Lucene search
K

229 matches found

ATTACKERKB
ATTACKERKB
added 2022/04/11 8:15 p.m.5 views

CVE-2022-1193

Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows a malicious actor to obtain details of the latest commit in a private project via Merge Requests under certain circumstances...

4.3CVSS5.4AI score0.00931EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/25 3:15 p.m.7 views

CVE-2022-24337

In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked appropriate permissions...

6.5CVSS6.6AI score0.00671EPSS
Exploits0References3
OSV
OSV
added 2022/02/25 3:15 p.m.2 views

CVE-2022-24337

In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked appropriate permissions...

6.5CVSS6.6AI score0.00671EPSS
Exploits0References2
NVD
NVD
added 2022/02/25 3:15 p.m.18 views

CVE-2022-24337

In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked appropriate permissions...

6.5CVSS0.00671EPSS
Exploits0References2
Prion
Prion
added 2022/02/25 3:15 p.m.18 views

Design/Logic Flaw

In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked appropriate permissions...

4CVSS6.5AI score0.00671EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/02/25 2:35 p.m.18 views

CVE-2022-24337

In JetBrains TeamCity before 2021.2, health items of pull requests were shown to users who lacked appropriate permissions...

7.4AI score0.00671EPSS
Exploits0References2
SonarSource Blog
SonarSource Blog
added 2022/02/24 12:0 a.m.26 views

Review your security vulnerabilities in GitHub with code scanning alerts

Today, for GitHub repositories, our SAST analysis provides fast, precise security feedback directly inside your pull requests. You instantly know how many vulnerabilities are detected and, until now, you would systematically go to SonarCloud to start investigating. Not anymore. From this point...

7.6AI score
Exploits0
GithubExploit
GithubExploit
added 2021/12/11 2:54 p.m.307 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4j log4shell CVE-2021-44228 Public IoCs list Public IoCs...

10CVSS9.3AI score0.99999EPSS
Exploits351
SonarSource Blog
SonarSource Blog
added 2021/10/21 12:0 a.m.14 views

Meet the new project experience for SonarCloud

We are very pleased to announce that we have released a new project experience. It’s now available in SonarCloud for all users. You’ll notice a few improvements the next time you open SonarCloud. We’re going to tell you more about what this makeover is about in this article. You may be wondering...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2021/07/09 9:30 p.m.54 views

Security Scorecards - Security Health Metrics For Open Source

Security Health Metrics For Open Source Motivation A short motivational video clip to inspire us: https://youtu.be/rDMMYT3vkTk "You passed! All D's ... and an A!" Goals 1. Automate analysis and trust decisions on the security posture of open source projects. 2. Use this data to proactively improv...

7.4AI score
Exploits0References19
BDU FSTEC
BDU FSTEC
added 2021/04/27 12:0 a.m.7 views

The vulnerability of the editor extension for Microsoft Visual Studio Code’s GitHub Pull Requests and Issues extension, related to improper code generation management, allows a perpetrator to execute arbitrary code.

The vulnerability of the editor extension for Microsoft Visual Studio Code’s GitHub Pull Requests and Issues extension is related to improper code generation management. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a specially crafted request...

7.8CVSS7.6AI score0.02253EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/04/13 8:15 p.m.4 views

CVE-2021-28470

Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability...

7.8CVSS5.9AI score0.02253EPSS
Exploits0References1
NVD
NVD
added 2021/04/13 8:15 p.m.33 views

CVE-2021-28470

Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability...

7.8CVSS0.02253EPSS
Exploits0References1
Prion
Prion
added 2021/04/13 8:15 p.m.19 views

Remote code execution

Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability...

6.8CVSS7.9AI score0.02253EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/04/13 7:33 p.m.35 views

CVE-2021-28470 Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability

...

7.8CVSS7.8AI score0.02253EPSS
Exploits0References1
CVE
CVE
added 2021/04/13 7:33 p.m.102 views

CVE-2021-28470

CVE-2021-28470 affects the Visual Studio Code GitHub Pull Requests and Issues Extension. The vulnerability is a remote code execution flaw in the extension component, with exploitation requiring user interaction and local access, as indicated by CVSS 3.1 (LOCAL, UI: REQUIRED, C/H/I/A HIGH). Affec...

7.8CVSS7.9AI score0.02253EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2021/04/13 7:0 a.m.42 views

Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution Vulnerability

...

7.8CVSS7.8AI score0.02253EPSS
Exploits0
NCSC
NCSC
added 2021/04/13 12:0 a.m.81 views

Vulnerabilities fixed in Microsoft Developer Tools

Vulnerabilities have been fixed in Windows Developer Tools. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Remote code execution User privileges. Impersonating another user Access to sensitive data Increased use...

7.8CVSS7.1AI score0.63034EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2021/04/13 12:0 a.m.33 views

Security Update for Microsoft Visual Studio Code GitHub Pull Requests and Isssues Extension (April 2021)

The Microsoft Visual Studio Code GitHub Pull Requests and Issues Extension is prior to version 0.25.1. It is, therefore, affected by a remote code execution vulnerability. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to execute arbitrary...

7.8CVSS8.5AI score0.02253EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2021/03/15 12:0 a.m.6 views

PT-2021-2740 · Microsoft · Visual Studio Code Github Pull Requests/Issues Extension

Name of the Vulnerable Software and Affected Versions: Visual Studio Code GitHub Pull Requests and Issues Extension affected versions not specified Description: The issue is related to incorrect code generation management in the extension, which can be exploited by sending a specially crafted...

7.8CVSS7.7AI score0.02253EPSS
Exploits0References5
Rows per page
Query Builder