Lucene search
K

102 matches found

Fedora
Fedora
added 2025/10/21 1:40 a.m.8 views

[SECURITY] Fedora 41 Update: gi-docgen-2025.5-1.fc41

GI-DocGen is a document generator for GObject-based libraries. GObject is the base type system of the GNOME project. GI-Docgen reuses the introspection data generated by GObject-based libraries to generate the API reference of these libraries, as well as other ancillary documentation. GI-DocGen i...

6.1CVSS6.9AI score0.00337EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/10/15 4:33 p.m.3 views

dotnet: .NET Denial of Service Vulnerability

A flaw was found in MSBuild’s temporary directory handling on Linux where predictable, non-randomized temporary paths are used. Local users can create or manipulate those paths before MSBuild runs, causing build failures or unexpected behavior and resulting in denial of service for build operatio...

7.3CVSS5.7AI score0.00556EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-3004

Malicious code in bioql PyPI...

7.7CVSS7.5AI score0.00815EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-31073

Malicious code in bioql PyPI...

9.6CVSS6.3AI score0.00527EPSS
Exploits0References12
OSV
OSV
added 2025/09/25 12:30 a.m.3 views

GHSA-8MJQ-32X3-22QF Duplicate Advisory: Malicious versions of Nx were published

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-cxm3-wv7p-598c. This link is maintained to preserve external references. Original Description Malicious code was inserted into the Nx build system package and several related plugins. The tampered package was...

9.6CVSS6.9AI score0.00527EPSS
Exploits0References7
OSV
OSV
added 2025/09/24 10:15 p.m.5 views

CVE-2025-10894

Malicious code was inserted into the Nx build system package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo...

9.6CVSS5.8AI score0.00527EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in build-system (npm)

The package build-system was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-16324 Malicious code in build-system (npm)

The package build-system was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:35 a.m.10 views

CVE-2024-25255

Sublime Text 4 was discovered to contain a command injection vulnerability via the New Build System module. NOTE: multiple third parties report that this is intended behavior...

9.8CVSS8AI score0.01413EPSS
Exploits0References1
Redos
Redos
added 2025/01/21 12:0 a.m.13 views

ROS-20250121-02

A vulnerability in the koji RPM-based build system is related to insufficient cleansing of data provided by the by the user. Exploitation of the vulnerability could allow a remote attacker to perform cross-site scripting XSS attacks. Cross-site scripting XSS attacks...

5.4CVSS5.9AI score0.0029EPSS
Exploits0
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.4 views

Cachi2 安全漏洞

Cachi2 is an open source CLI tool from containerbuildsystem. A security vulnerability exists in Cachi2 versions prior to 0.14.0, which stems from the fact that the tool logs each function's local variables when an unhandled exception is triggered, potentially leading to the display of secret...

4.7CVSS6.2AI score0.00179EPSS
Exploits0References3
NVD
NVD
added 2024/11/11 11:15 p.m.30 views

CVE-2024-25255

Sublime Text 4 was discovered to contain a command injection vulnerability via the New Build System module. NOTE: multiple third parties report that this is intended behavior...

9.8CVSS0.01413EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/11/11 12:0 a.m.11 views

CVE-2024-25255

Sublime Text 4 was discovered to contain a command injection vulnerability via the New Build System module. NOTE: multiple third parties report that this is intended behavior...

9.9AI score0.01413EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/11/11 12:0 a.m.5 views

Sublime Text 安全漏洞

Sublime Text is a cross-platform, extensible text editor from Sublime, Inc. A security vulnerability exists in Sublime Text version 4, which stems from a discovery via the New Build System module that contains a command injection vulnerability...

9.8CVSS7.5AI score0.01413EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/11/11 12:0 a.m.22 views

CVE-2024-25255

Sublime Text 4 was discovered to contain a command injection vulnerability via the New Build System module. NOTE: multiple third parties report that this is intended behavior...

0.01413EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/11 12:0 a.m.6 views

PT-2024-20850 · Sublime Text · Sublime Text

Name of the Vulnerable Software and Affected Versions: Sublime Text version 4 Description: A command injection issue was found in Sublime Text via the New Build System module. It is noted that multiple third parties report this behavior as intended. Recommendations: For Sublime Text version 4, as...

9.8CVSS7.8AI score0.01413EPSS
Exploits0References8
CVE
CVE
added 2024/11/11 12:0 a.m.80 views

CVE-2024-25255

Sublime Text 4 contains a command injection vulnerability via the New Build System module. Affected component: New Build System handling (build system targets/exec usage) leading to potential remote command execution with high impact (per CVSSv3.1: 9.8, CRITICAL, network attack vector, no user in...

9.8CVSS9.8AI score0.01413EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/10/24 12:0 a.m.9 views

Koji 安全漏洞

Koji is an open source RPM build system from Koji. A security vulnerability exists in Koji that stems from not cleaning up user input...

5.4CVSS6.5AI score0.0029EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/09/03 12:0 a.m.7 views

The vulnerability of the RPM-based build system, related to improper elimination of input data during the generation of web pages, allows attackers to perform XSS attacks.

The vulnerability of the RPM-based build system is related to the improper elimination of input data during the generation of web pages. Exploiting this vulnerability allows an attacker to carry out XSS attacks using specially crafted web interfaces...

4.1CVSS5.5AI score
Exploits0References3Affected Software2
Redos
Redos
added 2024/08/28 12:0 a.m.15 views

ROS-20240828-01

A vulnerability in the koji RPM-based build system is related to improper neutralization of input data during the during web page generation. Exploitation of the vulnerability could allow an attacker to conduct XSS attacks using a specially crafted web interface. using a specially crafted web...

6.3AI score
Exploits0
Rows per page
Query Builder