
Rows per page
Query Builder