Lucene search
K

36 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-49241

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular Language Servi...

8.8CVSS6AI score0.00154EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-50178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. the client-side Angular Language Service VS Code...

8.8CVSS5.9AI score0.00246EPSS
Exploits0References2
NVD
NVD
added 2026/06/22 4:16 p.m.9 views

CVE-2026-50178

The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. the client-side Angular Language Service VS Code extension configures the tooltip Markdown renderer with the isTrusted: true option located in client/src/client.ts. This setting instructs VS...

8.8CVSS0.00246EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 4:16 p.m.10 views

CVE-2026-49241

The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular Language Service VS Code extension reads the custom TypeScript SDK paths typescript.tsdk and js/ts.tsdk.path directly from workspace configurations...

8.8CVSS0.00154EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 4:16 p.m.3 views

UBUNTU-CVE-2026-49241

The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular Language Service VS Code extension reads the custom TypeScript SDK paths typescript.tsdk and js/ts.tsdk.path directly from workspace configurations...

8.8CVSS5.8AI score0.00154EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 4:16 p.m.3 views

UBUNTU-CVE-2026-50178

The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. the client-side Angular Language Service VS Code extension configures the tooltip Markdown renderer with the isTrusted: true option located in client/src/client.ts. This setting instructs VS...

8.8CVSS5.9AI score0.00246EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/22 3:20 p.m.10 views

EUVD-2026-38264

The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. the client-side Angular Language Service VS Code extension configures the tooltip Markdown renderer with the isTrusted: true option located in client/src/client.ts. This setting instructs VS...

8.7CVSS5.9AI score0.00246EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 3:20 p.m.3 views

CVE-2026-50178

The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. the client-side Angular Language Service VS Code extension configures the tooltip Markdown renderer with the isTrusted: true option located in client/src/client.ts. This setting instructs VS...

8.7CVSS5.9AI score0.00246EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2026/06/22 3:20 p.m.30 views

CVE-2026-50178 Angular: Remote Code Execution via JSDoc Hover Command Injection in VS Code Angular Language Service Extension

The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. the client-side Angular Language Service VS Code extension configures the tooltip Markdown renderer with the isTrusted: true option located in client/src/client.ts. This setting instructs VS...

8.7CVSS0.00246EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 3:20 p.m.20 views

CVE-2026-50178

The CVE-2026-50178 entry describes a remote code execution risk in the Angular Language Service VS Code Extension. The issue stems from the client-side tooltip renderer using isTrusted: true, which allows potentially malicious content to be treated as trusted Markdown. The background Angular Lang...

8.8CVSS5.9AI score0.00246EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/22 3:16 p.m.23 views

CVE-2026-49241

The CVE concerns the Angular Language Service VS Code Extension (pre-21.2.4). It reads custom tsdk paths from workspace settings without Workspace Trust checks, then dynamically loads tsserverlibrary.js from a user-specified folder during server initialization. An attacker could commit a reposito...

8.8CVSS5.9AI score0.00154EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/22 3:16 p.m.3 views

CVE-2026-49241

The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular Language Service VS Code extension reads the custom TypeScript SDK paths typescript.tsdk and js/ts.tsdk.path directly from workspace configurations...

8.7CVSS5.9AI score0.00154EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/22 3:16 p.m.32 views

CVE-2026-49241 Angular: Multiple Remote Code Execution Vulnerabilities in Angular Language Service VS Code Extension

The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular Language Service VS Code extension reads the custom TypeScript SDK paths typescript.tsdk and js/ts.tsdk.path directly from workspace configurations...

8.7CVSS0.00154EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.12 views

PT-2026-51338

Name of the Vulnerable Software and Affected Versions Angular Language Service VS Code Extension versions prior to 21.2.4 Description The client-side extension configures the tooltip Markdown renderer with the isTrusted: true option, causing VS Code to trust all rendered content and enable active...

8.8CVSS5.9AI score0.00246EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/05 8:51 p.m.7 views

CVE-2026-11424 Server-Side Request Forgery in Altium Platform Design GraphQL Service Allows Information Disclosure

A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...

8.3CVSS5.3AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:41 a.m.6 views

CVE-1999-0041

Buffer overflow in NLS Natural Language Service...

7.5CVSS7.3AI score0.09088EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/25 12:0 a.m.7 views

Microsoft Azure Cognitive Service for Language Elevation of Privilege Vulnerability

Microsoft Azure Cognitive Service for Language is a cloud-based natural language processing service from Microsoft USA. An elevation of privilege vulnerability exists in Microsoft Azure Cognitive Service for Language, which is caused by a flaw in a customized question and answer. An attacker coul...

9.9CVSS7.2AI score0.00653EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.4 views

Microsoft Azure Cognitive Service for Language 代码问题漏洞

Microsoft Azure Cognitive Service for Language is a cloud-based natural language processing service from Microsoft USA. An elevation of privilege vulnerability exists in Microsoft Azure Cognitive Service for Language, which is caused by a flaw in a customized question and answer. An attacker coul...

9.9CVSS6.8AI score0.00653EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-1999-0041

Malware in sbrugna...

7.5CVSS6.4AI score0.09088EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/18 12:0 a.m.4 views

PT-2025-1342 · Unknown · Nlpservice

Name of the Vulnerable Software and Affected Versions: NlpService affected versions not specified Description: The issue concerns a missing permission check in NlpService, allowing potential access to location information. This could lead to a local escalation of privilege without requiring...

5.5CVSS6.7AI score0.00093EPSS
Exploits0References4
Rows per page
Query Builder