browser-interaction-time-demo (=99.9.9) potentially affected by unknown CVE via browser-interaction-time-utils (=1.0.0)

browser-interaction-time-utils NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on browser-interaction-time-utils and may be impacted: - browser-interaction-time-demo =99.9.9 Source cves: unknown CVE Source advisory:...

Malicious code in browser-interaction-time-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1f501a0eb27e6959abc3bfd105408bdbd74a0f0e1f97bb22ee881dbd5d9dac6 The package browser-interaction-time-utils was found to contain malicious code. Source: ghsa-malware...

MAL-2026-3786 Malicious code in browser-interaction-time-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1f501a0eb27e6959abc3bfd105408bdbd74a0f0e1f97bb22ee881dbd5d9dac6 The package browser-interaction-time-utils was found to contain malicious code. Source: ghsa-malware...

Malicious code in browser-interaction-time-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a76de4d97b4cff539b3c8793eae793a10581fc4379395a8d2528ab85eb098bd5 The package browser-interaction-time-demo was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview browser-interaction-time-demo is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

browser-interaction-time-demo (=99.9.9) potentially affected by unknown CVE via browser-interaction-time-utils (=1.0.0)

browser-interaction-time-utils NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on browser-interaction-time-utils and may be impacted: - browser-interaction-time-demo =99.9.9 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3786...

MAL-2026-3785 Malicious code in browser-interaction-time-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a76de4d97b4cff539b3c8793eae793a10581fc4379395a8d2528ab85eb098bd5 The package browser-interaction-time-demo was found to contain malicious code. Source: ghsa-malware...

Missing Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Missing Authorization in the browser interaction routes process. An attacker can access unauthorized internal or external resources by bypassing policy enforcement through existing...

GHSA-536Q-MJ95-H29H OpenClaw: Browser press/type interaction routes missed complete navigation guard coverage

Summary Browser press/type interaction routes missed complete navigation guard coverage. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.10 Impact Some browser press/type style interactions could trigger navigation without complete post-action SSRF...

HCL Unica Platform 安全漏洞

HCL Unica Platform is an advanced enterprise automation marketing platform developed by the Indian company HCL. It allows for the handling of daily marketing tasks without human intervention, while also capturing the most effective potential customers. There is a security vulnerability in HCL Uni...

EUVD-2025-201749

In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48618

In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48618

In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48618

In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-404254549

In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-43495

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A flaw exists in the Framework component of Android operating systems due to insufficient input validation. This could allow an attacker to escalate privileges. Specifically, the issue reside...

EUVD-2012-4328

Malware in sbrugna...

CVE-2024-43801 Privilege escalation to admin from a low-privileged user via SVG upload in Jellyfin

Jellyfin is an open source self hosted media server. The Jellyfin user profile image upload accepts SVG files, allowing for a stored XSS attack against an admin user via a specially crafted malicious SVG file. When viewed by an admin outside of the Jellyfin Web UI e.g. via "view image" in a...

GLSA-200708-01 : Macromedia Flash Player: Remote arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-200708-01 Macromedia Flash Player: Remote arbitrary code execution Mark Hills discovered some errors when interacting with a browser for keystrokes handling CVE-2007-2022. Stefano Di Paola and Giorgio Fedon from Minded Security...