CVE-2026-11666

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

PT-2026-47492

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description Insufficient validation of untrusted input allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, via a crafted HT...

SUSE CVE-2026-11192

Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. Chromium security severity: Medium...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from improper implementation of the file input feature, which could allow remote attackers to exploit UI deception through...

SUSE CVE-2026-8015

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2026-27476 RustFly 2.0.0 Command Injection via UDP Remote Control

RustFly 2.0.0 contains a command injection vulnerability in its remote UI control mechanism that accepts hex-encoded instructions over UDP port 5005 without proper sanitization. Attackers can send crafted hex-encoded payloads containing system commands to execute arbitrary operations on the targe...

Bixat RustFly 操作系统命令注入漏洞

Bixat RustFly is a cross-platform remote control tool developed by the Moroccan company Bixat. Version Bixat RustFly 2.0.0 contains a vulnerability related to operating system command injection. This vulnerability arises from the improper handling of hexadecimal-encoded commands received via UDP...

EUVD-2006-4668

Malware in sbrugna...

EUVD-2023-12856

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-5109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation of unload handler handling in permission prompts in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remot...

Linux Distros Unpatched Vulnerability : CVE-2017-5083

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacke...

CVE-2023-0858

Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger unauthorized access to the product. :Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier...

The vulnerability of the Full Screen Mode implementation of the Google Chrome browser, which allows a hacker to alter the content of the user interface

The vulnerability of Google Chrome’s full-screen mode implementation is related to errors in data type mixing. Exploiting this vulnerability allows a malicious actor to modify the content of the user interface remotely by using a specially crafted HTML page...

SUSE CVE-2017-5083

Inappropriate implementation in Blink in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a remote attacker to display UI on a non attacker controlled tab via a crafted HTML page...

The vulnerability of the Mozilla Firefox browser, related to access control deficiencies, allows attackers to modify the user interface.

The vulnerability of the Mozilla Firefox browser is related to access control deficiencies. Exploiting this vulnerability allows a malicious actor to modify the user interface remotely...

Malicious Package

Overview remote-ui is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Malicious code in remote-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2fcb162e726d16a6a879f1638e37d2ff333ad217f5c75decb034d9b8330a9167 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

chromium-browser: Excessive permissions for private API in Extensions

Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page...

Canon PIXMA MG7500 Printer Cross-Site Request Forgery Vulnerability

The Canon PIXMA MG7500 is an inkjet MFP from Canon Japan.Remote UI is one of the remote user interface... A cross-site request forgery vulnerability exists in the Remote UI of the Canon PIXMA MG7500 printer, which can be exploited by a remote attacker to perform unauthorized operations...

PIXMA MG7500 Series vulnerable to cross-site request forgery

Overview PIXMA MG7500 Series provided by Canon Inc. contain a cross-site request forgery vulnerability. TOMITA Ryo of Fukuoka Junior High School attached to the Fukuoka University of Education FUE reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...