Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ui desktop vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-35257
A local privilege escalation vulnerability in UI Desktop for Windows (Version 0.55.1.2 and previous versions) allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM.
Ui Desktop
7.8
CVSSv3
CVE-2023-28122
A local privilege escalation (LPE) vulnerability in UI Desktop for Windows (Version 0.59.1.71 and previous versions) allows a malicious actor with local access to a Windows device running said application to submit arbitrary commands as SYSTEM.This vulnerability is fixed in Versi...
Ui Desktop
5.5
CVSSv3
CVE-2023-28123
A permission misconfiguration in UI Desktop for Windows (Version 0.59.1.71 and previous versions) could allow an user to hijack VPN credentials while UID VPN is starting.This vulnerability is fixed in Version 0.62.3 and later.
Ui Desktop
5.5
CVSSv3
CVE-2023-28124
Improper usage of symmetric encryption in UI Desktop for Windows (Version 0.59.1.71 and previous versions) could allow users with access to UI Desktop configuration files to decrypt their content.This vulnerability is fixed in Version 0.62.3 and later.
Ui Desktop
NA
CVE-2012-6662
Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI prior to 1.10.0 allows remote malicious users to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the aut...
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Hpc Node 7.0
Jqueryui Jquery Ui 1.10.0
3.3
CVSSv3
CVE-2014-1420
On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. StateSaver would also open files without the O_EXCL flag. An attacker could exploit this to launch a symlink attack, though this is...
Canonical Ubuntu-ui-toolkit
6.1
CVSSv3
CVE-2023-23942
The Nextcloud Desktop Client is a tool to synchronize files from a Nextcloud Server with your computer. Versions before 3.6.3 are missing sanitisation on qml labels which are used for basic HTML elements such as `strong`, `em` and `head` lines in the UI of the desktop client. The...
Nextcloud Desktop
NA
CVE-2014-1480
The file-download implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 does not properly restrict the timing of button selections, which allows remote malicious users to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, vi...
Opensuse Opensuse 11.4
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Server 11
Suse Linux Enterprise Software Development Kit 11
Oracle Solaris 11.3
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 13.10
Mozilla Firefox
Mozilla Seamonkey
4.3
CVSSv3
CVE-2017-5083
Inappropriate implementation in Blink in Google Chrome before 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote malicious user to display UI on a non attacker controlled tab via a crafted HTML page.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
4.3
CVSSv3
CVE-2017-5079
Inappropriate implementation in Blink in Google Chrome before 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote malicious user to display UI on a non attacker controlled tab via a crafted HTML page.
Google Chrome
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »