Total
76 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21314 | 2025-01-15 | 6.5 Medium | ||
| Windows SmartScreen Spoofing Vulnerability | ||||
| CVE-2020-9236 | 1 Huawei | 1 Fusioncompute | 2025-01-14 | 8.8 High |
| There is an improper interface design vulnerability in Huawei product. A module interface of the impated product does not deal with some operations properly. Attackers can exploit this vulnerability to perform malicious operatation to compromise module service. (Vulnerability ID: HWPSIRT-2020-05010) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9236. | ||||
| CVE-2025-0246 | 2025-01-08 | 6.5 Medium | ||
| When using an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.* *Note: This issue is a different issue from CVE-2025-0244. This vulnerability affects Firefox < 134. | ||||
| CVE-2025-0244 | 2025-01-08 | 5.3 Medium | ||
| When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 134. | ||||
| CVE-2024-52276 | 1 Docusign | 1 Docusign | 2025-01-06 | 7.5 High |
| User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing. 1. Displayed version does not show the layer flattened version, which is provided when the "Print" option is used. 2. Displayed version does not show the layer flattened version, which is provided when the combined download option is used. 3. Displayed version does not show the layer flattened version, which is also the provided version when downloading the result in the uncombined option. Once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened. This issue affects DocuSign: through 2024-12-04. | ||||
| CVE-2024-52269 | 1 Docusign | 1 Docusign | 2025-01-06 | 8.1 High |
| User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing. The SaaS AI assistant ignores hidden content that is rendered after signing, misleading the user. For reference see: CVE-2024-52276 This issue affects DocuSign: through 2024-12-04. | ||||
| CVE-2024-55896 | 2025-01-06 | 5.4 Medium | ||
| IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames. This vulnerability could allow an attacker to gain improper access and perform unauthorized actions on the system. | ||||
| CVE-2024-7019 | 1 Google | 1 Chrome | 2025-01-02 | 4.3 Medium |
| Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2023-7282 | 1 Google | 1 Chrome | 2025-01-02 | 4.3 Medium |
| Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2023-7281 | 1 Google | 1 Chrome | 2025-01-02 | 4.3 Medium |
| Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-7020 | 1 Google | 1 Chrome | 2025-01-02 | 4.3 Medium |
| Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2024-49040 | 1 Microsoft | 1 Exchange Server | 2025-01-01 | 7.5 High |
| Microsoft Exchange Server Spoofing Vulnerability | ||||
| CVE-2024-43461 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2024-12-31 | 8.8 High |
| Windows MSHTML Platform Spoofing Vulnerability | ||||
| CVE-2024-38197 | 1 Microsoft | 1 Teams | 2024-12-31 | 6.5 Medium |
| Microsoft Teams for iOS Spoofing Vulnerability | ||||
| CVE-2024-38112 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-12-31 | 7.5 High |
| Windows MSHTML Platform Spoofing Vulnerability | ||||
| CVE-2024-38082 | 1 Microsoft | 1 Edge | 2024-12-31 | 4.7 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2024-38093 | 1 Microsoft | 1 Edge | 2024-12-31 | 4.3 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2024-30055 | 2024-12-31 | 5.4 Medium | ||
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2023-7011 | 1 Google | 1 Chrome | 2024-12-26 | 6.5 Medium |
| Inappropriate implementation in Picture in Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-23708 | 1 Google | 1 Android | 2024-12-17 | 9.8 Critical |
| In multiple functions of NotificationManagerService.java, there is a possible way to not show a toast message when a clipboard message has been accessed. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||