8183 matches found
Design/Logic Flaw
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the RITS Browser version 3.3.9 and prior versions...
CVE-2020-7371
CVE-2020-7371 describes a UI misrepresentation in the address bar exploited via JavaScript timing to spoof the perceived source of content in the RITS Browser 3.3.9 and earlier. Exploitation requires visiting a site that can run JavaScript; the attacker can cause UI elements to appear as if they ...
CVE-2020-7370 Danyil Vasilenko Bolt Browser Address Bar Spooofing
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of Danyil Vasilenko's Bolt Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Bolt Browser version 1.4 and prior versions...
CVE-2020-7369 Yandex Browser Address Bar Spooofing
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Yandex Browser version 20.8.3 and prior versions, and was fixed in version...
CVE-2020-7369
Summary of CVE-2020-7369 : A UI misrepresentation vulnerability in Yandex Browser’s address bar allows an attacker to obfuscate the true data source shown to the user. The issue affects Yandex Browser 20.8.3 and earlier and was fixed in 20.8.4 (Oct 1, 2020). The NVD lists a CVSS v3.1 base score o...
CVE-2020-7364 UCWeb UC Browser Address Bar Spooofing
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions...
CVE-2020-4755
IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188595...
IBM Sterling B2B Integrator and IBM Sterling File Gateway Cross-Site Scripting Vulnerabilities
IBM Sterling B2B Integrator and others are products of IBM Corporation in the U.S.A. IBM Sterling B2B Integrator is a suite of software that integrates essential B2B processes, transactions, and relationships.IBM Sterling File Gateway is a suite of file transfer software.IBM Sterling File Gateway...
KLA11982 Multiple vulnerabilitieis in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in WebRTC...
Juniper Networks Mist Cloud UI Input Validation Error Vulnerability
Juniper Networks Mist Cloud is a Juniper Networks USA platform that simplifies cloud management and helps users prevent vendor and complexity lock-in. It provides cost and utilization reporting, RBAC, management, provisioning, orchestration, monitoring and automation for servers across public and...
CVE-2020-1677
When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle child elements in SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls. This issue...
The vulnerability of Google Chrome’s user interface allows a perpetrator to compromise the integrity of the protected information.
The vulnerability of the Google Chrome browser’s user interface is related to errors in the use of standard permissions. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...
The vulnerability in the Web UI of the Cisco Unified Communications Manager system, as well as the Cisco Unified Communications Manager Session Management Edition (SME) system for managing IP telephony, allows a perpetrator to carry out cross-site scripting attacks.
The vulnerability of the Web UI of the Cisco Unified Communications Manager system, as well as the Cisco Unified Communications Manager Session Management Edition SME system for managing IP telephony, is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability cou...
chromium-browser: Inappropriate implementation in Blink
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page...
KLA11977 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, spoof user interface, cause denial of service, bypass security restrictions. Below is a complete list of...
KLA11972 Multiple vulnerabilities in Microsoft Dynamics
Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Dynamics 365 Commerce can be exploited remotely via...
CVE-2020-4680
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186426...
CVE-2020-4681
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186427...
CVE-2020-4679
IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186424...
OPENSUSE-SU-2020:1646-1 Security update for grafana
This update for grafana fixes the following issues: Update to version 7.1.5: Features / Enhancements - Stats: Stop counting the same user multiple times. - Field overrides: Filter by field name using regex. - AzureMonitor: map more units. - Explore: Don't run queries on datasource change. - Graph...