MAL-2025-191255 Malicious code in @oku-ui/dialog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25f15df16cf4e34ba65ddc24116d624b40ec91b0a9d12bacec8f2afd6ea3bc27 The package @oku-ui/dialog was found to contain malicious code. Source: google-open-source-security...

@oku-ui/alert-dialog (>=0.0.1 <=0.6.1), @oku-ui/dialog (>=0.4.0 <=0.6.1) +6 more potentially affected by unknown CVE via @oku-ui/portal (=0.6.1)

@oku-ui/portal NPM version =0.6.1 is affected by a known vulnerability. The following packages have a transitive dependency on @oku-ui/portal and may be impacted: - @oku-ui/alert-dialog =0.0.1, =0.4.0, =0.4.0, =0.6.0, =0.4.0, =0.4.0, =0.4.0-alpha.6, =0.4.0, =0.6.1 Source cves: unknown CVE Source...

EUVD-2025-199484

Malicious code in @oku-ui/dialog npm...

Malicious code in @oku-ui/dialog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25f15df16cf4e34ba65ddc24116d624b40ec91b0a9d12bacec8f2afd6ea3bc27 The package @oku-ui/dialog was found to contain malicious code. Source: google-open-source-security...

EUVD-2008-7266

Malware in sbrugna...

Malicious code in jquery-ui-dialog (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f1ac81ca06088c1af7f942bcd5c3e05a81ee19ded09f4417b8eea369da63f3c3 The OpenSSF Package Analysis project identified 'jquery-ui-dialog' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7743 Malicious code in jquery-ui-dialog (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f1ac81ca06088c1af7f942bcd5c3e05a81ee19ded09f4417b8eea369da63f3c3 The OpenSSF Package Analysis project identified 'jquery-ui-dialog' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

CVE-2008-7315

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands...

Command injection

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands...

UBUNTU-CVE-2008-7315

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands...

CVE-2008-7315

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands...

CVE-2008-7315

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands...

CVE-2008-7315

UI-Dialog 1.09 and earlier is affected by CVE-2008-7315, and multiple connected sources confirm that it allows remote attackers to execute arbitrary commands. The documents do not provide the underlying root cause details, impacted versions beyond 1.09 and earlier, or any remediation/patch inform...

CVE-2008-7315

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands...

CVE-2008-7315

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands...

FreeBSD : p5-UI-Dialog -- shell command execution vulnerability (00dadbf0-6f61-11e5-a2a1-002590263bf5)

Matthijs Kooijman reports : It seems that the whiptail, cdialog and kdialog backends apply some improper escaping in their shell commands, causing special characters present in menu item titles to be interpreted by the shell. This includes the backtick evaluation operator, so this constitutes a...

UBUNTU-CVE-2010-5312

Cross-site scripting XSS vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option...

SA-CONTRIB-2014-012- Modal Frame API - Cross Site Scripting (XSS)

This module enables provides an API to render an iframe within a modal dialog based on the jQuery UI Dialog plugin. You should not install this module unless another module requires you to, or you wish to use it for your own custom modules. The module doesn't sufficiently filter user supplied tex...

p5-UI-Dialog -- shell command execution vulnerability

Matthijs Kooijman reports: It seems that the whiptail, cdialog and kdialog backends apply some improper escaping in their shell commands, causing special characters present in menu item titles to be interpreted by the shell. This includes the backtick evaluation operator, so this constitutes a...