Lucene search
K

232 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-42794

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00922EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-49270

Malicious code in bioql PyPI...

6.9CVSS4.9AI score0.00409EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-38921

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00935EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-51773

Malicious code in bioql PyPI...

8.9CVSS7.8AI score0.00695EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-37572

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00394EPSS
Exploits1References2
NVD
NVD
added 2025/08/15 4:15 a.m.5 views

CVE-2025-9008

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/smssetting.php. The manipulation of the argument uname leads to sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS0.00387EPSS
Exploits1References5
CVE
CVE
added 2025/08/15 4:2 a.m.32 views

CVE-2025-9008

The CVE-2025-9008 entry concerns itsourcecode Online Tour and Travel Management System 1.0. Vulnerability: SQL injection via the uname parameter in the file /admin/sms_setting.php, allowing remote exploitation. Multiple connected sources corroborate the same flaw, with impact described as high fo...

9.8CVSS7.6AI score0.00387EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.4 views

itsourcecode Online Tour and Travel Management System 注入漏洞

itsourcecode Online Tour and Travel Management System is itsourcecode open source an online tour and travel management system . An injection vulnerability exists in version 1.0 of itsourcecode Online Tour and Travel Management System, which is caused by incorrect manipulation of the parameter una...

9.8CVSS7.8AI score0.00387EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.4 views

Microsoft GitHub Copilot and Visual Studio 命令注入漏洞

GitHub Copilot is an AI-driven code assistant developed by Microsoft, widely used in Visual Studio Code, Visual Studio and other development environments, providing intelligent code completion and generation services for millions of developers worldwide. Microsoft GitHub Copilot remote code...

7.8CVSS8.8AI score0.02559EPSS
Exploits2References1
OSV
OSV
added 2025/08/05 12:12 a.m.3 views

CVE-2025-54130 Cursor Agent is vulnerable prompt injection via Editor Special Files

Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions less than 1.3.9. If the file is a dotfile, editing it requires approval but creating a new one doesn't. Hence, if sensitive editor files, such as the...

7.5CVSS7.4AI score0.00251EPSS
Exploits0References3
CVE
CVE
added 2025/08/05 12:11 a.m.74 views

CVE-2025-54135

Cursor before v1.3.9 allows prompt-injection via MCP MCP server data to auto-run and write to ~/.cursor/mcp.json, enabling RCE when processing external content. Affected: Cursor AI code editor (Cursor) in-workspace file writes without user approval; dotfiles require approval but new dotfiles do n...

9.8CVSS6.7AI score0.01719EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/07/31 12:0 a.m.22 views

CVE-2025-26062

CVE-2025-26062 describes an access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 that allows unauthenticated access to the router’s settings file and potential exposure of sensitive information. Affected products are Intelbras RX1500 (v2.2.9) and RX3000 (v1.0.11). The root cause is ...

9.8CVSS6.2AI score0.01043EPSS
Exploits2References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/07 5:57 p.m.5 views

CVE-2025-53536 Roo Code allows Potential Remote Code Execution via .vscode/settings.json

Roo Code is an AI-powered autonomous coding agent. Prior to 3.22.6, if the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. There were multiple ways to achieve that. One example is with...

8.1CVSS7.7AI score0.00656EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/07 12:0 a.m.7 views

Roo Code 安全漏洞

Roo Code is an AI-based autonomous coding agent from Roo Code. A security vulnerability exists in Roo Code versions prior to 3.22.6, which stems from an attacker being able to submit a prompt to write to a VS Code settings file and trigger code execution, potentially leading to remote code...

8.1CVSS7.8AI score0.00656EPSS
Exploits0References4
OSV
OSV
added 2025/06/05 2:15 p.m.5 views

CVE-2025-5661

A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part of the file /save-settings.php of the component Setting Handler. The manipulation of the argument sitename leads to cross site scripting. It is...

5.4CVSS3.7AI score0.00268EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/06/05 1:31 p.m.8 views

CVE-2025-5661 code-projects Traffic Offense Reporting System Setting save-settings.php cross site scripting

A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part of the file /save-settings.php of the component Setting Handler. The manipulation of the argument sitename leads to cross site scripting. It is...

4.8CVSS6.2AI score0.00268EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/06/03 12:0 a.m.10 views

Cisco Meraki Settings

This plugin configures the Cisco Meraki Integration. TRUSTED...

7AI score
Exploits0
CNNVD
CNNVD
added 2025/06/02 12:0 a.m.4 views

Juzaweb CMS 安全漏洞

Juzaweb CMS is a content management system developed by Juzaweb Individual Developer based on the Laravel framework and Web platform. A security vulnerability exists in Juzaweb CMS 3.4.2 and earlier versions, which stems from improper access control in the file /admin-cp/setting/system/general...

6.5CVSS6.4AI score0.0035EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/05/24 12:0 a.m.4 views

Teledyne FLIR AX8 命令注入漏洞

Teledyne FLIR AX8 is a U.S. etc are products of the U.S. Teledyne FLIR company.Teledyne FLIR AX8 is a series of thermal surveillance cameras.TanStack form etc are products of the TanStack open source. form is a form status manager.FLIR AX8 etc are products of the U.S. FLIR AX8 is a thermal sensor...

9CVSS8.9AI score0.04673EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/05/23 8:53 a.m.6 views

CVE-2024-41347

openflights commit 5234b5b is vulnerable to Cross-Site Scripting XSS via php/settings.php...

6.1CVSS6AI score0.00278EPSS
Exploits1References1
Rows per page
Query Builder