CWE-451: CWE-451

A timing vulnerability in Firefox, Firefox ESR, and Thunderbird allows attackers to manipulate popup notification delays, tricking users into granting...

This CVE describes a UI misrepresentation vulnerability in GitHub Enterprise Server where GitHub Apps could gain additional user-level permissions wit...

This CVE describes a UI misrepresentation vulnerability in GitHub Enterprise Server where users granting authorization to GitHub Apps might unknowingl...

This vulnerability allows attackers to execute arbitrary code on Microsoft Windows systems by tricking users into opening malicious .LNK files. The fl...

This Android vulnerability allows malicious apps to access clipboard content without triggering the normal toast notification, enabling local privileg...

This vulnerability in Microsoft Exchange Server allows attackers to spoof email addresses, potentially enabling phishing attacks or bypassing email se...

This vulnerability in Windows MSHTML platform allows attackers to spoof content in web pages, potentially tricking users into performing unintended ac...

This vulnerability in Google Chrome allows attackers to trick users into interacting with fake UI elements by convincing them to perform specific gest...

This vulnerability allows attackers to create deceptive UI elements that appear legitimate but perform malicious actions. It affects users of Google C...

This vulnerability allows attackers to perform UI spoofing in Chrome's Picture-in-Picture feature. By convincing users to perform specific UI gestures...

This vulnerability allows an attacker to spoof information in Microsoft Edge for Android's user interface, potentially tricking users into believing t...

This vulnerability allows malicious websites to use Unicode Right-to-Left Override (RTLO) characters to spoof filenames in Firefox for iOS downloads U...

This CVE describes a FaceTime caller ID spoofing vulnerability in Apple operating systems. An attacker can manipulate the caller ID displayed during F...

This vulnerability in Focus for iOS allows attackers to spoof websites by tricking users into opening malicious links through the contextual menu. Whe...

This Safari vulnerability allows malicious websites to spoof the address bar, making users believe they're on a legitimate site when they're actually ...

A spoofing vulnerability in Firefox Focus for Android's address bar component allows attackers to display malicious URLs that appear legitimate. This ...

This vulnerability in Google Chrome's FileSystemAccess API allows attackers to create deceptive user interface elements that trick users into granting...

This vulnerability allows attackers to create fake UI elements in Chrome for Android that appear legitimate, potentially tricking users into clicking ...

This vulnerability in Microsoft Teams for iOS allows attackers to spoof content, potentially tricking users into interacting with malicious links or i...

This vulnerability allows malicious websites to partially obscure security permission prompts using the date picker interface, potentially tricking us...

This vulnerability in Google Chrome's Picture-in-Picture implementation allows attackers to spoof the URL bar (Omnibox) content via a malicious HTML p...

This vulnerability in Thunderbird email client causes misleading hover text when emails contain multiple attachments with external links. Only the las...

This vulnerability in Google Chrome allows attackers to spoof website domains through crafted HTML pages when users perform specific UI gestures. It a...

This vulnerability allows attackers to spoof website domains in Chrome's address bar on Android devices by tricking users into performing specific UI ...

This vulnerability allows attackers to trick users into interacting with fake UI elements by convincing them to perform specific gestures on a malicio...

This vulnerability in Microsoft Edge (Chromium-based) allows unauthorized attackers to perform spoofing attacks over a network. Attackers can trick us...

This vulnerability in Microsoft Edge for Android allows an attacker to spoof user interface elements, potentially tricking users into revealing sensit...

This vulnerability allows attackers to trick users into interacting with fake UI elements in Chrome's file input interface. Users who visit malicious ...

This vulnerability allows attackers to spoof user interface elements in Chrome on Android, potentially tricking users into interacting with malicious ...

This vulnerability in Google Chrome allows attackers to spoof website domains through manipulated digital credential security interfaces. Users who vi...

LINE for Android versions before 14.20 has a UI spoofing vulnerability where the full-screen security notification disappears when switching apps and ...

This vulnerability allows attackers to spoof website domains in Google Chrome on Android by tricking users into performing specific UI gestures on a m...

This vulnerability in IBM Datacap Navigator allows attackers to perform clickjacking attacks. By tricking users into visiting malicious websites, atta...

This vulnerability allows attackers to spoof UI elements in Chrome's Custom Tabs feature by tricking users into performing specific gestures on a mali...

This vulnerability allows attackers to spoof download UI elements in Google Chrome, tricking users into believing malicious downloads are legitimate. ...

This vulnerability allows an attacker to spoof UI elements in Microsoft Edge, potentially tricking users into interacting with malicious content disgu...

This CVE describes a UI misrepresentation vulnerability in OpenText Directory Services that allows cache poisoning. An attacker can inject manipulated...

This CVE describes a UI spoofing vulnerability in Microsoft Exchange Server where an unauthorized attacker can manipulate the user interface to misrep...

Firefox for Android displayed URLs incorrectly by truncating from the end instead of showing the origin first, potentially hiding malicious domains. T...

Microsoft Edge for iOS and Android contains a spoofing vulnerability that could allow an attacker to display misleading content in the browser interfa...

Multiple Home Gateway/Hikari Denwa routers from NTT East Corporation are vulnerable to insufficient access restrictions on Device Setting pages. Attac...

This vulnerability in Google Chrome's Downloads feature allows attackers to create deceptive download interfaces through malicious HTML pages. Users w...

The LINE iOS app's in-app browser has an address bar spoofing vulnerability that allows attackers to display trusted URLs while running malicious Java...

This vulnerability in Microsoft Edge for iOS allows attackers to spoof user interface elements, potentially tricking users into revealing sensitive in...

This CVE describes a UI misrepresentation vulnerability in Drupal core that allows content spoofing. Attackers can manipulate the user interface to di...

This vulnerability allows attackers to spoof user interface elements in Google Chrome on Android by tricking users into visiting malicious web pages. ...