Lucene search
+L

237 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-44270

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.01716EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-17326

Malicious code in bioql PyPI...

8CVSS7.9AI score0.0036EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-44233

Malicious code in bioql PyPI...

9.8CVSS7.2AI score0.01372EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-44256

Malicious code in bioql PyPI...

9.8CVSS7.2AI score0.01666EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-44238

Malicious code in bioql PyPI...

9.8CVSS7.2AI score0.01372EPSS
Exploits0References1
nvd
nvd
added 2025/09/10 4:15 p.m.6 views

CVE-2025-58764

Claude Code is an agentic coding tool. Due to an error in command parsing, versions prior to 1.0.105 were vulnerable to a bypass of the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claud...

9.8CVSS0.00512EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/09/07 10:21 p.m.10 views

CVE-2025-58370

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions below 3.26.0 contain a vulnerability in the command parsing logic where the Bash parameter expansion and indirect reference were not handled correctly. If the agent was configured to auto-approve execution of...

8.1CVSS7.7AI score0.00411EPSS
Exploits0References1
cve
cve
added 2025/09/05 10:9 p.m.23 views

CVE-2025-58370

Roo Code (AI-powered coding agent) versions prior to 3.26.0 contain a vulnerability in the command parsing logic where Bash parameter expansion and indirect references are not handled correctly. If prompts allow auto-approval of commands, an attacker who can influence prompts could cause the agen...

8.1CVSS7.2AI score0.00411EPSS
Exploits0References1Affected Software1
osv
osv
added 2025/09/05 10:9 p.m.6 views

CVE-2025-58370 Roo Code: Potential Remote Code Execution via Bash Parameter Expansion and Indirect Reference

Roo Code is an AI-powered autonomous coding agent that lives in users' editors. Versions below 3.26.0 contain a vulnerability in the command parsing logic where the Bash parameter expansion and indirect reference were not handled correctly. If the agent was configured to auto-approve execution of...

8.1CVSS7.6AI score0.00411EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/09/05 12:0 a.m.8 views

PT-2025-36338

Name of the Vulnerable Software and Affected Versions: Roo Code versions prior to 3.26.0 Description: Roo Code is an AI-powered autonomous coding agent. A weakness exists in the command parsing logic due to incorrect handling of Bash parameter expansion and indirect reference. If the agent was...

8.1CVSS7.2AI score0.00411EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2025/08/02 12:0 a.m.9 views

PT-2025-31835

Name of the Vulnerable Software and Affected Versions Claude Code versions prior to 1.0.20 Claude Code versions prior to 1.0.24 Description Claude Code is an agentic coding tool. An error in command parsing allows bypassing the confirmation prompt, leading to the execution of untrusted commands...

10CVSS6AI score0.0097EPSS
Exploits0References29
redhatcve
redhatcve
added 2025/06/08 4:1 p.m.15 views

CVE-2025-5747

WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. Authentication is required to exploit this...

8CVSS8.3AI score0.0036EPSS
Exploits0References1
cvelist
cvelist
added 2025/06/06 3:30 p.m.23 views

CVE-2025-5747 WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability

WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. Authentication is required to exploit this...

8CVSS0.0036EPSS
Exploits0References1
cve
cve
added 2025/06/06 3:30 p.m.73 views

CVE-2025-5747

CVE-2025-5747 affects WOLFBOX Level 2 EV Charger MCU command parsing. The flaw is in how command frames are parsed: the process fails to reliably detect the start of a frame, enabling misinterpretation of input. This can allow network-adjacent attackers to execute arbitrary code within the device...

8CVSS7.9AI score0.0036EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2025/06/06 3:30 p.m.6 views

CVE-2025-5747 WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability

WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installatons of WOLFBOX Level 2 EV Charger devices. Authentication is required to exploit this...

8CVSS8.4AI score0.0036EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 10:6 a.m.19 views

CVE-2024-20843

Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code...

6.7CVSS7.5AI score0.00175EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 11:34 p.m.4 views

CVE-2022-20221

In avrcctrlparsvendorcmd of avrcparsct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

6.5CVSS6AI score0.00256EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:8 p.m.9 views

CVE-2022-39202

matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. The Internet Relay Chat IRC protocol allows you to specify multiple modes in a single mode command. Due to a bug in the underlying matrix-org/node-irc library, affected versions of matrix-appservice-irc perform parsing of such...

6.3CVSS7AI score0.00706EPSS
Exploits0References1
nessus
nessus
added 2025/05/07 12:0 a.m.5 views

RockyLinux 9 : traceroute (RLSA-2024:2483)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2483 advisory. traceroute: improper command line parsing CVE-2023-46316 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Not...

5.5CVSS6.3AI score0.00367EPSS
Exploits2References3
zdi
zdi
added 2025/04/30 12:0 a.m.9 views

(Pwn2Own) Tesla Model S oFono AT Command Heap-based Buffer Overflow Code Execution Vulnerability

This vulnerability allows local attackers to execute arbitrary code on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The specific flaw exists within the parsing of responses from AT commands...

7.8CVSS7AI score0.00153EPSS
Exploits0
Rows per page
Query Builder