Lucene search
K

32 matches found

NVD
NVD
added 2026/05/12 10:16 a.m.15 views

CVE-2026-5029

A remote code execution vulnerability exists in Code Runner MCP Server when run with the --transport http option, which exposes the /mcp JSON-RPC endpoint without authentication on port 3088. An unauthenticated remote attacker can invoke the run-code MCP tool to supply arbitrary source code and...

8.7CVSS0.00291EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/24 2:1 a.m.5 views

Expired Pointer Dereference

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.9CVSS6AI score0.0045EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.4 views

The vulnerability of the `request_fulluri` configuration in the PHP programming language interpreter allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).

The vulnerability of the requestfulluri configuration in the PHP programming language interpreter is related to the failure to eliminate CRLF sequences due to the use of the true value. Exploiting this vulnerability allows a remote attacker to send hidden HTTP requests HTTP Request Smuggling atta...

4.8CVSS6AI score0.01132EPSS
Exploits1References10Affected Software4
Debian
Debian
added 2024/09/02 12:46 p.m.41 views

[SECURITY] [DLA 3858-1] ruby2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 02, 2024 https://wiki.debian.org/LTS -...

9.8CVSS8.4AI score0.0387EPSS
Exploits1
Debian
Debian
added 2024/05/03 7:47 p.m.29 views

[SECURITY] [DSA 5677-1] ruby3.1 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5677-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 03, 2024 https://www.debian.org/security/faq -...

9.8CVSS9.2AI score0.02364EPSS
Exploits0
CNNVD
CNNVD
added 2023/07/07 12:0 a.m.6 views

ccxvii mujs 资源管理错误漏洞

ccxvii mujs is an open source embeddable C language interpreter. A security vulnerability exists in MuJS versions prior to 1.1.2, which stems from the presence of a memory reuse after release issue that could lead to a system denial of service...

10CVSS7.2AI score0.00707EPSS
Exploits0References2
Fedora
Fedora
added 2022/09/30 1:18 a.m.35 views

[SECURITY] Fedora 36 Update: bash-5.1.16-3.fc36

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

1.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/06/24 12:0 a.m.6 views

The vulnerability of the mysqlnd/pdo function (mysqlnd_wireprotocol.c) in the PHP programming language interpreter allows a hacker to execute arbitrary code.

The vulnerability of the mysqlnd/pdo function mysqlndwireprotocol.c in the PHP programming language interpreter is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

10CVSS7.5AI score0.5838EPSS
Exploits2References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.6 views

The vulnerability of the utf8decode function in the PHP language interpreter allows attackers to execute XSS attacks.

The vulnerability of the utf8decode function in the PHP language interpreter exists due to insufficient validation of input data. Exploiting this vulnerability allows attackers to execute XSS attacks remotely...

7.3CVSS6.6AI score0.11281EPSS
Exploits1References34Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.6 views

The vulnerability of the rfc1867.c component of the PHP programming language interpreter allows a attacker to cause a service failure.

The vulnerability of the rfc1867.c component of the PHP programming language interpreter exists due to insufficient validation of input data. Exploiting this vulnerability may allow a malicious actor to cause service failures remotely...

5.8CVSS7.7AI score0.06365EPSS
Exploits2References21Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/04/27 12:0 a.m.4 views

The vulnerability of the asn1_time_to_time_t function (ext/openssl/openssl.c) in the PHP programming language allows a hacker to execute arbitrary code.

The vulnerability of the asn1timetotimet function in the OpenSSL library, a PHP programming language interpreter, arises due to buffer overflow. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...

7.5CVSS7.8AI score0.35635EPSS
Exploits8References20Affected Software5
BDU FSTEC
BDU FSTEC
added 2022/04/25 12:0 a.m.4 views

The vulnerability of the mcrypt extension in the PHP programming language interpreter allows a hacker to trigger a service failure or possibly cause other effects.

The vulnerability of the mcrypt extension in the PHP programming language interpreter is caused by a numerical overflow condition. Exploiting this vulnerability could allow an attacker to cause service failures or potentially have other adverse effects...

10CVSS7.8AI score0.08361EPSS
Exploits0References14Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/04/20 12:0 a.m.5 views

The vulnerability of the Zend/zend_exceptions.c component of the PHP programming language interpreter allows a attacker to cause a service failure.

The vulnerability of the Zend/zendexceptions.c component of the PHP programming language interpreter is related to an infinite loop. Exploiting this vulnerability can allow a malicious actor to cause service failures through the created Exception object...

7.8CVSS7.7AI score0.42401EPSS
Exploits1References7Affected Software3
Debian
Debian
added 2017/09/05 8:17 p.m.40 views

[SECURITY] [DSA 3966-1] ruby2.3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3966-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 05, 2017 https://www.debian.org/security/faq -...

9.8CVSS8.9AI score0.29442EPSS
Exploits8
Fedora
Fedora
added 2016/09/25 8:49 p.m.36 views

[SECURITY] Fedora 23 Update: bash-4.3.42-4.fc23

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

7.5CVSS1.2AI score0.06019EPSS
Exploits0
Fedora
Fedora
added 2016/09/23 4:20 p.m.44 views

[SECURITY] Fedora 24 Update: bash-4.3.42-6.fc24

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

7.5CVSS1.2AI score0.06019EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/06/09 12:0 a.m.5 views

The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.

The vulnerability of the bcpowmod function ext/bcmath/bcmath.c in the PHP interpreter exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures or potentially have other adverse effects through specially crafted call...

7.5CVSS7.5AI score0.06229EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/06/01 12:0 a.m.4 views

The vulnerability of the PHP interpreter allows attackers to trigger a service failure or execute arbitrary code.

The vulnerability of the deserialization function in PHP interpreters relates to the incorrect invocation of multiple phpvarunserialize. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a denial-of-service attack i.e., the use of resources after they are...

7.5CVSS8AI score0.36992EPSS
Exploits3References4Affected Software1
Debian
Debian
added 2015/07/01 10:9 a.m.52 views

[SECURITY] [DLA 263-1] ruby1.9.1 security update

Package : ruby1.9.1 Version : 1.9.2.0-2+deb6u5 CVE ID : CVE-2012-5371 CVE-2013-0269 Debian Bug : 693024 700471 Two vulnerabilities were identified in the Ruby language interpreter, version 1.9.1. CVE-2012-5371 Jean-Philippe Aumasson identified that Ruby computed hash values without properly...

7.8CVSS6.8AI score0.13911EPSS
Exploits2
OSV
OSV
added 2015/06/30 12:0 a.m.46 views

DLA-263-1 ruby1.9.1 - security update

Bulletin has no description...

7.5CVSS6.8AI score0.13911EPSS
Exploits0
Rows per page
Query Builder