Lucene search
K

36603 matches found

CNNVD
CNNVD
added 2026/02/25 12:0 a.m.10 views

WordPress plugin Advanced Woo Labels 代码注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

8.8CVSS6.2AI score0.00553EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/24 5:0 p.m.21 views

CVE-2026-27156 NiceGUI has XSS via Code Injection

NiceGUI is a Python-based UI framework. Prior to version 3.8.0, several NiceGUI APIs that execute methods on client-side elements Element.runmethod, AgGrid.rungridmethod, EChart.runchartmethod, and others use an eval fallback in the JavaScript-side runMethod function. When user-controlled input i...

6.1CVSS0.00163EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/24 5:0 p.m.1 views

CVE-2026-27156 NiceGUI has XSS via Code Injection

NiceGUI is a Python-based UI framework. Prior to version 3.8.0, several NiceGUI APIs that execute methods on client-side elements Element.runmethod, AgGrid.rungridmethod, EChart.runchartmethod, and others use an eval fallback in the JavaScript-side runMethod function. When user-controlled input i...

6.1CVSS5.8AI score0.00163EPSS
Exploits0References2
OSV
OSV
added 2026/02/24 5:0 p.m.5 views

CVE-2026-27156 NiceGUI has XSS via Code Injection

NiceGUI is a Python-based UI framework. Prior to version 3.8.0, several NiceGUI APIs that execute methods on client-side elements Element.runmethod, AgGrid.rungridmethod, EChart.runchartmethod, and others use an eval fallback in the JavaScript-side runMethod function. When user-controlled input i...

6.1CVSS5.9AI score0.00163EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/24 3:34 p.m.9 views

ImageMagick: Code Injection via PostScript header in ps coders

The ps encoders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a malicious file and inject arbitrary PostScript code. When the resulting file is processed by a printer or a viewer like Ghostscript, the...

5.7CVSS5.7AI score0.00161EPSS
Exploits0References5Affected Software18
Github Security Blog
Github Security Blog
added 2026/02/24 12:31 p.m.9 views

Apache Airflow vulnerable to Code Injection in the web-server context via LogTemplate table

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

8.4CVSS6.7AI score0.01134EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/02/24 12:31 p.m.3 views

GHSA-R837-HPV7-PC2F Apache Airflow vulnerable to Code Injection in the web-server context via LogTemplate table

DAG Author who already has quite a lot of permissions could manipulate database of Airflow 2 in the way to execute arbitrary code in the web-server context, which they should normally not be able to do, leading to potentially remote code execution in the context of web-server server-side as a...

8.4CVSS6.6AI score0.01134EPSS
Exploits0References5
NVD
NVD
added 2026/02/24 1:16 a.m.9 views

CVE-2026-25797

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...

5.7CVSS0.00161EPSS
Exploits0References1
NVD
NVD
added 2026/02/24 1:16 a.m.9 views

CVE-2025-9120

Improper Control of Generation of Code 'Code Injection' vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8....

8.6CVSS0.00158EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/24 1:1 a.m.5 views

Arbitrary Code Injection

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/24 1:1 a.m.3 views

CVE-2026-25797 ImageMagick vulnerable to Code injection via PostScript header in ps coders

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...

5.7CVSS6.1AI score0.00161EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/24 1:1 a.m.2 views

Arbitrary Code Injection

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.3 views

Arbitrary Code Injection

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.4 views

Arbitrary Code Injection

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.6 views

Arbitrary Code Injection

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.3 views

Arbitrary Code Injection

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.4 views

Arbitrary Code Injection

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.5 views

Arbitrary Code Injection

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.4 views

Arbitrary Code Injection

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.6 views

Arbitrary Code Injection

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Rows per page
Query Builder