CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-1960

Malicious code in bioql PyPI...

8.8CVSS7AI score0.02656EPSS

Exploits1References9

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-7108

Malicious code in bioql PyPI...

7.8CVSS7AI score0.01429EPSS

Exploits1References7

OSV•added 2023/07/06 7:24 p.m.•15 views

GHSA-4VRV-93C7-M92J snyk Code Injection vulnerability

The package snyk before 1.1064.0 is vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the application...

8.8CVSS6.4AI score0.02656EPSS

Exploits1References8

Github Security Blog•added 2023/07/06 7:24 p.m.•25 views

snyk Code Injection vulnerability

8.8CVSS7.4AI score0.02656EPSS

Exploits1References9Affected Software1

NVD•added 2022/11/30 1:15 p.m.•12 views

CVE-2022-24441

The package snyk before 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privileges of the applicatio...

8.8CVSS0.02656EPSS

Exploits1References7

OSV•added 2022/11/30 1:15 p.m.•22 views

CVE-2022-24441

8.8CVSS7.8AI score

Exploits0References7

Prion•added 2022/11/30 1:15 p.m.•16 views

Code injection

6.8CVSS7.1AI score0.02656EPSS

Exploits2References7Affected Software3

Cvelist•added 2022/11/30 12:0 a.m.•15 views

CVE-2022-24441 Code Injection

5.8CVSS7.4AI score0.02656EPSS

Exploits1References7

Vulnrichment•added 2022/11/30 12:0 a.m.•5 views

CVE-2022-24441 Code Injection

5.8CVSS8.9AI score0.02656EPSS

Exploits1References7

Github Security Blog•added 2022/10/04 12:0 a.m.•21 views

Snyk CLI affected by Command Injection vulnerability

Snyk CLI before 1.996.0 allows arbitrary command execution, affecting Snyk IDE plugins and the snyk npm package. Exploitation could follow from the common practice of viewing untrusted files in the Visual Studio Code editor, for example. The original demonstration was with shell metacharacters in...

7.8CVSS7.2AI score0.01429EPSS

Exploits1References6Affected Software2

NVD•added 2022/10/03 3:15 p.m.•10 views

CVE-2022-40764

7.8CVSS0.01429EPSS

Exploits1References4

Prion•added 2022/10/03 3:15 p.m.•12 views

Command injection

4.3CVSS7AI score0.01429EPSS

Exploits1References4Affected Software2

CVE•added 2022/10/03 2:3 p.m.•84 views

CVE-2022-40764

CVE-2022-40764 affects Snyk CLI and related IDE plugins; before 1.996.0, it allowed arbitrary command execution, potentially via viewing untrusted files in VS Code. The original demonstration involved shell metacharacters in the vendor.json ignore field, affecting snyk-go-plugin before 1.19.1 and...

7.8CVSS6.9AI score0.01429EPSS

Exploits1References4Affected Software2

Cvelist•added 2022/10/03 2:3 p.m.•21 views

CVE-2022-40764

7.3AI score0.01429EPSS

Exploits1References4

Snyk•added 2022/09/29 1:34 p.m.•1 views

Code Injection

Overview snyk is a advanced tool that scans and monitors projects for security vulnerabilities. Affected versions of this package are vulnerable to Code Injection. when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such a...

8.8CVSS7AI score0.02656EPSS

Exploits2References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by