CWE:
 

Topic
Date
Author
Low
Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting
17.08.2019
Martin Heiland
Med.
SCP Server Verification Issues
16.01.2019
Harry Sintonen


CVEMAP Search Results

CVE
Details
Description
2024-09-10
Waiting for details
CVE-2024-43461

Updating...
 

 
Windows MSHTML Platform Spoofing Vulnerability

 
2024-08-13
Waiting for details
CVE-2024-38197

Updating...
 

 
Microsoft Teams for iOS Spoofing Vulnerability

 
2024-02-14
Waiting for details
CVE-2024-22455

Updating...
 

 
Dell E-Lab Navigator, [3.1.9, 3.2.0], contains an Insecure Direct Object Reference Vulnerability in Feedback submission. An attacker could potentially exploit this vulnerability, to manipulate the email's appearance, potentially deceiving recipients and causing reputational and security risks.

 
2024-02-02
Waiting for details
CVE-2023-50938

Updating...
 

 
IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 275128.

 
2022-08-12
Waiting for details
CVE-2022-2800

Updating...
 

 
A vulnerability, which was classified as problematic, has been found in SourceCodester Gym Management System. Affected by this issue is some unknown functionality. The manipulation leads to clickjacking. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-206246 is the identifier assigned to this vulnerability.

 
2022-02-17
Low
CVE-2022-23646

Vendor: Vercel
Software: Next.js
 

 
Next.js is a React framework. Starting with version 10.0.0 and prior to version 12.1.0, Next.js is vulnerable to User Interface (UI) Misrepresentation of Critical Information. In order to be affected, the `next.config.js` file must have an `images.domains` array assigned and the image host assigned in `images.domains` must allow user-provided SVG. If the `next.config.js` file has `images.loader` assigned to something other than default, the instance is not affected. Version 12.1.0 contains a patch for this issue. As a workaround, change `next.config.js` to use a different `loader configuration` other than the default.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top