CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

112 matches found

OSV•added 2023/06/16 1:15 a.m.•1 views

CVE-2023-32026

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability...

7.8CVSS7.2AI score0.00722EPSS

Exploits0References1

CNNVD•added 2023/06/15 12:0 a.m.•5 views

Microsoft OLE Automation Remote code 安全漏洞

Microsoft OLE Automation Remote code is a software application from Microsoft Corporation USA. An automation software. A security vulnerability exists in Microsoft OLE Automation Remote code, which stems from allowing remote code execution and affects the following products and versions:Microsoft...

7.8CVSS8.3AI score0.00722EPSS

Exploits0References4

Positive Technologies•added 2023/04/11 12:0 a.m.•3 views

PT-2023-2437 · Microsoft · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft WDAC OLE DB provider for SQL Server affected versions not specified Description: The issue exists due to insufficient input validation in the OLE DB driver for SQL Server in the Windows operating system. This allows a remote attacke...

10CVSS9.7AI score0.01463EPSS

Exploits0References5

BDU FSTEC•added 2023/01/31 12:0 a.m.•3 views

The vulnerability of the WDAC OLE DB component for SQL Server on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the WDAC OLE DB component for SQL Server on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.2AI score0.01376EPSS

Exploits0References2

OSV•added 2022/11/30 1:15 p.m.•29 views

CVE-2022-24441

The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the applicatio...

8.8CVSS7.8AI score

Exploits0References7

Prion•added 2022/11/30 1:15 p.m.•22 views

Code injection

6.8CVSS7.1AI score0.00718EPSS

Exploits2References7Affected Software3

Positive Technologies•added 2022/11/30 12:0 a.m.•3 views

PT-2022-16699 · Microsoft +2 · Visual Studio +3

Name of the Vulnerable Software and Affected Versions: snyk versions prior to 1.1064.0 VS Code versions prior to 1.9.0 IntelliJ versions prior to 2.4.48 Visual Studio versions prior to 1.1.31 Eclipse versions prior to v20221115.132308 Language Server versions prior to v20221109.114426 Description...

8.8CVSS9.4AI score0.00718EPSS

Exploits1References12

Positive Technologies•added 2022/11/29 12:0 a.m.•3 views

PT-2022-6762 · Unknown · Csharp-Language-Server-Protocol

Name of the Vulnerable Software and Affected Versions: csharp-language-server-protocol versions up to 0.19.6 Description: The issue is related to the function CreateSerializerSettings of the JSON Serializer component, which can lead to resource consumption when manipulated. This can potentially...

7.5CVSS4.5AI score0.00718EPSS

Exploits0References8

BDU FSTEC•added 2022/09/14 12:0 a.m.•2 views

The vulnerability of the Language Server Protocol plugin for the text editor Kate allows a hacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Language Server Protocol plugin for the text editor Kate is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures...

10CVSS7.2AI score0.00881EPSS

Exploits0References13Affected Software4

Snyk•added 2022/06/23 9:24 a.m.•2 views

Malicious Package

Overview vro-language-server is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packa...

9.8CVSS7AI score

Exploits0References3

OSSF Malicious Packages•added 2022/05/31 1:31 p.m.•2 views

Malicious code in vro-language-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 674b9e5c2006629ab31bca90331eb52fd95dfcbb998b11b281e433c3ed721dad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSV•added 2022/05/31 1:31 p.m.•11 views

MAL-2022-6970 Malicious code in vro-language-server (npm)

7AI score

Exploits0References1

OpenVAS•added 2022/02/26 12:0 a.m.•17 views

Fedora: Security Advisory for nodejs-bash-language-server (FEDORA-2022-7cca5b6d38)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.8AI score0.0158EPSS

Exploits1References2

CNNVD•added 2022/02/18 12:0 a.m.•4 views

LemMinX 路径遍历漏洞

LemMinX is an open source Xml language server from the Eclipse Foundation. It can be used with any editor that supports the protocol, thus providing good support for the Xml language. A security vulnerability exists in LemMinX that stems from a directory traversal flaw found in versions of LemMin...

6.5CVSS6.5AI score0.00981EPSS

Exploits0References3

OSV•added 2022/02/11 6:15 p.m.•1 views

DEBIAN-CVE-2022-23853

The LSP Language Server Protocol plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a given type. If this binary is absent from the PATH, it will try running the LSP server binary in the directory of the file th...

7.8CVSS7.4AI score0.00881EPSS

Exploits0References1

OSV•added 2022/02/11 6:15 p.m.•24 views

CVE-2022-23853

7.8CVSS6.8AI score

Exploits0References3