Lucene search
K

341 matches found

EUVD
EUVD
added 2026/04/28 3:15 a.m.3 views

EUVD-2026-25977

A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mcp.mjs of the component fastlycli Tool. The manipulation of the argument command leads to os command injection. It is possible to initiate...

7.5CVSS7AI score0.01338EPSS
Exploits0References5
GithubExploit
GithubExploit
added 2026/04/25 4:28 p.m.116 views

CodeAlpha_Bug-Bounties-Tool

CodeAlphaBug-Bounties-Tool A lightweight bug bounty automatio...

5.8AI score
Exploits0
Fedora
Fedora
added 2026/04/25 1:54 a.m.6 views

[SECURITY] Fedora 44 Update: glab-1.91.0-1.fc44

A GitLab CLI tool bringing GitLab to your command line...

8.1CVSS5.2AI score0.00455EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/24 2:38 a.m.8 views

cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names

A flaw was found in the Go programming language golang and its command-line tool cmd/go. A remote attacker could exploit this during the build process by crafting malicious SWIG Simplified Wrapper and Interface Generator file names that contain "cgo" and specific payloads. This could lead to code...

9CVSS6AI score0.00658EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/04/23 12:0 a.m.10 views

CVE-2026-41176

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint options/set is exposed without AuthRequired: true, but it can mutate global runtime configuration, including the RC option block itself. Starting in version 1.45.0 and pri...

9.8CVSS5.8AI score0.34734EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/04/13 9:36 a.m.4 views

CVE-2026-27140

A flaw was found in the Go programming language golang and its command-line tool cmd/go. A remote attacker could exploit this during the build process by crafting malicious SWIG Simplified Wrapper and Interface Generator file names that contain "cgo" and specific payloads. This could lead to code...

9CVSS6AI score0.00658EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.7 views

PT-2026-32565

Name of the Vulnerable Software and Affected Versions jq versions prior to commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784 Description The software used MurmurHash3 with a hardcoded, publicly visible seed 0x432A9843 for all JSON object hash table operations. This allows an attacker to precompute...

8.2CVSS5.1AI score0.00559EPSS
Exploits5References112
Snyk
Snyk
added 2026/03/31 4:51 p.m.8 views

Permissive Cross-domain Policy with Untrusted Domains

Overview Affected versions of this package are vulnerable to Permissive Cross-domain Policy with Untrusted Domains via the CLI MCP server. An attacker can gain unauthorized access to privileged tools by issuing cross-origin requests from a malicious website on the same machine, leveraging the...

7.7CVSS5.9AI score0.00361EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.10 views

Synopsys Coverity Connect 安全漏洞

Synopsys Coverity Connect is a web-based platform provided by Synopsys, Inc. It primarily consists of static code analysis tools and dynamic code analysis tools. Synopsys Coverity Connect has security vulnerabilities; one of these vulnerabilities stems from the identity verification logic in the...

9.3CVSS5.9AI score0.00478EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/03/27 12:0 a.m.4 views

vulnx 2.0.1

vulnx is a command-line interface CLI tool designed to provide a structured and easily navigable interface to various vulnerability databases...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 7:27 p.m.4 views

CVE-2026-3108

A flaw was found in Mattermost. This vulnerability in the mmctl command-line interface allows attackers to manipulate administrator terminals. By sending specially crafted messages containing ANSI and Operating System Command OSC escape sequences, an attacker can enable screen manipulation, displ...

8CVSS5.8AI score0.00268EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/03/04 1:34 p.m.149 views

Exploit for CVE-2016-10555

██╗██╗ ██╗████████╗ ███████╗ ██████╗ ██████╗ ███...

6.5CVSS6.1AI score0.04898EPSS
Exploits2
Debian CVE
Debian CVE
added 2026/03/02 7:40 p.m.6 views

CVE-2026-27596

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

7.5CVSS6.2AI score0.00367EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/03/02 7:40 p.m.5 views

CVE-2026-27631

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulnerability is in the preview component, which is only triggered when running Exiv2 with an extra...

6.9CVSS6.2AI score0.00255EPSS
Exploits0
EUVD
EUVD
added 2026/03/02 7:17 p.m.12 views

EUVD-2026-9256

theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.2.0, improper privilege dropping allows local privilege escalation via command re-execution. This issue has been patched in version 0.2.0...

8.4CVSS5.8AI score0.00177EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/25 9:30 a.m.8 views

EUVD-2025-208109

URLs containing percent-encoded slashes / or \ can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool...

4.6CVSS5.4AI score0.00302EPSS
Exploits0References4
OSV
OSV
added 2026/02/25 8:16 a.m.3 views

UBUNTU-CVE-2025-11563

URLs containing percent-encoded slashes / or \ can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool...

4.6CVSS5.8AI score0.00302EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/25 7:20 a.m.7 views

CVE-2025-11563

URLs containing percent-encoded slashes / or \ can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool...

4.6CVSS5.3AI score0.00302EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/25 7:20 a.m.8 views

CVE-2025-11563 wcurl path traversal with percent-encoded slashes

URLs containing percent-encoded slashes / or \ can trick wcurl into saving the output file outside of the current directory without the user explicitly asking for it. This flaw only affects the wcurl command line tool...

5.4AI score0.00302EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2026/02/11 3:28 p.m.12 views

K000159974: OpenSSL vulnerability CVE-2025-15469

Security Advisory Description Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such ...

5.5CVSS5.5AI score0.00176EPSS
Exploits1
Rows per page
Query Builder