Lucene search
K

9 matches found

CVE
CVE
added 2026/06/22 3:16 p.m.21 views

CVE-2026-49241

The CVE concerns the Angular Language Service VS Code Extension (pre-21.2.4). It reads custom tsdk paths from workspace settings without Workspace Trust checks, then dynamically loads tsserverlibrary.js from a user-specified folder during server initialization. An attacker could commit a reposito...

8.8CVSS5.9AI score0.00154EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/06/05 8:16 a.m.11 views

CVE-2026-48907

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS0.80425EPSS
Exploits17References3
EUVD
EUVD
added 2026/06/05 7:31 a.m.15 views

EUVD-2026-34789

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS5.6AI score0.80425EPSS
Exploits17References1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.23 views

PT-2026-46908

Name of the Vulnerable Software and Affected Versions Widget Factory Joomla Content Editor JCE versions 1.0.0 through 2.9.99.4 Description An improper access control issue in the JCE editor extension for Joomla allows unauthenticated users to create new editor profiles. This flaw enables the uplo...

10CVSS7.8AI score0.80425EPSS
Exploits17References94
NVD
NVD
added 2026/02/09 11:16 p.m.5 views

CVE-2026-25931

vscode-spell-checker is a basic spell checker that works well with code and documents. Prior to v4.5.4, DocumentSettings.determineIsTrusted treats the configuration value cSpell.trustedWorkspace as the authoritative trust flag. The value defaults to true package.json and is read from workspace...

7.8CVSS0.00126EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/19 5:55 a.m.7 views

Malicious code in cline-ai-main.cline-ai-agent (VSCode)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 04aeefbf39e1e9157280b91899a141e4f4c6619d434c594e4a2d3bf43883dbe6 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...

7AI score
Exploits0References1
CNNVD
CNNVD
added 2025/02/07 12:0 a.m.6 views

GitLab gitlab-vscode-extension 跨站脚本漏洞

GitLab gitlab-vscode-extension is a VSCode code editor extension for Gitlab from GitLab USA. A cross-site scripting vulnerability exists in GitLab gitlab-vscode-extension. An attacker can exploit this vulnerability to perform a cross-site scripting attack...

8.7CVSS6.1AI score0.00263EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/08/30 12:0 a.m.26 views

Security Update for Microsoft Visual Studio Code Bosh Editor Extension (CVE-2022-31691)

The Microsoft Visual Studio Code Bosh Editor Extension is version 1.39.0 or below. It is, therefore, affected by a remote code execution vulnerability. The extension uses the Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML that under certain...

9.8CVSS8.9AI score0.02391EPSS
Exploits0References2
NVD
NVD
added 2010/01/15 7:30 p.m.22 views

CVE-2010-0338

SQL injection vulnerability in the TTProducts editor ttpedit extension 0.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.01021EPSS
Exploits0References1
Rows per page
Query Builder