Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/09/05 4:22 a.m.18 views

CVE-2025-58176

Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. In versions 0.9.0 through 0.9.3, there is a one-click Remote Code Execution vulnerability triggered through a custom url value, transport in the JSON object. An attacker can exploit the...

8.8CVSS8.2AI score0.07702EPSS
Exploits1References1
CVE
CVE
added 2025/09/03 3:52 a.m.22 views

CVE-2025-58176

CVE-2025-58176 affects Dive (open-source MCP Host Desktop Application). Vulnerable versions: 0.9.0–0.9.3. A one-click Remote Code Execution vulnerability arises from improper handling of a custom URL value, transport, within a JSON object. An attacker can trigger code execution when a victim visi...

8.8CVSS7.6AI score0.07702EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/04/27 12:0 a.m.33 views

QuickJS 安全漏洞

QuickJS is a small and embeddable Javascript engine open-sourced by QuickJS. A security vulnerability exists in QuickJS 0.9.0 and earlier versions, which stems from a lack of length checking in JSReadString, and may result in a heap buffer overflow...

5.6CVSS5.9AI score0.00247EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2022/12/22 12:0 a.m.3 views

PT-2022-8728 · Is.Js · Is.Js

Name of the Vulnerable Software and Affected Versions: is.js versions 0.9.0 and prior Description: is.js is a general-purpose check library that contains one or more regular expressions vulnerable to Regular Expression Denial of Service ReDoS. The library uses a regex to validate URLs, which can...

7.5CVSS7.3AI score0.00866EPSS
Exploits1References7
Rows per page
Query Builder