Lucene search
+L

187 matches found

Positive Technologies
Positive Technologies
added 2025/07/01 12:0 a.m.5 views

PT-2025-27571 · Restdb · Codehooks-Mcp-Server

Name of the Vulnerable Software and Affected Versions: RestDB's Codehooks.io MCP Server versions prior to 0.2.2 Description: The issue is related to a command injection vulnerability in the MCP Server tools definition and implementation. This could result in a user-initiated remote command...

8.6CVSS6.9AI score0.01297EPSS
Exploits0References8
Snyk
Snyk
added 2025/06/05 6:30 a.m.3 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection through multiple vector store integrations. An attacker can read and write data using SQL, potentially leading to unauthorized access to data of other users depending on the usage of the library in a web application...

9.8CVSS8AI score0.00581EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/05/24 12:0 a.m.5 views

Process Sync 资源管理错误漏洞

Process Sync is an application for multi-process environments by Andrei Odintsov, a personal developer. A resource management error vulnerability exists in Process Sync version 0.2.2, which stems from a missing pthreadmutex unlock check...

2.9CVSS6.5AI score0.00297EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 2:2 a.m.12 views

CVE-2023-33665

ai-dev aitable before v0.2.2 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php...

9.8CVSS8.3AI score0.00519EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 p.m.10 views

CVE-2022-36152

tifig v0.2.2 was discovered to contain a memory leak via operator new at /asan/asannewdelete.cpp...

5.5CVSS7.3AI score0.00287EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/17 11:7 p.m.24 views

CVE-2025-26919

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tainacan Tainá taina allows Stored XSS.This issue affects Tainá: from n/a through 0.2.5...

6.5CVSS6.9AI score0.00252EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/15 9:53 p.m.7 views

CVE-2025-26919 WordPress Tainá plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tainacan Tainá taina allows Stored XSS.This issue affects Tainá: from n/a through 0.2.5...

6.5CVSS6.9AI score0.00252EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/04/14 11:40 p.m.5 views

autoxx (>=0.0.11 <=0.0.13), vuln-demo-math-ops (=1.0.0) potentially affected by CVE-2025-31490 via agpt (=0.2.2)

agpt PYPI version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on agpt and may be impacted: - autoxx =0.0.11, =0.0.13 - vuln-demo-math-ops =1.0.0 Source cves: CVE-2025-31490 Source advisory: SNYK:PYTHON-AGPT-9802320...

7.5CVSS5.8AI score0.00472EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/04/11 6:17 p.m.21 views

CVE-2025-32494

Cross-Site Request Forgery CSRF vulnerability in bozdoz reCAPTCHA Jetpack recaptcha-jetpack allows Cross Site Request Forgery.This issue affects reCAPTCHA Jetpack: from n/a through = 0.2.2...

4.3CVSS7.2AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/09 12:0 a.m.5 views

WordPress plugin reCAPTCHA Jetpack 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

4.3CVSS6.1AI score0.00197EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/02 2:8 p.m.4 views

WordPress Tainá plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Theme Tainá versions 0.2.5...

6.5CVSS6.1AI score0.00252EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.6 views

agentverse (=0.1.8.1), airoboros (=2.1.1) +35 more potentially affected by CVE-2024-11603 via fschat (>=0.2.2 <=0.2.36)

fschat PYPI version =0.2.2, =0.3.0, =0.0.1, =1.1.0, =0.1.1, =0.1.1, =0.9.0.8, =0.1.1, =0.1.8 and more Source cves: CVE-2024-11603 Source advisory: SNYK:PYTHON-FSCHAT-9553181...

7.5CVSS7AI score0.00646EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.5 views

agentverse (=0.1.8.1), airoboros (=2.1.1) +35 more potentially affected by CVE-2024-10907 via fschat (>=0.2.2 <=0.2.36)

fschat PYPI version =0.2.2, =0.3.0, =0.0.1, =1.1.0, =0.1.1, =0.1.1, =0.9.0.8, =0.1.1, =0.1.8 and more Source cves: CVE-2024-10907 Source advisory: OSV:GHSA-QG86-F892-M4HJ...

7.5CVSS7AI score0.00642EPSS
Exploits1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.5 views

ComfyUI 跨站请求伪造漏洞

ComfyUI is one of the most powerful and modular diffusion model GUIs and backends from comfyanonymous individual developers. A cross-site request forgery vulnerability exists in ComfyUI v0.2.2 and prior versions, which stems from insufficient CSRF protection and could lead to unauthorized API...

6.5CVSS6.5AI score0.00208EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/02/21 12:0 a.m.5 views

PT-2025-7447 · Unknown · White-Jotter

Name of the Vulnerable Software and Affected Versions: White-Jotter version 0.2.2 Description: An issue in the shiroFilter function allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL. Recommendations: Update to a newer version of White-Jotter that...

7.6CVSS6.5AI score0.00493EPSS
Exploits1References7
OSV
OSV
added 2025/02/21 12:0 a.m.2 views

CVE-2024-57176

An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL...

7.6CVSS7.2AI score0.00493EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/02/07 12:0 a.m.3 views

WordPress plugin Graceful Email Obfuscation 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

6.5CVSS8.1AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 2:28 a.m.7 views

CVE-2025-22338

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lichwang WP-tagMaker tagmaker allows Reflected XSS.This issue affects WP-tagMaker: from n/a through = 0.2.2...

7.1CVSS7.2AI score0.0038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:10 a.m.10 views

CVE-2024-38525

dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...

7.5CVSS6.9AI score0.00431EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:45 a.m.8 views

CVE-2024-49609

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Brandon White Author Discussion author-discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through = 0.2.2...

8.8CVSS5.9AI score0.00432EPSS
Exploits0References1
Rows per page
Query Builder