Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frame vulnerabilities and exploits
(subscribe to this query)
5
CVSSv3
CVE-2017-2516
An issue exists in certain Apple products. macOS prior to 10.12.5 is affected. The issue involves the "Kernel" component. It allows malicious users to bypass intended memory-read restrictions via a crafted app.
Apple Mac Os X
1 EDB exploit
6.1
CVSSv3
CVE-2015-6434
Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it easier for remote malicious users to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, aka Bug...
Cisco Prime Infrastructure 2.2\\(2\\)
6.5
CVSSv3
CVE-2017-2364
An issue exists in certain Apple products. iOS prior to 10.2.1 is affected. Safari prior to 10.0.3 is affected. The issue involves the "WebKit" component. It allows remote malicious users to bypass the Same Origin Policy and obtain sensitive information via a crafted we...
Apple Iphone Os
Apple Safari
1 EDB exploit
4.3
CVSSv3
CVE-2016-1474
Cisco Prime Infrastructure 2.2(2) does not properly restrict use of IFRAME elements, which makes it easier for remote malicious users to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-frame scripting (XFS)" issue, ...
Cisco Prime Infrastructure 2.2\\(2\\)
NA
CVE-2007-2399
WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone prior to 1.0.1 performs an "invalid type conversion", which allows remote malicious users to execute arbitrary code via unspecified frame sets that trigger memory corruption.
Apple Mac Os X Server 10.4.9
Apple Mac Os X 10.4.9
Apple Mac Os X Server 10.3.9
Apple Mac Os X 10.3.9
6.1
CVSSv3
CVE-2019-1975
A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote malicious user to execute a cross-frame scripting (XFS) attack on an affected device. This vulnerability is due to insufficient HTML iframe protection. An attacker could ...
Cisco Hyperflex Hx220c M5 Firmware
Cisco Hyperflex Hx220c M5 Firmware 4.0\\(1a\\)
Cisco Hyperflex Hx240c M5 Firmware 4.0\\(1a\\)
Cisco Hyperflex Hx240c M5 Firmware
Cisco Hyperflex Hx220c Af M5 Firmware
Cisco Hyperflex Hx220c Af M5 Firmware 4.0\\(1a\\)
Cisco Hyperflex Hx240c Af M5 Firmware
Cisco Hyperflex Hx240c Af M5 Firmware 4.0\\(1a\\)
Cisco Hyperflex Hx220c Edge M5 Firmware 4.0\\(1a\\)
Cisco Hyperflex Hx220c Edge M5 Firmware
NA
CVE-2014-2147
The web interface in Cisco Prime Infrastructure 2.1 and previous versions does not properly restrict use of IFRAME elements, which makes it easier for remote malicious users to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "c...
Cisco Prime Infrastructure
NA
CVE-2013-6698
The web interface on Cisco Wireless LAN Controller (WLC) devices does not properly restrict use of IFRAME elements, which makes it easier for remote malicious users to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a "cross-fram...
Cisco Wireless Lan Controller
6.1
CVSSv3
CVE-2017-12258
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote malicious user to execute a cross-frame scripting (XFS) attack. The vulnerability exists because the affected software does not provide sufficient protections for HT...
Cisco Unified Communications Manager -
6.1
CVSSv3
CVE-2018-0355
A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote malicious user to conduct a cross-frame scripting (XFS) attack against the user of the web UI of an affected system. The vulnerability is due to insufficient ...
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »