MAL-2025-146590 Malicious code in procyon-element-ui-uninstall-less (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5c9482de78b8db351be096255e8d470475ac1af6f9f421925c5db2d0e149ddd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140372 Malicious code in canopus-rollup-semantic-ui-heka (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5103f0a8650f4e9f282e4b3f6b488dc1bca436344cd8eaa9a147741e10b363f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123536

Malicious code in postcss-cz-conventional-changelog-nova-element-ui npm...

EUVD-2025-120097

Malicious code in yonder-corvus-semantic-ui-forever npm...

CVE-2025-65002

Fujitsu / Fsas Technologies iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is exactly 16 characters...

PT-2025-46684

Name of the Vulnerable Software and Affected Versions Fujitsu iRMC S6 on M5 versions prior to 1.37S Description The software mishandles Redfish/WebUI access when a username with a length of exactly 16 characters is used. The issue affects access through the Redfish API and the WebUI. The vulnerab...

Fujitsu iRMC 安全漏洞

Fujitsu iRMC is an integrated remote management controller from Fujitsu Japan. A security vulnerability exists in the Fujitsu iRMC that stems from improper handling of usernames up to 16 characters in length, which could lead to Redfish/WebUI access issues...

CVE-2025-12728

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-12434

Race in Storage in Google Chrome on Windows prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-32011

A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to run arbitrary commands via the user interface. This user interface can be used via the network and allows the execution of commands as administrative application use...

EUVD-2024-29849

A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to run arbitrary commands via the user interface. This user interface can be used via the network and allows the execution of commands as administrative application use...

CVE-2024-32011

CVE-2024-32011 affects Siemens Spectrum Power 4 (all versions

EUVD-2025-93423

Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network...

KLA90002 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Race condition vulnerability in the...

KLA90004 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions...

Malicious Package

Overview @walletwave/ui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2025-50844

Malicious code in @walletwave/ui npm...

Malicious code in @walletwave/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15e6b9673bf6056f0f870d3aa6ad6c4e83ef1a3bf3b58a601dc9cae80d673390 The package @walletwave/ui was found to contain malicious code. Source: ghsa-malware 42ec23f1a72e982a80ced819057ca03a0d26999dc6b7417343456de67a35ec46...

EUVD-2025-50792

Incorrect security UI in Fullscreen UI in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

EUVD-2025-50776

Race in Storage in Google Chrome on Windows prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...