Lucene search
+L

94 matches found

cve
cve
added 2026/06/11 6:31 p.m.87 views

CVE-2026-47167

Vim has a code injection vulnerability in the cucumber filetype plugin (runtime/ftplugin/cucumber.vim) affecting builds with +ruby support prior to version 9.2.0496. A crafted step-definition regex pulled from .rb files under features// or stories/ / directories is embedded into a Ruby Kernel.eva...

5.3CVSS5.9AI score0.00135EPSS
Exploits0References3Affected Software1
cnnvd
cnnvd
added 2026/03/18 12:0 a.m.7 views

OpenProject SQL注入漏洞

OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1 have a SQL injection vulnerability. This vulnerability arises from custom field names not being properly cleaned in SQL queries, which can allow SQL injection...

9.1CVSS6AI score0.00269EPSS
Exploits0References1
nessus
nessus
added 2026/02/12 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-2302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.fromhash may allow for executing arbitrary Ruby code...

6.9CVSS6AI score0.00196EPSS
Exploits0References2
snyk
snyk
added 2026/02/10 7:54 p.m.7 views

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution via the Mongoid::Criteria.fromhash function. An attacker can execute arbitrary Ruby code by supplying a specially crafted Hash value. Remediation Upgrade mongoid to version 7.6.1, 8.0.12, 8.1.12, 9.0.10 or highe...

6.9CVSS6.1AI score0.00196EPSS
Exploits0References2
nvd
nvd
added 2026/02/10 7:16 p.m.15 views

CVE-2026-2302

Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.fromhash may allow for executing arbitrary Ruby code...

6.9CVSS0.00196EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2026/02/10 7:16 p.m.10 views

CVE-2026-2302

Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.fromhash may allow for executing arbitrary Ruby code...

6.9CVSS5.8AI score0.00196EPSS
Exploits0References2
osv
osv
added 2026/02/10 7:16 p.m.64 views

UBUNTU-CVE-2026-2302

Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.fromhash may allow for executing arbitrary Ruby code...

6.9CVSS5.9AI score0.00196EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/02/10 6:59 p.m.5 views

CVE-2026-2302 Unsafe Reflection in Mongoid::Criteria.from_hash

Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.fromhash may allow for executing arbitrary Ruby code...

6.9CVSS5.6AI score0.00196EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/02/10 12:0 a.m.22 views

PT-2026-7435

Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.from hash may allow for executing arbitrary Ruby code...

6.9CVSS5.6AI score0.00196EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/01/14 7:25 p.m.10 views

CVE-2025-68271

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From 5.0.0 to 6.10.1, OpenC3 COSMOS contains a critical remote code execution vulnerability reachable through the JSON-RPC API. When a JSON-RPC request uses the string form of...

10CVSS8.5AI score0.00536EPSS
Exploits0References1
cvelist
cvelist
added 2026/01/13 6:32 p.m.27 views

CVE-2025-68271 Unauthenticated Remote Code Execution in openc3-api

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From 5.0.0 to 6.10.1, OpenC3 COSMOS contains a critical remote code execution vulnerability reachable through the JSON-RPC API. When a JSON-RPC request uses the string form of...

10CVSS0.00536EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/01/13 12:0 a.m.11 views

OpenC3 COSMOS 安全漏洞

OpenC3 COSMOS is an OpenC3 open source application. A security vulnerability exists in OpenC3 COSMOS versions 5.0.0 through 6.10.1, which stems from improper parsing of the text of an attacker-controlled parameter in Stringconverttovalue in the JSON-RPC API, which could lead to an unauthenticated...

10CVSS5.9AI score0.00536EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-2275

Malware in sbrugna...

9.8CVSS9.3AI score0.02344EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-1469

Malware in sbrugna...

9.8CVSS9.2AI score0.01441EPSS
Exploits0References6
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2013-4096

Malware in sbrugna...

8.5CVSS8.7AI score0.01255EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.13 views

EUVD-2017-0326

Malware in sbrugna...

7.5CVSS6.2AI score0.01555EPSS
Exploits0References8
euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-3027

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00388EPSS
Exploits0References13
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-4435

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.08482EPSS
Exploits1References14
nessus
nessus
added 2025/08/24 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-14001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access such as...

9.8CVSS8.2AI score0.0456EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/07/17 7:55 p.m.9 views

CVE-2025-49828

Conjur provides secrets management and application identity for infrastructure. Conjur OSS versions 1.19.5 through 1.21.1 and Secrets Manager, Self-Hosted formerly known as Conjur Enterprise 13.1 through 13.4.1 are vulnerable to remote code execution An authenticated attacker who can inject secre...

8.8CVSS8.5AI score0.01972EPSS
Exploits0References1
Rows per page
Query Builder