8009 matches found
CVE-2019-25695
R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...
PT-2026-32162
R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the...
Chromium: CVE-2026-5895 Incorrect security UI in Omnibox
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-5891 Insufficient policy enforcement in browser UI
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-5880 Incorrect security UI in browser UI
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-5878 Incorrect security UI in Blink
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-21603
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-33119
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-33119
User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
GHSA-X462-JJPC-Q4Q4 PraisonAI: Cross-Origin Agent Execution via Hardcoded Wildcard CORS and Missing Authentication on AGUI Endpoint
Summary The AGUI endpoint POST /agui has no authentication and hardcodes Access-Control-Allow-Origin: on all responses. Combined with Starlette/FastAPI's Content-Type-agnostic JSON parsing, any website a victim visits can silently trigger arbitrary agent execution against a locally-running AGUI...
PraisonAI: Hardcoded `approval_mode="auto"` in Chainlit UI Overrides Administrator Configuration, Enabling Unapproved Shell Command Execution
Summary The Chainlit UI modules chat.py and code.py hardcode config.approvalmode = "auto" after loading administrator configuration from the PRAISONAPPROVALMODE environment variable, silently overriding any "manual" or "scoped" approval setting. This defeats the human-in-the-loop approval gate fo...
GHSA-QWGJ-RRPJ-75XM PraisonAI: Hardcoded `approval_mode="auto"` in Chainlit UI Overrides Administrator Configuration, Enabling Unapproved Shell Command Execution
Summary The Chainlit UI modules chat.py and code.py hardcode config.approvalmode = "auto" after loading administrator configuration from the PRAISONAPPROVALMODE environment variable, silently overriding any "manual" or "scoped" approval setting. This defeats the human-in-the-loop approval gate fo...
CVE-2026-5905
An incorrect security ui flaw was found in the Permissions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=483899628...
CVE-2026-5899
An incorrect security ui flaw was found in the History Navigation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=474817168...
CVE-2026-5891
An insufficient policy enforcement flaw was found in the browser UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=487471101...
CVE-2026-5880
An incorrect security ui flaw was found in the browser UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=424995036...
CVE-2026-5878
An incorrect security ui flaw was found in the Blink component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=365089001...
PT-2026-32047
Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description A user interface misrepresentation allows an attacker to perform spoofing over a network. Recommendations At the moment, there is no information about a newer version th...
Microsoft Edge 安全漏洞
Microsoft Edge is a web browser included with Windows 10 and later versions of the Microsoft operating system. There is a security vulnerability in Microsoft Edge, which stems from incorrect user interface representations of critical information, potentially leading to network spoofing attacks...
KLA90976 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, obtain sensitive information, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Heap...