Lucene search
K

52 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Composer

Composer is a dependency manager for the PHP programming language. Integrators who use Composer code to call VcsDriver::getFileContent may encounter a code injection vulnerability if the user can control the $file or $identifier arguments. This vulnerability is documented on packagist.org, where...

8.8CVSS8.2AI score0.01841EPSS
Exploits0References2
OSV
OSV
added 2026/01/28 8:16 p.m.7 views

AZL-78939 CVE-2025-68119 affecting package golang 1.25.7-1

Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial hg installed, downloading modules from non-standard sources e.g., custom domains can cause unexpected code execution due to how external VCS commands are constructed. This iss...

7CVSS6.4AI score0.00335EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.4 views

MiracleLinux 7 : mercurial-2.6.2-7.el7 (AXEA:2017-1725:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXEA:2017-1725:01 advisory. - In Mercurial before 4.1.3, hg serve --stdio allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by...

9CVSS7.9AI score0.21512EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-0017

Malware in sbrugna...

8.8CVSS8.6AI score0.04832EPSS
Exploits0References19
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-4280

Malware in sbrugna...

5CVSS6.2AI score0.02695EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-0094

Malware in sbrugna...

9.1CVSS7.5AI score0.02687EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-0098

Malware in sbrugna...

9.1CVSS9AI score0.02033EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-0029

Malware in sbrugna...

7.5CVSS7.1AI score0.04199EPSS
Exploits1References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-0097

Malware in sbrugna...

7.5CVSS8.5AI score0.02087EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.1 views

EUVD-2016-0015

Malware in sbrugna...

8.8CVSS7.1AI score0.04953EPSS
Exploits0References26
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2016-0016

Malware in sbrugna...

8.8CVSS7.1AI score0.02655EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-0096

Malware in sbrugna...

9.8CVSS7.5AI score0.02643EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-0070

Malware in sbrugna...

7.5CVSS7.5AI score0.04815EPSS
Exploits1References15
EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2022-1665

Malicious code in bioql PyPI...

5.9CVSS5.8AI score0.00814EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2017-0072

Malicious code in bioql PyPI...

10CVSS7.6AI score0.06331EPSS
Exploits0References15
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/15 7:4 a.m.6 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for August 2025.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 25.0.0-IF001 Vulnerability Details CVEID:CVE-2023-5752 DESCRIPTION: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be us...

9.8CVSS7.3AI score0.0124EPSS
Exploits1Affected Software1
Redos
Redos
added 2025/06/24 12:0 a.m.5 views

ROS-20250624-07

A vulnerability in the Mercurial version control software tool is related to insufficient data cleansing, provided by the user. Exploitation of the vulnerability could allow an attacker acting remotely to perform cross-site scripting XSS attacks. remotely to perform cross-site scripting XSS attac...

5.3CVSS6.1AI score0.00486EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/11/22 12:13 a.m.2 views

SUSE CVE-2023-5752

When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how and which...

3.3CVSS6.8AI score0.00476EPSS
Exploits0References8
OSV
OSV
added 2023/10/25 6:17 p.m.8 views

AZL-39958 CVE-2023-5752 affecting package python3 for versions less than 3.12.3-1

When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how and which...

3.3CVSS6.7AI score0.00476EPSS
Exploits0References1
OSV
OSV
added 2023/10/25 6:17 p.m.5 views

AZL-60006 CVE-2023-5752 affecting package python3 for versions less than 3.9.19-14

When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how and which...

3.3CVSS6.7AI score0.00476EPSS
Exploits0References1
Rows per page
Query Builder