PT-2025-33674 · Genealogy · Genealogy

Name of the Vulnerable Software and Affected Versions: Genealogy versions prior to 4.4.0 Description: Genealogy is a family tree PHP application susceptible to an authenticated stored cross-site scripting XSS issue. Attackers with valid credentials can execute arbitrary JavaScript code within...

Linux Distros Unpatched Vulnerability : CVE-2024-3958

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allow...

Linux Distros Unpatched Vulnerability : CVE-2020-13311

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Wiki was vulnerable to a parser attack that prohibits anyone from accessing...

Linux Distros Unpatched Vulnerability : CVE-2018-6070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension...

Linux Distros Unpatched Vulnerability : CVE-2021-39910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 14.3.6, all versions starting from 14.4 before 14.4.4, all version...

Linux Distros Unpatched Vulnerability : CVE-2022-32816

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved UI handling. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. Visiting a...

Linux Distros Unpatched Vulnerability : CVE-2020-11054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user,...

AUTOVR: Automated UI Exploration for Detecting Sensitive Data Flow Exposures in Virtual Reality Apps

The rise of Virtual Reality VR has provided developers with an unprecedented platform for creating games and applications apps that require distinct inputs, different from those of conventional devices like smartphones. The Meta Quest VR platform, driven by Meta, has democratized VR app publishin...

CVE-2025-36088

IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and 1.10.00-F00 web GUI is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...

Linux Distros Unpatched Vulnerability : CVE-2020-14876

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite component: User Interface. Supported versions that are affected are 12.1.1 -...

CVE-2025-32932

An Improper neutralization of input during web page generation 'cross-site scripting' vulnerability CWE-79 in FortiSOAR version 7.6.1 and below, version 7.5.1 and below, 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions WEB UI may allow an authenticated remo...

gulu-ui (>=0.0.6 <=0.0.7) potentially affected by unknown CVE via dev-test (=0.0.1-security)

dev-test NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on dev-test and may be impacted: - gulu-ui =0.0.6, =0.0.7 Source cves: unknown CVE Source advisory: OSV:MAL-2025-18345...

MAL-2025-16791 Malicious code in channels-ui (npm)

The package channels-ui was found to contain malicious code...

MAL-2025-26192 Malicious code in mensa-supervisor-coronalmassejection-semantic-ui (npm)

The package mensa-supervisor-coronalmassejection-semantic-ui was found to contain malicious code...

MAL-2025-40210 Malicious code in yamsafer-ui (npm)

The package yamsafer-ui was found to contain malicious code...

Malicious code in @frozen-ui/utils (npm)

The package @frozen-ui/utils was found to contain malicious code...

Malicious code in blaze-ui-components-site (npm)

The package blaze-ui-components-site was found to contain malicious code...

Malicious code in element-ui-rate-limiter-archaeogenetics-prosthetics (npm)

The package element-ui-rate-limiter-archaeogenetics-prosthetics was found to contain malicious code...

Malicious code in semantic-ui-mongodb-proxima-lynx (npm)

The package semantic-ui-mongodb-proxima-lynx was found to contain malicious code...

Malicious code in @sbanken/ui-global-test (npm)

The package @sbanken/ui-global-test was found to contain malicious code...