EUVD-2026-4194

Malicious code in @alluxio/common-ui npm...

EUVD-2022-43231

Malicious code in bioql PyPI...

CVE-2024-52302

common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture. This endpoint allows file uploads without proper...

PT-2024-35165 · Unknown · Common-User-Management

Name of the Vulnerable Software and Affected Versions: common-user-management affected versions not specified Description: The issue concerns a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture, which allows file uploads without proper validation or...

CVE-2023-25646

There is an unauthorized access vulnerability in ZTE H388X. If H388X is caused by brute-force serial port cracking,attackers with common user permissions can use this vulnerability to obtain elevated permissions on the affected device by performing specific operations...

@oneuptime/common-server (>=7.0.141 <=7.0.1814), @oneuptime/common-ui (>=7.0.141 <=7.0.1814) +1 more potentially affected by CVE-2024-29194 via @oneuptime/model (>=7.0.141 <=7.0.1814)

@oneuptime/model NPM version =7.0.141, =7.0.141, =7.0.141, =7.0.141, =7.0.1769 Source cves: CVE-2024-29194 Source advisory: OSV:GHSA-246P-XMG8-WMCQ...

CVE-2023-41779

There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed...

CVE-2023-41779 Illegal Memory Access Vulnerability of ZTE's ZXCLOUD iRAI

There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed...

CVE-2023-41779 Illegal Memory Access Vulnerability of ZTE's ZXCLOUD iRAI

There is an illegal memory access vulnerability of ZTE's ZXCLOUD iRAI product.When the vulnerability is exploited by an attacker with the common user permission, the physical machine will be crashed...

PT-2024-12969 · Zte · Zxcloud Irai

Name of the Vulnerable Software and Affected Versions: ZXCLOUD iRAI affected versions not specified Description: There is an illegal memory access issue in ZTE's ZXCLOUD iRAI product. When exploited by an attacker with common user permission, the physical machine will crash. Recommendations: At t...

NVIDIA GPU Display Driver 缓冲区错误漏洞

NVIDIA GPU Display Driver is a driver software from NVIDIA Corporation that is used for interactive support of graphics card display modules in operating systems. A security vulnerability exists in NVIDIA GPU Display Driver that originates from a common user that could result in an out-of-bounds...

CVE-2022-3895

Some UI elements of the Common User Interface Component are not properly sanitizing output and therefore prone to output arbitrary HTML XSS...

CVE-2022-3895

Some UI elements of the Common User Interface Component are not properly sanitizing output and therefore prone to output arbitrary HTML XSS...

Design/Logic Flaw

Some UI elements of the Common User Interface Component are not properly sanitizing output and therefore prone to output arbitrary HTML XSS...

CVE-2022-3895 Potential XSS in common user interface component library

Some UI elements of the Common User Interface Component are not properly sanitizing output and therefore prone to output arbitrary HTML XSS...

PT-2022-24624 · Unknown · Common User Interface

Name of the Vulnerable Software and Affected Versions: Common User Interface Component affected versions not specified Description: The issue is related to some UI elements of the Common User Interface Component not properly sanitizing output, making them prone to output arbitrary HTML, which can...

BlueSpice 跨站脚本漏洞

BlueSpice is free Wiki software from BlueSpice based on the MediaWiki engine. BlueSpice suffers from a cross-site scripting vulnerability that stems from the fact that some of the UI elements of its Common User Interface component are not properly sanitized for output, and are therefore prone to...

CVE-2022-2511

Cross-site Scripting XSS vulnerability in the "commonuserinterface" component of BlueSpice allows an attacker to inject arbitrary HTML into a page using the title parameter of the call URL...

BlueSpice 跨站脚本漏洞

BlueSpice is free Wiki software from BlueSpice based on the MediaWiki engine. A security vulnerability exists in the BlueSpice 4.x series of releases, which stems from a commonuserinterface component that allows an attacker to inject arbitrary HTML into a page using the title parameter of the...

Malicious code in @idse/common-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2cf8a80088e5eda0a3d5b7faca5cd4f36b1cc98345a383d657e4313e765efb4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...