CVE-2016-2789

Cross-site scripting XSS vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-2789

Cross-site scripting XSS vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the Web User Interface in Citrix XenMobile Server 10.0, 10.1 before Rolling Patch 4, and 10.3 before Rolling Patch 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-2789

CVE-2016-2789 is a cross-site scripting (XSS) vulnerability in the Web User Interface of Citrix XenMobile Server 10.x. The issue affects XenMobile Server 10.0, 10.1 (before Rolling Patch 4), and 10.3 (before Rolling Patch 1). An attacker could inject arbitrary web script or HTML via unspecified v...

spacewalk-java: Multiple XSS issues in WebUI

Multiple cross-site scripting XSS flaws were found in the way certain form data was handled in Red Hat Satellite. A user able to enter form data could use these flaws to perform XSS attacks against other Satellite users...

The vulnerability of the Android operating system, which allows a hacker to bypass security measures and delete data

The vulnerability in the packages/SystemUI/src/com/android/systemui/recents/AlternateRecentsComponent.java file of the Setup Wizard component of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to bypass security...

CVE-2009-2197

Apple Safari before 9.1 allows remote attackers to spoof the user interface via a web page that places text in a crafted context, leading to unintended use of that text within a Safari dialog...

CVE-2009-2197

Apple Safari before 9.1 allows remote attackers to spoof the user interface via a web page that places text in a crafted context, leading to unintended use of that text within a Safari dialog...

CVE-2009-2197

CVE-2009-2197 affects Apple Safari prior to 9.1, where dialog text could be injected with page-supplied content, enabling UI spoofing. The official Apple advisory for Safari 9.1 states that the issue was addressed by removing inclusion of dialog text, mitigating the spoofing vector. The NVD entry...

Apple Safari Interface Forgery Vulnerability

Apple Safari is a web browser developed by Apple, Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. A security vulnerability exists in Apple Safari versions prior to 9.1. An attacker can exploit the vulnerability to spoof the user interface with the help of a...

Drupal Prepopulate module security bypass vulnerability (CNVD-2016-01737)

Drupal is a free, open-source content management system developed in PHP and maintained by the Drupal community. prepopulate is one of the prepopulated field modules. A security vulnerability exists in Drupal Prepopulate due to the program's failure to restrict users from overriding any portion o...

The vulnerability of the application interface of IBM WebSphere Portal servers allows attackers to redirect users to arbitrary websites.

The vulnerability of the IBM WebSphere Portal application’s user interface is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to redirect users to arbitrary websites and carry out phishing attacks using specially crafted URLs...

KLA10765 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information, execute arbitrary code, spoof user interface, gain privileges and write local files. Below...

UBUNTU-CVE-2016-1640

The Web Store inline-installer implementation in the Extensions UI in Google Chrome before 49.0.2623.75 does not block installations upon deletion of an installation frame, which makes it easier for remote attackers to trick a user into believing that an installation request originated from the...

Cisco IOS XE Multiple OpenSSL Vulnerabilities (CSCup22487)

The remote Cisco IOS XE device is missing a vendor-supplied security patch, and its web user interface is configured to use HTTPS. It is, therefore, affected by the following vulnerabilities in the bundled OpenSSL library : - An error exists in the ssl3readbytes function that could allow data to ...

Sophos UTM Nessus Web UI Cross-Site Scripting Vulnerability

Sophos UTM is a unified threat management appliance. which provides gateway security and endpoint security. The appliance provides gateway security protection and endpoint security protection.Nessus Web UI is one of the components used to access the Nessus Vulnerability Scanner based on a web...

DLA-419-1 gtk+2.0 - security update

Bulletin has no description...

USN-2898-1: GTK+ vulnerability

It was discovered that GTK+ incorrectly handled certain large images. A remote attacker could use this issue to cause GTK+ applications to crash, resulting in a denial of service, or possibly execute arbitrary code...

Adobe Connect < 9.5.2 Multiple Vulnerabilities (APSB16-07)

Adobe Connect is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:connect"; ifdescription...

CVE-2016-0950

Adobe Connect before 9.5.2 allows remote attackers to spoof the user interface via unspecified vectors...