EUVD-2021-2957

Malicious code in bioql PyPI...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update (Important) (RHSA-2025:16487)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16487 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

CVE-2024-31869

Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "non-sensitive-only" was set as "webserver.exposeconfig" configuration The celery provider is the only community provider...

Inaba Denki Sangyo Wi-Fi AP UNIT 操作系统命令注入漏洞

The Inaba Denki Sangyo Wi-Fi AP UNIT is a Wi-Fi AP unit from Inaba Denki Sangyo, a Japanese company. An OS command injection vulnerability exists in Inaba Denki Sangyo Wi-Fi AP UNIT v2.0.03P and earlier versions, which originates from an OS command injection on the WEB UI settings page and could...

Design/Logic Flaw

The 1E-Exchange-DisplayMessageinstruction that is part of the End-User Interaction product pack available on the 1E Exchange does not properly validate the Caption or Message parameters, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This...

DEBIAN-CVE-2022-1484

Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-1484

Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2022-1484

Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-1484

CVE-2022-1484 refers to a heap buffer overflow in the Web UI Settings component of Google Chrome before 101.0.4951.41. The vulnerability could allow a remote attacker to potentially trigger heap corruption by presenting a crafted HTML page, with impact described as high for confidentiality, integ...

Malicious Package

Overview @seller-ui/settings is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packa...

MAL-2022-580 Malicious code in @seller-ui/settings (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4674644c2014b06237b7b57625ef3df259e929582417222203faa014af763046 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @seller-ui/settings (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4674644c2014b06237b7b57625ef3df259e929582417222203faa014af763046 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Mageia: Security Advisory (MGASA-2022-0158)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

chrome is vulnerable to denial of service. The vulnerability exists due to a Heap buffer overflow in Web UI Settings which allows an attacker to cause an application crash...

KLA12519 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 30 security fixes, including: 1313905 High CVE-2022-1477: Use after free in Vulkan. Reported by SeongHwan Park SeHwa on 2022-04-06 1299261 High CVE-2022-1478: Use after free in SwiftShader. Reported by SeongHwan Park SeHwa on 2022-02-20 1305190 High...

CVE-2021-0338

In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

Out-of-bounds

In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

CVE-2021-0338

In SystemSettingsValidators, there is a possible permanent denial of service due to missing bounds checks on UI settings. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...

CVE-2019-9380

CVE-2019-9380 affects Android 10, specifically a spoofing vulnerability in the Settings UI due to a missing permission check in the Framework. The underlying issue could allow a user to inadvertently change permission settings without additional execution privileges. Exploitation requires user in...