Use of a Broken or Risky Cryptographic Algorithm

Overview flowise-ui is a Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the process that handles JWT secret assignment. An attacker can gain unauthorized access and impersonate any user, including administrators, by crafting valid JWTs usin...

EUVD-2025-115583

Malicious code in centauri-chakra-ui-upgrade-adonis npm...

Malicious code in @rce-web/ui-upgrade-dialog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57e62e8b0f953b91fb74e52a2d70374df46b221c1d7cc57bcc80e0671cf32796 The package @rce-web/ui-upgrade-dialog was found to contain malicious code. Source: ossf-package-analysis...

CVE-2025-4215 gorhill uBlock Origin UI 1p-filters.js currentStateChanged redos

A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as problematic. Affected is the function currentStateChanged of the file src/js/1p-filters.js of the component UI. The manipulation leads to inefficient regular expression complexity. It is possible to laun...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation presented by the remote server during a TLS connection. An attacker can intercept and potentially alter communications by positioning themselves between the client and the server. Note: This is only...

CVE-2022-25768 Improper Access Control in UI upgrade process

The logic in place to facilitate the update process via the user interface lacks access control to verify if permission exists to perform the tasks. Prior to this patch being applied it might be possible for an attacker to access the Mautic version number or to execute parts of the upgrade proces...

CVE-2022-25768 Improper Access Control in UI upgrade process

The logic in place to facilitate the update process via the user interface lacks access control to verify if permission exists to perform the tasks. Prior to this patch being applied it might be possible for an attacker to access the Mautic version number or to execute parts of the upgrade proces...

Improper Access Control

Overview Affected versions of this package are vulnerable to Improper Access Control due to the UI upgrade process. An attacker can access the version number or execute parts of the upgrade process without proper permissions. Note: As upgrading in the user interface is deprecated, this...

What’s New in InsightVM and Nexpose: Q3 2023 in Review

A lot of new and exciting product updates this quarter to help customers continue driving better security outcomes. We are thrilled to launch a new vulnerability risk scoring strategy this quarter along with upgrades like improved UI for the Engine Pool page, more policy coverage, and more. Let’s...

Error: "Your apps are not available at this time" after upgrading to the new Workspace UI

After upgrading to the new Workspace UI, Citrix Cloud end users are no longer able to access their resources and receive the message "Your apps are not available at this time."...