Lucene search
+L

1128 matches found

CNNVD
CNNVD
added 2026/02/09 12:0 a.m.8 views

Spelling Checker for Visual Studio Code 安全漏洞

Spelling Checker for Visual Studio Code is a simple source code spell checker developed by Street Side Software. Versions of Spelling Checker for Visual Studio Code prior to v4.5.4 contained a security vulnerability. This vulnerability stemmed from improper handling of trust flags, which could...

7.8CVSS6AI score0.00126EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/05 2:33 p.m.7 views

Malicious code in web3-meme-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 62aebca1848d232cb70d5bacf954626ca7d0fd1d5680bb8ab45777aa9347f5ed Disguised as metadata checker, packages are designed to exfiltrate hardcoded or given data to an obfuscated remote target --- Category: MALICIOUS - The campaig...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/02/05 2:33 p.m.6 views

MAL-2026-763 Malicious code in web3-meme-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 62aebca1848d232cb70d5bacf954626ca7d0fd1d5680bb8ab45777aa9347f5ed Disguised as metadata checker, packages are designed to exfiltrate hardcoded or given data to an obfuscated remote target --- Category: MALICIOUS - The campaig...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/05 2:30 p.m.9 views

Malicious code in metadata-checker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 222755e960642163a0918eeb42baef3dedec6676e084a02742210fb83b7d99e5 Disguised as metadata checker, packages are designed to exfiltrate hardcoded or given data to an obfuscated remote target --- Category: MALICIOUS - The campaig...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/02/05 2:30 p.m.5 views

MAL-2026-762 Malicious code in metadata-checker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 222755e960642163a0918eeb42baef3dedec6676e084a02742210fb83b7d99e5 Disguised as metadata checker, packages are designed to exfiltrate hardcoded or given data to an obfuscated remote target --- Category: MALICIOUS - The campaig...

5.5AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 7:28 p.m.6 views

CVE-2026-25023

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...

5.3CVSS5.4AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 3:16 p.m.22 views

CVE-2026-25023

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...

5.3CVSS0.00192EPSS
Exploits0References1
CVE
CVE
added 2026/02/03 2:8 p.m.19 views

CVE-2026-25023

CVE-2026-25023 affects WordPress plugin Run Contests, Raffles, and Giveaways with ContestsWP (

5.3CVSS5.4AI score0.00192EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/03 2:8 p.m.4 views

CVE-2026-25023 WordPress Run Contests, Raffles, and Giveaways with ContestsWP plugin <= 2.0.7 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...

5.3CVSS5.3AI score0.00192EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 2:8 p.m.4 views

CVE-2026-25023

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...

5.4AI score0.00192EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/03 2:8 p.m.9 views

EUVD-2026-5260

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...

5.3CVSS5.4AI score0.00192EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 2:8 p.m.27 views

CVE-2026-25023 WordPress Run Contests, Raffles, and Giveaways with ContestsWP plugin <= 2.0.7 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in mdedev Run Contests, Raffles, and Giveaways with ContestsWP contest-code-checker allows Retrieve Embedded Sensitive Data.This issue affects Run Contests, Raffles, and Giveaways with ContestsWP: from n/a...

5.3CVSS0.00192EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.13 views

PT-2026-6254

Name of the Vulnerable Software and Affected Versions Run Contests, Raffles, and Giveaways with ContestsWP versions through 2.0.7 Description A flaw exists in Run Contests, Raffles, and Giveaways with ContestsWP that could allow for the retrieval of embedded sensitive data. The issue is related t...

5.3CVSS5.4AI score0.00192EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/24 3:17 a.m.13 views

CVE-2025-70458

A DOM-based Cross-Site Scripting XSS vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the...

5.4CVSS5.5AI score0.00195EPSS
Exploits1References1
NVD
NVD
added 2026/01/23 10:16 p.m.14 views

CVE-2025-70458

A DOM-based Cross-Site Scripting XSS vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the...

5.4CVSS0.00195EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/23 9:15 p.m.6 views

CVE-2026-22481

Missing Authorization vulnerability in Rasedul Haque Rumi BD Courier Order Ratio Checker bd-courier-order-ratio-checker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BD Courier Order Ratio Checker: from n/a through = 2.0.1...

4.3CVSS5.4AI score0.00185EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 5:15 p.m.15 views

CVE-2021-47889

Softros LAN Messenger 9.6.4 contains an unquoted service path vulnerability in the SoftrosSpellChecker service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files x86\Softros Systems\Softros Messenger\Spell Checker' to...

8.5CVSS0.00119EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/23 4:47 p.m.32 views

CVE-2021-47889 Softros LAN Messenger 9.6.4 - 'SoftrosSpellChecker' Unquoted Service Path

Softros LAN Messenger 9.6.4 contains an unquoted service path vulnerability in the SoftrosSpellChecker service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files x86\Softros Systems\Softros Messenger\Spell Checker' to...

8.5CVSS0.00119EPSS
Exploits0References3
CVE
CVE
added 2026/01/23 4:47 p.m.12 views

CVE-2021-47889

CVE-2021-47889 affects Softros LAN Messenger 9.6.4 with an unquoted service path in the SoftrosSpellChecker service. The vulnerable path is "C:\Program Files (x86)\Softros Systems\Softros Messenger\Spell Checker" and could allow a local attacker to inject a malicious executable to achieve privile...

8.5CVSS5.9AI score0.00119EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/23 4:47 p.m.0 views

CVE-2021-47889

Softros LAN Messenger 9.6.4 contains an unquoted service path vulnerability in the SoftrosSpellChecker service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files x86\Softros Systems\Softros Messenger\Spell Checker' to...

8.5CVSS6.1AI score0.00119EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder