Fallos del tipo CWE-451
231 resultadosCVE-2024-52269HIGHAI Assistant PDF Document Spoofing in DocuSignEPSS 0.3%CVE-2026-32971HIGHOpenClaw < 2026.3.11 - Node-Host Approval UI Mismatch Allows Execution of Unintended CommandsEPSS 0.3%CVE-2026-0906CRITICALIncorrect security UI in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to spoof the contents of the Omnibox (UREPSS 0.3%CVE-2025-3523MEDIUMUser Interface (UI) Misrepresentation of attachment URLEPSS 0.3%CVE-2026-11019MEDIUMInappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised thEPSS 0.3%CVE-2025-62224MEDIUMMicrosoft Edge (Chromium-based) for Android Spoofing VulnerabilityEPSS 0.3%CVE-2024-7020MEDIUMInappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafEPSS 0.3%CVE-2024-7019MEDIUMInappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in speciEPSS 0.3%CVE-2025-8041MEDIUMIncorrect URL truncation in Firefox for AndroidEPSS 0.3%CVE-2025-3074MEDIUMInappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a craEPSS 0.3%CVE-2025-3073MEDIUMInappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage inEPSS 0.3%CVE-2025-3072MEDIUMInappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engageEPSS 0.3%CVE-2026-34258MEDIUMContent Spoofing vulnerability in SAPUI5 (Search UI)EPSS 0.2%CVE-2025-32371MEDIUMUnexpected external content may be displayed in DNN ImageHandlerEPSS 0.2%CVE-2025-31951HIGHHCL BigFix RunBookAI is affected by a Unvalidated Command Input / Potential Command Smuggling vulnerabilityEPSS 0.2%CVE-2025-9865MEDIUMInappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user toEPSS 0.2%CVE-2026-0907CRITICALIncorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HEPSS 0.2%CVE-2024-38313MEDIUMIn certain scenarios a malicious website could attempt to display a fake location URL bar which could mislead users as to the actual websiteEPSS 0.2%CVE-2025-11720HIGHSpoofing risk in Android custom tabsEPSS 0.2%CVE-2025-43712LOWJHipster before v.8.9.0 allows privilege escalation via a modified authorities parameter. Upon registering in the JHipster portal and logginEPSS 0.2%