CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-0792

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.0029EPSS

Exploits1References3

RedhatCVE•added 2025/02/06 2:2 a.m.•5 views

CVE-2022-25908

All versions of the package create-choo-electron are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization...

9.8CVSS7.1AI score0.0129EPSS

Exploits1References1

CVE•added 2023/01/24 5:0 a.m.•57 views

CVE-2022-25908

CVE-2022-25908 affects the Node.js module create-choo-electron, with all versions vulnerable to Command Injection via the devInstall function due to improper input validation. Connected IBM advisories tie this to IBM Storage Ceph and IBM Maximo MAS deployments, describing feasible command executi...

9.8CVSS9.7AI score0.0129EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2023/01/24 12:0 a.m.•3 views

PT-2023-12833 · Unknown · Create-Choo-Electron

Name of the Vulnerable Software and Affected Versions: create-choo-electron versions all Description: The issue arises from improper user-input sanitization, making all versions of the package susceptible to Command Injection via the devInstall function. Recommendations: For all versions, conside...

9.8CVSS7.6AI score0.0129EPSS

Exploits1References4

Snyk•added 2022/12/06 4:3 p.m.•1 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization. PoC js var root = require"create-choo-electron" root.devInstall"./","& touch JHU",function Remediation There is no fixed version for...

9.8CVSS7.4AI score0.0129EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by