Lucene search
+L

19 matches found

CVE
CVE
added 2 days ago10 views

CVE-2026-15415

The CVE-2026-15415 entry concerns the AWS HealthOmics MCP Server (aws-healthomics-mcp-server) before version 0.0.36. The vulnerability is a path traversal in the linting tools that can let an actor who can influence the MCP agent write actor-controlled content to arbitrary locations outside the i...

6.8CVSS5.5AI score0.00247EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-15415 Path traversal and arbitrary file write in the workflow linters of aws-healthomics-mcp-server

AWS HealthOmics is a HIPAA-eligible service that fully manages the compute, storage, and workflow engine infrastructure required to run bioinformatics analyses at scale for clinical diagnostics, drug discovery, and agricultural research. Improper limitation of a pathname to a restricted directory...

6.8CVSS0.00247EPSS
Exploits0References3
Fedora
Fedora
added 2025/12/14 1:0 a.m.9 views

[SECURITY] Fedora 43 Update: golangci-lint-2.7.1-1.fc43

Fast linters runner for Go...

7.5CVSS8.6AI score0.00626EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/03 9:32 p.m.4 views

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment.

...

5.3CVSS7AI score0.00822EPSS
Exploits0
OSV
OSV
added 2024/01/18 8:27 p.m.37 views

CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension

jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...

7.3CVSS9.1AI score0.00491EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/09/30 12:31 a.m.1427 views

PostCSS line return parsing error

An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets CSS. There may be \r discrepancies, as demonstrated by @font-face font:\r/; in a rule. This vulnerability affects linters using PostCSS to parse external untrusted CSS. An...

5.3CVSS6.2AI score0.00822EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2023/09/29 10:15 p.m.23 views

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

5.3CVSS6.7AI score0.00822EPSS
Exploits0References5
Prion
Prion
added 2023/09/29 10:15 p.m.22 views

Code injection

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

5CVSS5.4AI score0.00822EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2023/09/29 10:15 p.m.93 views

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

5.3CVSS6.8AI score0.00822EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/09/29 12:0 a.m.20 views

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

6.5AI score0.00822EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/09/29 12:0 a.m.46 views

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the...

5.3CVSS6.2AI score0.00822EPSS
Exploits0
CVE
CVE
added 2023/09/29 12:0 a.m.357 views

CVE-2023-44270

CVE-2023-44270 : PostCSS before 8.4.31 has a vulnerability where CSS that is parsed from external untrusted CSS can cause parts of the CSS to be treated as comments and then end up in the PostCSS output as valid CSS nodes (rules/properties). This can occur when linters rely on PostCSS for parsing...

5.3CVSS4.9AI score0.00822EPSS
Exploits0References5Affected Software1
Hacker One
Hacker One
added 2023/04/20 1:32 a.m.35 views

Ruby on Rails: Incorrect handling of certain characters passed to the redirection functionality in Rails can lead to a single-click XSS vulnerability.

An incorrect handling of certain characters passed to the redirection functionality in Rails could lead to a single-click XSS vulnerability. This vulnerability allowed an attacker to control the href attribute in the HTML response and serve an XSS payload by preventing the redirect. The...

4CVSS4AI score0.00332EPSS
Exploits2
OpenVAS
OpenVAS
added 2022/07/31 12:0 a.m.6 views

Fedora: Security Advisory for golang-honnef-tools (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2022/07/17 1:16 a.m.25 views

[SECURITY] Fedora 35 Update: golang-honnef-tools-2021.1-2.fc35

honnef.co/go/tools/... is a collection of tools and libraries for working with Go code, including linters and static analysis, most prominently staticcheck...

9.3CVSS9.2AI score0.0995EPSS
Exploits3
OpenVAS
OpenVAS
added 2022/07/06 12:0 a.m.16 views

Fedora: Security Advisory for golang-honnef-tools (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.9AI score0.0995EPSS
Exploits4References2
Fedora
Fedora
added 2022/07/04 1:35 a.m.20 views

[SECURITY] Fedora 36 Update: golang-honnef-tools-2021.1.2-2.20220304git852a31a.fc36

honnef.co/go/tools/... is a collection of tools and libraries for working with Go code, including linters and static analysis, most prominently staticcheck...

9.3CVSS9AI score0.0995EPSS
Exploits4
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:19 p.m.5 views

Malicious code in geoadv-linters (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e3a595aba5cbc4287b07b5efd9767635b6577ee79238a837de3b7971dd09b54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:19 p.m.11 views

MAL-2022-3342 Malicious code in geoadv-linters (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e3a595aba5cbc4287b07b5efd9767635b6577ee79238a837de3b7971dd09b54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder