Lucene search
K

11 matches found

Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.6 views

PT-2026-31996

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 4.5.128 Description PraisonAI’s Model Context Protocol MCP integration allows spawning background servers via stdio using user-supplied command strings, such as MCP"npx -y @smithery/cli ...". These commands are...

5.5CVSS6.1AI score0.00182EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.5 views

PraisonAI 参数注入漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.5.128 contained a parameter injection vulnerability. This vulnerability stemmed from the deploy.py script, which did not validate the values containing commas when constructin...

8.4CVSS5.9AI score0.00231EPSS
Exploits1References1
CVE
CVE
added 2026/03/19 8:34 a.m.11 views

CVE-2026-25438

The CVE describes a Reflected XSS in the WordPress Gutenberg Blocks “Unlimited blocks for Gutenberg” plugin, affecting versions up to and including 1.2.8. The root cause is improper neutralization of input during web page generation. The affected component is the WordPress Gutenberg Blocks integr...

7.1CVSS5.9AI score0.00149EPSS
Exploits0References1
Circl
Circl
added 2025/11/13 3:4 p.m.5 views

CVE-2025-12817

creationtimestamp| type| source ---|---|--- 2025-11-13 15:04:13+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115542999175905854 2025-11-14 17:36:20+00:00| seen| https://seclists.org/oss-sec/2025/q4/182 2025-12-26 11:15:11+00:00| seen|...

3.1CVSS5.5AI score0.00197EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/10/28 2:38 a.m.3 views

CVE-2025-62940

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nick Diego Blox Lite blox-lite allows Stored XSS.This issue affects Blox Lite: from n/a through = 1.2.8...

6.5CVSS6AI score0.00186EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/28 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-62594

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service du...

5.5CVSS5.8AI score0.00334EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/06/03 12:0 a.m.4 views

Deno 数据伪造问题漏洞

Deno is a simple, modern and secure JavaScript and TypeScript runtime environment from Deno Open Source. A data forgery issue vulnerability exists in Deno versions 1.46.0 through 2.1.6, which stems from the AES-256-GCM and AES-128-GCM unvalidated authentication tags, and could lead to a failure o...

8.7CVSS6.5AI score0.0024EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/02/21 12:33 a.m.2 views

kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query

A NULL pointer dereference issue was found in the Linux kernel's vmwgfx driver in vmwcmddxdefinequery. This flaw allows a local, unprivileged attacker with access to either /dev/dri/card0 or /dev/dri/rendererD128, who can issue an ioctl on the resulting file descriptor, to crash the system, causi...

6.3CVSS6.6AI score0.0059EPSS
Exploits0References4
Circl
Circl
added 2023/12/24 8:20 a.m.5 views

CVE-2001-1228

creationtimestamp| type| source ---|---|--- 2023-12-24 08:20:31+00:00| seen| https://t.me/arpsyndicate/2161...

7.5CVSS4.8AI score0.03064EPSS
Exploits0References1
OSV
OSV
added 2021/04/17 8:32 a.m.9 views

OPENSUSE-SU-2021:0567-1 Security update for chromium

This update for chromium fixes the following issues: - Chromium 89.0.4389.128 boo1184700: CVE-2021-21206: Use after free in blink CVE-2021-21220: Insufficient validation of untrusted input in v8 for x8664...

8.8CVSS9.7AI score0.70435EPSS
Exploits6References4
CNVD
CNVD
added 2021/01/29 12:0 a.m.8 views

MISP cross-site scripting vulnerability (CNVD-2021-07507)

MISP is an open source software solution. The product is used to collect, store, distribute and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in MISP version 2.4.128. The vulnerability ste...

6.1CVSS6.1AI score0.00826EPSS
Exploits0References1
Rows per page
Query Builder