Lucene search
K

725 matches found

Snyk
Snyk
added 2026/02/24 1:1 a.m.2 views

Arbitrary Code Injection

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.3 views

Arbitrary Code Injection

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.4 views

Arbitrary Code Injection

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.6 views

Arbitrary Code Injection

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.4 views

Arbitrary Code Injection

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.3 views

Arbitrary Code Injection

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.4 views

Arbitrary Code Injection

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.5 views

Arbitrary Code Injection

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.4 views

Arbitrary Code Injection

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.6 views

Arbitrary Code Injection

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.7CVSS6.2AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/24 1:1 a.m.2 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in PostScript header processing. An attacker can execute malicious code by submitting a file that is processed by a printer or viewer. Workaround This vulnerability can be mitigated by disabling the PostScript P...

5.7CVSS5.8AI score0.00161EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/19 8:29 p.m.3 views

Arbitrary Code Injection

Overview dtale is a Web Client for Visualizing Pandas Objects Affected versions of this package are vulnerable to Arbitrary Code Injection via the /save-column-filter endpoint due to the improper validation of input to pandas' DataFrame.query used to construct Column filters. An attacker can...

9.8CVSS6.2AI score0.00712EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/19 7:34 p.m.5 views

Arbitrary Code Injection

Overview semantic-kernel is a Semantic Kernel Python SDK Affected versions of this package are vulnerable to Arbitrary Code Injection via the InMemoryVectorStore filter functionality due to lack of filtering for dangerous dunder attributes. An attacker can escape the sandbox and execute arbitrary...

9.9CVSS6.1AI score0.02914EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.27 views

CVE-2026-22422 WordPress Everest Forms plugin <= 3.4.1 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in wpeverest Everest Forms everest-forms allows Code Injection.This issue affects Everest Forms: from n/a through = 3.4.1...

5.3CVSS0.00222EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/18 3:5 p.m.4 views

Arbitrary Code Injection

Overview megatron-bridge is a Megatron Bridge: Training Recipes for Megatron-based LLM and VLM models Affected versions of this package are vulnerable to Arbitrary Code Injection via the data shuffling tutorial process. An attacker can execute arbitrary code, escalate privileges, disclose sensiti...

8.5CVSS6.1AI score0.00201EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/17 6:40 p.m.6 views

Arbitrary Code Injection

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Arbitrary Code Injection via the incorporation of untrusted Slack channel metadata into the system prompt. An attacker can execute unauthorized commands or access sensitive information by...

3.7CVSS6AI score0.002EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/13 12:31 p.m.5 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection in the SpecificCompiler class, when handling untrusted Avro schemas. An attacker can execute code by supplying a malicious schema with commands injected in doc comment values, which can be executed during...

8.8CVSS5.9AI score0.00602EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/12 10:6 p.m.3 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the overrides.yoke.cd/flight annotation, which allows a user-supplied URL to be used directly by the controller without validation. An attacker can execute arbitrary code within the controller context by...

8.8CVSS6.2AI score0.004EPSS
Exploits1References2
Snyk
Snyk
added 2026/02/12 10:6 p.m.3 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the overrides.yoke.cd/flight annotation, which allows a user-supplied URL to be used directly by the controller without validation. An attacker can execute arbitrary code within the controller context by...

8.8CVSS6.2AI score0.004EPSS
Exploits1References2
NVD
NVD
added 2026/02/09 5:16 a.m.11 views

CVE-2026-1615

Versions of the package jsonpath before 1.3.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation of user-supplied JSON Path expressions. The library relies on the static-eval module to process JSON Path input, which is not designed to handle untrusted data safely. An attacker can...

9.8CVSS0.01049EPSS
Exploits0References10
Rows per page
Query Builder