ReportizFlow
Filtered by vendor
Subscriptions
Total
574 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-26418 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2025-03-01 | 4.6 Medium |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||
| CVE-2023-38173 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 4.3 Medium |
| Microsoft Edge for Android Spoofing Vulnerability | ||||
| CVE-2023-36883 | 1 Microsoft | 1 Edge | 2025-02-28 | 4.3 Medium |
| Microsoft Edge for iOS Spoofing Vulnerability | ||||
| CVE-2023-36769 | 1 Microsoft | 1 Onenote | 2025-02-28 | 4.6 Medium |
| Microsoft OneNote Spoofing Vulnerability | ||||
| CVE-2023-35392 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 4.7 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2023-29334 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 4.3 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2023-24935 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 6.1 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2023-24892 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 8.2 High |
| Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability | ||||
| CVE-2023-21794 | 1 Microsoft | 1 Edge Chromium | 2025-02-28 | 4.3 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2021-31209 | 1 Microsoft | 1 Exchange Server | 2025-02-28 | 6.5 Medium |
| Microsoft Exchange Server Spoofing Vulnerability | ||||
| CVE-2021-31195 | 1 Microsoft | 1 Exchange Server | 2025-02-28 | 6.5 Medium |
| Microsoft Exchange Server Remote Code Execution Vulnerability | ||||
| CVE-2022-48349 | 1 Huawei | 2 Emui, Harmonyos | 2025-02-24 | 9.1 Critical |
| The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability. | ||||
| CVE-2023-0816 | 1 Strategy11 | 1 Formidable Form Builder | 2025-02-19 | 6.5 Medium |
| The Formidable Forms WordPress plugin before 6.1 uses several potentially untrusted headers to determine the IP address of the client, leading to IP Address spoofing and bypass of anti-spam protections. | ||||
| CVE-2024-3843 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-02-13 | 4.6 Medium |
| Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2024-23832 | 1 Joinmastodon | 1 Mastodon | 2025-02-13 | 9.4 Critical |
| Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account. Every Mastodon version prior to 3.5.17 is vulnerable, as well as 4.0.x versions prior to 4.0.13, 4.1.x version prior to 4.1.13, and 4.2.x versions prior to 4.2.5. | ||||
| CVE-2023-3128 | 2 Grafana, Redhat | 3 Grafana, Ceph Storage, Enterprise Linux | 2025-02-13 | 9.4 Critical |
| Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. | ||||
| CVE-2023-34329 | 1 Ami | 1 Megarac Sp-x | 2025-02-13 | 8.4 High |
| AMI MegaRAC SPx12 contains a vulnerability in BMC where a User may cause an authentication bypass by spoofing the HTTP header. A successful exploit of this vulnerability may lead to loss of confidentiality, integrity, and availability. | ||||
| CVE-2023-31424 | 1 Broadcom | 1 Brocade Sannav | 2025-02-13 | 8.1 High |
| Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote unauthenticated users to bypass web authentication and authorization. | ||||
| CVE-2023-42843 | 5 Apple, Fedoraproject, Redhat and 2 more | 10 Ios And Ipados, Ipad Os, Iphone Os and 7 more | 2025-02-13 | 7.5 High |
| An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, macOS Sonoma 14.1. Visiting a malicious website may lead to address bar spoofing. | ||||
| CVE-2023-37207 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2025-02-13 | 6.5 Medium |
| A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13. | ||||