Lucene search
K

12 matches found

CVE
CVE
added last week38 views

CVE-2026-45796

Summary of CVE-2026-45796 : Coder versions prior to 2.33.3 (and older releases in the 2.32.2, 2.31.12, 2.30.8, 2.29.13, and 2.24.5 lines) are vulnerable to an unauthenticated semi-blind SSRF via the Azure Instance Identity Endpoint at POST /api/v2/workspaceagents/azure-instance-identity. An attac...

6.5CVSS6.1AI score0.00335EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/07/07 3:26 p.m.6 views

GO-2026-5897 Coder vulnerable to workspace auto-creation via crafted URL parameters without user consent in github.com/coder/coder

Coder vulnerable to workspace auto-creation via crafted URL parameters without user consent in github.com/coder/coder...

8.8CVSS5.9AI score0.02642EPSS
Exploits0References7
Snyk
Snyk
added 2026/02/25 7:11 p.m.3 views

Use After Free

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.3CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:11 p.m.6 views

Use After Free

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.3CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/02/25 7:11 p.m.6 views

Use After Free

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.3CVSS5.9AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.2 views

Coder sensitive objects logged unsanitized vulnerability (CVE-2025-66411)

The Coder versions prior to 2.26.5, 2.27.7, and 2.28.4 are therefore vulnerable to a sensitive information disclosure via plaintext logging. Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM,...

7.8CVSS5.4AI score0.00203EPSS
Exploits1References2
NVD
NVD
added 2025/02/17 6:15 a.m.13 views

CVE-2024-13726

The Coder WordPress plugin through 1.3.4 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

8.6CVSS0.01909EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/16 1:20 p.m.21 views

CVE-2025-24699

Cross-Site Request Forgery CSRF vulnerability in Wow-Company WP Coder wp-coder allows Cross-Site Scripting XSS.This issue affects WP Coder: from n/a through = 3.6...

7.1CVSS7.2AI score0.00144EPSS
Exploits0References1
NVD
NVD
added 2025/02/14 1:15 p.m.42 views

CVE-2025-24699

Cross-Site Request Forgery CSRF vulnerability in Wow-Company WP Coder wp-coder allows Cross-Site Scripting XSS.This issue affects WP Coder: from n/a through = 3.6...

7.1CVSS0.00144EPSS
Exploits0References1
OSV
OSV
added 2017/08/07 8:29 p.m.2 views

DEBIAN-CVE-2014-9830

coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file...

8.8CVSS7.2AI score0.01878EPSS
Exploits0References1
CNVD
CNVD
added 2017/07/25 12:0 a.m.6 views

ImageMagick 'WriteOnePNGImage' function null pointer reference vulnerability

ImageMagick is a set of open-source image processing software from the U.S. company ImageMagick Studio. The software can read, convert and write pictures in a variety of formats. A security vulnerability exists in the 'WriteOnePNGImage' function in the coders/png.c file in ImageMagick versions...

6.5CVSS6.6AI score0.01854EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2008/09/13 12:0 a.m.81 views

Linkarity - 'link.php' SQL Injection

================================================================================ Linkarity link.php Remote SQL Injection Vulnerability ================================================================================ Discovered By: Egypt Coder home : WWW.Sec-Area.com Mail: [email protected]...

7AI score
Exploits0
Rows per page
Query Builder