EUVD-2025-199112

Malicious code in @oku-ui/label npm...

Malicious code in @oku-ui/label (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26f863ed3157086df61430a6d4939470a4c8cbf6bca6ae11d98f34c0c2547e45 The package @oku-ui/label was found to contain malicious code. Source: ghsa-malware d98465139dc808cd01653e8f2eab11a773fcb7ce4d9e4a339cf0bb8c07c02320...

@oku-ui/primitives (>=0.0.1 <=0.6.1) potentially affected by unknown CVE via @oku-ui/label (=0.6.1)

@oku-ui/label NPM version =0.6.1 is affected by a known vulnerability. The following packages have a transitive dependency on @oku-ui/label and may be impacted: - @oku-ui/primitives =0.0.1, =0.6.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191039...

MAL-2025-191039 Malicious code in @oku-ui/label (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26f863ed3157086df61430a6d4939470a4c8cbf6bca6ae11d98f34c0c2547e45 The package @oku-ui/label was found to contain malicious code. Source: ghsa-malware d98465139dc808cd01653e8f2eab11a773fcb7ce4d9e4a339cf0bb8c07c02320...

Malicious code in @nativescript-community/ui-label (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a815032f1d690295898b5c01bd4d17cb73044eebda75187b2877e8299ded777a This package was compromised by the Shai-Hulud NPM worm. The malicious payload steal...

MAL-2025-47388 Malicious code in @nativescript-community/ui-label (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a815032f1d690295898b5c01bd4d17cb73044eebda75187b2877e8299ded777a This package was compromised by the Shai-Hulud NPM worm. The malicious payload steal...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

LEAD Technologies LEADTOOLS Heap Out-of-Bounds Write Vulnerability

LEAD Technologies LEADTOOLS is an image processing development kit from LEAD Technologies. A heap out-of-bounds write vulnerability exists in the UI label parsing functionality of the DICOM image format in LEADTOOLS 20.0.2019.3.15, which can be exploited by an attacker to achieve code execution v...

Description of the security update for Outlook 2013: June 13, 2017

Description of the security update for Outlook 2013: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

CVE-2012-6580

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's origin or interfere with encryption-policy auditin...