Lucene search
K

6 matches found

EUVD
EUVD
added 2026/06/09 4:6 a.m.15 views

EUVD-2026-35347

A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized actions. We have already fixed the vulnerability in the following version: QuMagie 2.9.0 and later...

8.7CVSS5.5AI score0.00322EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 5:17 p.m.32 views

CVE-2024-52011 launch-editor vulnerable to command injection via the crafted request on Windows

launch-editor allows users to open files with line numbers in editor from Node.js. Prior to version 2.9.0, due to the insufficient sanitization of the file argument in the launchEditor, an attacker can execute arbitrary commands on Windows by supplying a filename that contains special characters...

7.5CVSS0.00521EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-34932

Malicious code in bioql PyPI...

6.8CVSS5AI score0.0067EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2024/06/06 9:30 p.m.30 views

Remote code execution in mlflow

A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command 'Command Injection' within the mlflow.data.httpdatasetsource.py module. Specifically, when loading a dataset from a source URL with an HTTP...

10CVSS9.7AI score0.02382EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2024/06/06 9:30 p.m.22 views

GHSA-5Q6C-FFVG-XCM9 Remote code execution in mlflow

A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command 'Command Injection' within the mlflow.data.httpdatasetsource.py module. Specifically, when loading a dataset from a source URL with an HTTP...

10CVSS9AI score0.02382EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2016/09/10 12:0 a.m.37 views

WordPress InfiniteWP Admin Panel 2.8.0 Command Injection

------------------------------------------------------------------------ Command injection in InfiniteWP Admin Panel ------------------------------------------------------------------------ Sipke Mellema, July 2016 ------------------------------------------------------------------------ Abstract...

0.4AI score
Exploits0
Rows per page
Query Builder