Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-451

CWE-451

User Interface (UI) Misrepresentation of Critical Information

Parent: CWE-684 - Incorrect Provision of Specified Functionality

The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.

230 vulnerabilities with CWE-451

CVE-2023-0130 MEDIUM

Google Chrome < 109.0.5414.74 - URL Spoofing via Fullscreen API

CVE-2022-45404 MEDIUM

Firefox ESR < 102.5, Thunderbird < 102.5, Firefox < 107 - SSRF

CVE-2022-34479 MEDIUM

Firefox <102, Firefox ESR <91.11, Thunderbird <102, Thunderbird <91...

CVE-2022-26383 MEDIUM

Firefox < 98.0, Firefox ESR < 91.7, and Thunderbird < 91.7 - Fullscreen Notification Bypass via Popup Resizing

CVE-2022-22762 MEDIUM

Firefox < 97.0 - User Interface Misrepresentation via JavaScript Alert Overlay

CVE-2022-20530 MEDIUM

Android 13 - Unauthenticated Information Disclosure via Misleading Permission String

CVE-2022-38163 LOW

F-Secure SAFE Browser <19.0 - Spoof

CVE-2022-3313 MEDIUM

Google Chrome < 106.0.5249.62 - Security UI Spoofing via Full Screen Mode

CVE-2022-39258 HIGH

mailcow < 2022-09 - Open Redirect via Spoofed Swagger Authorize Link

CVE-2022-32816 MEDIUM

iPadOS < 15.6 - User Interface Spoofing via Malicious Website Framing

CVE-2022-2800 MEDIUM

SourceCodester Gym Management System - XSS

CVE-2022-23646 MEDIUM

Next.js 10.0.0-12.0.9 - User Interface Misrepresentation via SVG Image Host Configuration

CVE-2021-27773 MEDIUM

Hcltech HCL Sametime Meeting Chat - Clickjacking

CVE-2021-27414 MEDIUM

Hitachi ABB Power Grids Ellipse EAM <9.0.25 - CSRF

CVE-2021-41598 HIGH

GitHub Enterprise Server - Info Disclosure

CVE-2021-33593 MEDIUM

Whale < 1.14.0 - Address Bar Spoofing via UI Misrepresentation

CVE-2021-22866 HIGH

GitHub Enterprise Server - Privilege Escalation

CVE-2020-9236 HIGH

Huawei FusionCompute - User Interface Misrepresentation of Critical Information

CVE-2020-7371 MEDIUM

Yandex Browser <3.3.9 - Info Disclosure

CVE-2020-7370 MEDIUM

Bolt Browser < 1.4 - Address Bar Spoofing

CVE-2020-7369 MEDIUM

Yandex Browser < 20.8.4 - Address Bar Spoofing

CVE-2020-7364 MEDIUM

UCWeb UC Browser <13.0.8 - Info Disclosure

CVE-2020-7363 MEDIUM

UCWeb UC Browser <13.0.8 - Info Disclosure

CVE-2020-10775 MEDIUM

ovirt-engine <4.4 - Open Redirect

CVE-2019-25718 HIGH

Drger Infinity Explorer C700 - Privilege Escalation via Kiosk Mode Dialog Interaction

Previous Page 9 of 10 Next

Details

Vulnerabilities 230

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy