CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

48 matches found

OSV•added 2021/04/25 3:15 a.m.•19 views

CVE-2021-30502

The unofficial vscode-ghc-simple aka Simple Glasgow Haskell Compiler extension before 0.2.3 for Visual Studio Code allows remote code execution via a crafted workspace configuration with replCommand...

9.8CVSS7.9AI score

Exploits0References4

NVD•added 2021/04/25 3:15 a.m.•6 views

CVE-2021-30502

9.8CVSS0.02899EPSS

Exploits0References4

Cvelist•added 2021/04/25 2:55 a.m.•11 views

CVE-2021-30502

9.9AI score0.02899EPSS

Exploits0References4

CVE•added 2021/04/25 2:55 a.m.•38 views

CVE-2021-30502

The CVE-2021-30502 entry concerns the unofficial vscode-ghc-simple (Simple Glasgow Haskell Compiler) extension for Visual Studio Code. Affected component: the extension’s workspace configuration handling via replCommand, which allows remote code execution. Impact: high/severe due to remote code e...

9.8CVSS9.7AI score0.02899EPSS

Exploits0References4Affected Software1

CNNVD•added 2021/04/24 12:0 a.m.•2 views

vscode-ghc-simple 安全漏洞

vscode-ghc-simple is a software application. A quick fix operation is provided. A security vulnerability exists in vscode-ghc-simple. The vulnerability allows remote code execution via a manual workspace configuration using replCommand...

9.8CVSS9.1AI score0.02899EPSS

Exploits0References5

CNVD•added 2021/04/22 12:0 a.m.•20 views

Lex Li vscode-restructuredtext access control error vulnerability

Lex Li vscode-restructuredtext is a Lex Li open source application. This extension provides rich reStructuredText language support for Visual Studio Code.An access control error vulnerability exists in versions prior to Lex Li vscode-restructuredtext 146.0.0, which stems from the inclusion of an...

9.8CVSS3.8AI score0.0163EPSS

Exploits0References1

OSV•added 2021/04/20 1:15 p.m.•12 views

CVE-2021-28793

vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration...

9.8CVSS7.4AI score

Exploits0References4

NVD•added 2021/04/20 1:15 p.m.•7 views

CVE-2021-28793

vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration...

9.8CVSS0.0163EPSS

Exploits0References4

Prion•added 2021/04/20 1:15 p.m.•18 views

Improper access control

vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration...

7.5CVSS9.5AI score0.0163EPSS

Exploits0References4Affected Software1

Cvelist•added 2021/04/20 12:36 p.m.•10 views

CVE-2021-28793

vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where a crafted project folder could execute arbitrary binaries via crafted workspace configuration...

9.8AI score0.0163EPSS

Exploits0References4

CNNVD•added 2021/04/20 12:0 a.m.•2 views

Lex Li vscode-restructuredtext 访问控制错误漏洞

9.8CVSS5.9AI score0.0163EPSS

Exploits0References4

Cvelist•added 2021/04/16 3:50 a.m.•12 views

CVE-2021-31414

The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration...

9.9AI score0.02414EPSS

Exploits0References2

CVE•added 2021/04/16 3:50 a.m.•81 views

CVE-2021-31414

CVE-2021-31414 affects the vscode-rpm-spec extension for Visual Studio Code (pre-0.3.2). The vulnerability enables remote code execution via a crafted workspace configuration. Multiple connected sources (NVD, Red Hat, OSV, CVE lists) confirm the issue and its impact, but detailed fix information ...

9.8CVSS9.7AI score0.02414EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/04/13 1:15 a.m.•14 views

CVE-2021-30503

The unofficial GLSL Linting extension before 1.4.0 for Visual Studio Code allows remote code execution via a crafted glslangValidatorPath in the workspace configuration...

9.9AI score0.02908EPSS

Exploits0References3

CNNVD•added 2021/04/12 12:0 a.m.•4 views

vscode-glsllint 安全漏洞

vscode-glsllint is an unofficial VSCode extension for open source. The extension supports lint's GLS OpenGL Shading Language. It uses the OpenGL and OpenGL ES shader validators to validate each shader type supported by glslangValidator. A security vulnerability exists in vscode-glsllint versions...

9.8CVSS9.1AI score0.02908EPSS

Exploits0References4

CNVD•added 2021/04/06 12:0 a.m.•6 views

VSCodeVim Remote Code Execution Vulnerability

VSCodeVim is the Vim emulator for Visual Studio Code. A remote code execution vulnerability exists in VSCodeVim versions prior to 1.19.0, which can be exploited by an attacker to execute arbitrary code via a specially crafted workspace configuration...

7.8CVSS8.2AI score0.01223EPSS

Exploits0References1

OSV•added 2021/04/05 7:15 a.m.•12 views

CVE-2021-29261

The unofficial Svelte extension before 104.8.0 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace configuration...

7.8CVSS7.9AI score

Exploits0References5

NVD•added 2021/04/05 7:15 a.m.•13 views

CVE-2021-29261

The unofficial Svelte extension before 104.8.0 for Visual Studio Code allows attackers to execute arbitrary code via a crafted workspace configuration...

7.8CVSS0.01238EPSS

Exploits0References5

OSV•added 2021/04/05 7:15 a.m.•10 views

CVE-2021-28832

VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via a crafted workspace configuration...

7.8CVSS7.7AI score

Exploits0References3

NVD•added 2021/04/05 7:15 a.m.•9 views

CVE-2021-28832

VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via a crafted workspace configuration...

7.8CVSS0.01223EPSS

Exploits0References3