PT-2026-45777

Name of the Vulnerable Software and Affected Versions transmission versions prior to 4.1.2 Description A clickjacking weakness exists in the browser-facing WebUI and RPC response paths. Clickjacking is a technique where an attacker uses transparent or opaque layers to trick a user into clicking o...

CVE-2026-38978

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths...

Chromium: CVE-2026-5891 Insufficient policy enforcement in browser UI

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-5880 Incorrect security UI in browser UI

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-5891

An insufficient policy enforcement flaw was found in the browser UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=487471101...

CVE-2026-5880

An incorrect security ui flaw was found in the browser UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=424995036...

SUSE CVE-2026-5891

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-5880

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-5891

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-5891

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-5891

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

EUVD-2005-2261

Malware in sbrugna...

EUVD-2025-6094

Malicious code in bioql PyPI...

Chromium: CVE-2025-1917 Inappropriate Implementation in Browser UI

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

The vulnerability in the Browser UI interface of Microsoft Edge and Google Chrome allows a perpetrator to disclose protected information.

The vulnerability of the Browser UI interface of Microsoft Edge and Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information through a specially created HTML page...

PT-2024-3928 · Google +6 · Google Chrome +6

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 125.0.6422.141 Microsoft Edge affected versions not specified Description: The issue is related to an out of bounds memory access in the Browser UI, specifically in the Keyboard Inputs component, which could...

PT-2024-12317 · Ibm · Ibm Connect:Express For Unix

Name of the Vulnerable Software and Affected Versions: IBM Connect:Express for UNIX version 1.5.0 Description: The issue is related to a buffer overflow that could allow a remote attacker to cause a denial of service through the browser UI. Recommendations: For IBM Connect:Express for UNIX versio...

Security Bulletin: IBM Sterling Connect:Direct Browser User Interface has multiple vulnerabilities due to IBM Java

Summary Sterling Connect:Direct Browser User Interface uses IBM® Runtime Environment Java™ Versions. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE...

Security Bulletin: IBM Sterling Connect:Direct Browser User Interface has multiple vulnerabilities due to IBM Java

Summary Sterling Connect:Direct Browser User Interface uses IBM® Runtime Environment Java™ Versions. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM compone...

Security Bulletin: IBM Sterling Connect:Direct Browser User Interface is vulnerable to multiple vulnerabilities due to Eclipse Jetty

Summary IBM Sterling Connect:Direct Browser User Interface uses Eclipse Jetty server. Vulnerability Details CVEID:CVE-2023-41900 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by improper authentication validation when using the...