Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-451

CWE-451

User Interface (UI) Misrepresentation of Critical Information

Parent: CWE-684 - Incorrect Provision of Specified Functionality

The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.

230 vulnerabilities with CWE-451

CVE-2025-0729 MEDIUM

TP-Link TL-SG108E <1.0.0 Build 20201208 Rel. 40304 - Clickjacking

CVE-2025-21262 MEDIUM

Microsoft Edge (Chromium-based) - Info Disclosure

CVE-2025-0446 MEDIUM

Google Chrome < 132.0.6834.83 - UI Spoofing via Crafted Chrome Extension

CVE-2025-0435 MEDIUM

Google Chrome < 132.0.6834.83 - UI Spoofing via Crafted HTML Page

CVE-2025-21314 MEDIUM

Windows SmartScreen - Spoofing

CVE-2024-7021 MEDIUM

Google Chrome < 124.0.6367.60 - UI Spoofing via Autofill

CVE-2024-13178 MEDIUM

Google Chrome < 128.0.6613.84 - UI Spoofing via Fullscreen Implementation

CVE-2024-11919 MEDIUM

Google Chrome < 129.0.6668.58 - UI Spoofing via Crafted HTML Page

CVE-2024-6429 MEDIUM

WSO2 API Manager and Identity Server - Content Spoofing via Error Message URL Parameter

CVE-2024-39730 MEDIUM

IBM Datacap Navigator <9.1.7-9.1.9 - CSRF

CVE-2024-9163 LOW

GitLab CE/EE <17.10.7-18.0.1 - Info Disclosure

CVE-2024-54558 LOW

iPadOS < 18.0 - Clickjacking via Photo Library Access Prompt

CVE-2024-55896 MEDIUM

IBM PowerHA SystemMirror - Info Disclosure

CVE-2024-55889 MEDIUM

phpMyFAQ < 3.2.10 - Unauthenticated File Download via FAQ Record Iframe Embed

CVE-2024-52271 HIGH

Documenso <1.8.0 - Content Spoofing

CVE-2024-52270 HIGH

DropBox Sign(HelloSign) <2024-12-04 - Content Spoofing

CVE-2024-52269 HIGH

DocuSign <2024-12-04 - Content Spoofing

CVE-2024-52277 HIGH

DocuSeal <= 1.8.1 - Content Spoofing via Layered Document Rendering

CVE-2024-52276 HIGH

DocuSign < 2024-12-04 - Content Spoofing via Layer Flattening Misrepresentation

CVE-2024-49040 HIGH

Microsoft Exchange Server - Spoofing via UI Misrepresentation

CVE-2024-51749 LOW

Element Web < 1.11.85 - User Interface Misrepresentation via Thumbnail Coherence Bypass

CVE-2024-47044 MEDIUM

NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION - Info Disclosure

CVE-2024-7020 MEDIUM

Google Chrome < 124.0.6367.60 - UI Spoofing via Autofill

CVE-2024-7019 MEDIUM

Google Chrome < 124.0.6367.60 - UI Spoofing via Crafted HTML Page

CVE-2024-8909 MEDIUM

Google Chrome <129.0.6668.58 - CSRF

Previous Page 7 of 10 Next

Details

Vulnerabilities 230

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy