Lucene search
K

39 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.9 views

CVE-2026-10210

A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by this vulnerability is the function sanitizepromptdescription of the file astrbot/core/skills/skillmanager.py. The manipulation results in injection. The attack may be performed from remote. The exploit has been made public and...

6.5CVSS6.1AI score0.00228EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.22 views

PT-2026-45279

A flaw has been found in CodeAstro Ingredients Stock Management System 1.0. This vulnerability affects unknown code of the file /Ingredients-Stock/stock manager.php. This manipulation of the argument txt search category causes sql injection. The attack may be initiated remotely. The exploit has...

6.5CVSS6.5AI score0.002EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/05 6:30 p.m.3 views

EUVD-2026-19115

A vulnerability was found in Tencent AI-Infra-Guard 4.0. The affected element is an unknown function of the file common/websocket/taskmanager.go of the component Task Detail Endpoint. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit ha...

6.9CVSS5.4AI score0.00641EPSS
Exploits1References5
CVE
CVE
added 2026/04/05 5:30 p.m.13 views

CVE-2026-5585

Summary of CVE-2026-5585 : Tencent AI-Infra-Guard 4.0 contains a vulnerability in the Task Detail Endpoint, specifically an unknown function within the file common/websocket/task_manager.go. Manipulation of this element results in information disclosure. The attack may be initiated remotely and, ...

7.5CVSS5.6AI score0.00641EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.12 views

AI-Infra-Guard 访问控制错误漏洞

AI-Infra-Guard is an open-source AI security risk detection and red-team testing platform developed by Tencent. Version 4.0 of AI-Infra-Guard contains a access control vulnerability, which stems from incorrect handling of the file common/websocket/taskmanager.go, potentially leading to informatio...

7.5CVSS6AI score0.00641EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/16 3:30 p.m.6 views

EUVD-2026-12262

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects an unknown function of the file...

6.5CVSS5.5AI score0.03499EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/03/16 4:2 a.m.5 views

CVE-2026-4213

A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function...

9CVSS6.4AI score0.00744EPSS
Exploits1References7Affected Software20
Veracode
Veracode
added 2026/02/20 9:21 a.m.5 views

Cross Site Scripting (XSS)

Agora is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper input handling of the topicName parameter in client/agora/public/js/editorManager.js, which allows an attacker to inject malicious scripts that execute in a user’s browser...

6.4CVSS6AI score0.00234EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.6 views

Wikimedia AbuseFilter 安全漏洞

Wikimedia AbuseFilter is an editing filter tool developed by the Wikimedia Foundation. It is designed to automatically filter and block suspicious edits, account creation, and other disruptive activities based on custom rules. There is a security vulnerability in Wikimedia AbuseFilter, which stem...

2.1CVSS5.8AI score0.00359EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/02 12:0 a.m.5 views

PT-2026-1046

Name of the Vulnerable Software and Affected Versions Seeyon Zhiyuan OA Web Application System versions prior to 20251222 Description A security flaw exists in Seeyon Zhiyuan OA Web Application System. The issue involves a SQL injection impacting an unknown function within the file...

9.8CVSS7AI score0.00035EPSS
Exploits0References13
OSV
OSV
added 2025/10/08 6:32 p.m.3 views

CVE-2025-11490 wonderwhy-er DesktopCommanderMCP Absolute Path command-manager.ts extractBaseCommand os command injection

A vulnerability has been found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected element is the function extractBaseCommand of the file src/command-manager.ts of the component Absolute Path Handler. Such manipulation leads to os command injection. The attack may be performed from...

5.3CVSS6AI score0.03542EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-25475

Malicious code in bioql PyPI...

5.5CVSS4.1AI score0.00188EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-9050

Malicious code in bioql PyPI...

9.9CVSS9.2AI score0.03656EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2025-21752

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.01429EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-37028

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.0164EPSS
Exploits0References1
Rosalinux
Rosalinux
added 2025/09/29 2:30 p.m.7 views

Advisory ROSA-SA-2025-3025

software: yarn 1.22.22 WASP: ROSA-CHROME unaffected versions = yarn-1.22.22.22-3 affected versions yarn-1.22.22.22-3 CVE-ID: CVE-2025-9308 BDU-ID: None CVE-Crit: LOW CVE-DESC.: Vulnerability in Yarn before version 1.22.22 in setOptions function of src/util/request-manager.js file. Possible attack...

5.5CVSS6.7AI score0.00188EPSS
Exploits1
NVD
NVD
added 2025/08/21 4:15 p.m.5 views

CVE-2025-9308

A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects...

5.5CVSS0.00188EPSS
Exploits1References4
OSV
OSV
added 2025/08/21 4:15 p.m.3 views

DEBIAN-CVE-2025-9308

A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects...

5.5CVSS4.1AI score0.00188EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2025/08/21 4:2 p.m.4 views

CVE-2025-9308

A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects...

5.5CVSS7.2AI score0.00188EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/08/21 12:26 a.m.11 views

CVE-2025-54336

In Plesk Obsidian 18.0.70, isAdminPasswordValid uses an == comparison. Thus, if the correct password is "0e" followed by any digit string, then an attacker can login with any other string that evaluates to 0.0 such as the 0e0 string. This occurs in admin/plib/LoginManager.php...

9.8CVSS7.3AI score0.00475EPSS
Exploits0References1
Rows per page
Query Builder