35 matches found
Google Chrome Code Problem Vulnerability (CNVD-2025-29238)
Google Chrome is a web browser developed by Google. A security vulnerability exists in the compositing feature in Google Chrome prior to version 140.0.7339.80, which stems from a flaw in the compositing module's handling of UI elements. The vulnerability can be exploited by an attacker to conduct...
Malicious Package
Overview stack-ui-elements is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2017-14126
Malware in sbrugna...
EUVD-2019-16105
Malware in sbrugna...
EUVD-2009-1705
Malware in sbrugna...
Malicious code in stack-ui-elements (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 66262375a5142a638e5136470ae879b4dd162eb13af82e5e86aecbc1d04f17cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47908 Malicious code in stack-ui-elements (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 66262375a5142a638e5136470ae879b4dd162eb13af82e5e86aecbc1d04f17cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ysb-ui-elements (npm)
The package ysb-ui-elements was found to contain malicious code...
MAL-2025-40631 Malicious code in ysb-ui-elements (npm)
The package ysb-ui-elements was found to contain malicious code...
Malicious code in grabcad-ui-elements (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee52ce65db4a7eae9515a5809a148be63f55d250702390c261cd05e173132799 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5918 Malicious code in grabcad-ui-elements (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee52ce65db4a7eae9515a5809a148be63f55d250702390c261cd05e173132799 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Microsoft Edge (Chromium-Based) Spoofing And Security Feature Bypass Vulnerabilities - Mar24
Microsoft Edge Chromium-Based is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Malicious code in ui-elements-icons (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6568bed59e9443e40fb7b6c1799dfd3b4fa16bb1356a0dbec8a81249a75c59b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Jenkins CSRF protection bypass vulnerability
Jenkins provides context menus for various UI elements, like links to jobs and builds, or breadcrumbs. In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of context actions. If part of the URL includes insufficiently escaped user-provided value...
SUSE CVE-2017-5016
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a remote attacker to show certain UI elements on a page they don't control via a crafted HTML page...
CVE-2022-3895
The CVE-2022-3895 entry describes a cross-site scripting (XSS) vulnerability in the Common UI Component: some UI elements do not properly sanitize output, enabling arbitrary HTML. Affected software is the Common User Interface Component (BlueSpice context implied by related records); root cause i...
Cross-Site Scripting (XSS)
@instructure/ui-elements is vulnerable to cross-site scripting XSS attacks. The vulnerability exists due to lack of proper truncation of texts in argument Text in 'Truncator.js' , allowing an attacker to inject malicious scripts...
Code injection
GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements...
CVE-2019-6546
GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements...
CVE-2017-5016
Blink in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, failed to prevent certain UI elements from being displayed by non-visible pages, which allowed a remote attacker to show certain UI elements on a page they don't control via a crafted HTML page...