Lucene search
K

242 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.3 views

SUSE SLES12 Security Update : ncurses (SUSE-SU-2026:1499-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1499-1 advisory. This update for ncurses fixes the following issue: - CVE-2025-69720: buffer overflow in function analyzestringof progs/infocmp.c bsc1259924. Tenable ha...

9.8CVSS6.1AI score0.00414EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/04/13 4:26 p.m.3 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

8.6CVSS7.2AI score0.00532EPSS
Exploits0References8
OSV
OSV
added 2026/04/02 12:31 p.m.1 views

GHSA-5226-3RVG-HP4X fast-filesystem-mcp is vulnerable to command injection through handleGetDiskUsage function

A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file src/index.ts. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been...

6.3CVSS6.3AI score0.0111EPSS
Exploits0References7
OSV
OSV
added 2026/03/26 6:39 p.m.5 views

CVE-2026-33491 Zen-C has Stack-Based Buffer Overflow in Identifier Mangling

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrary code by providing a specially crafted Zen C sour...

7.8CVSS6.5AI score0.00239EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.6 views

PT-2026-25660

Name of the Vulnerable Software and Affected Versions vanna-ai vanna versions up to 2.0.2 Description A flaw exists in the update sql/run sql function within the src/vanna/legacy/flask/ init .py file of the Endpoint component. This issue allows for server-side request forgery when a manipulation ...

7.5CVSS6.8AI score0.00278EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

MCP Code Executor 命令注入漏洞

MCP Code Executor is a code execution server developed by bazinga012. Versions of MCP Code Executor prior to 0.3.0 have a command injection vulnerability, which stems from incorrect operations on the function installDependencies in the file src/index.ts, potentially leading to command injection...

5.3CVSS6.5AI score0.00636EPSS
Exploits0References7
EUVD
EUVD
added 2026/03/12 9:31 a.m.5 views

EUVD-2026-11545

A vulnerability was determined in rxi fe up to ed4cda96bd582cbb08520964ba627efb40f3dd91. The impacted element is the function read of the file src/fe.c. This manipulation with the input 1 causes out-of-bounds read. The attack requires local access. The exploit has been publicly disclosed and may ...

4.8CVSS5.5AI score0.00115EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/03/12 7:32 a.m.1 views

CVE-2026-4012

A vulnerability was determined in rxi fe up to ed4cda96bd582cbb08520964ba627efb40f3dd91. The impacted element is the function read of the file src/fe.c. This manipulation with the input 1 causes out-of-bounds read. The attack requires local access. The exploit has been publicly disclosed and may ...

4.8CVSS5.5AI score0.00115EPSS
Exploits0References6
OSV
OSV
added 2026/03/03 9:31 p.m.4 views

GHSA-XC68-RRQC-QGQ3 MCP NMAP Server has an Injection vulnerability

A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function childprocess.exec of the file src/index.ts of the component Nmap CLI Command Handler. The manipulation results in command injection. The attack may...

6.3CVSS5.6AI score0.02569EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/03/03 7:42 a.m.15 views

CVE-2026-3409

A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...

7.5CVSS5.7AI score0.00328EPSS
Exploits0References1
NVD
NVD
added 2026/03/02 5:16 a.m.8 views

CVE-2026-3409

A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...

7.5CVSS0.00328EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/02 4:2 a.m.5 views

EUVD-2026-9142

A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...

7.5CVSS5.7AI score0.00328EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/02 4:2 a.m.5 views

CVE-2026-3409 eosphoros-ai db-gpt Flow Import Endpoint import importlib.machinery.SourceFileLoader.exec_module code injection

A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...

7.5CVSS6.8AI score0.00328EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/02 4:2 a.m.5 views

CVE-2026-3409

A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...

7.5CVSS6.8AI score0.00328EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.9 views

PT-2026-22540

Name of the Vulnerable Software and Affected Versions eosphoros-ai db-gpt version 0.7.5 Description A security flaw exists in eosphoros-ai db-gpt version 0.7.5 related to code injection. The issue is located in the function importlib.machinery.SourceFileLoader.exec module within the file...

7.5CVSS7AI score0.00328EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/02/22 1:28 a.m.8 views

CVE-2026-2858

A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of the file src/vm/wrencompiler.c of the component Source File Parser. Such manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...

7.1CVSS5.1AI score0.00124EPSS
Exploits0References1
NVD
NVD
added 2026/02/20 10:16 p.m.13 views

CVE-2026-2858

A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of the file src/vm/wrencompiler.c of the component Source File Parser. Such manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...

7.1CVSS0.00124EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/02/20 9:32 p.m.5 views

CVE-2026-2858 wren-lang wren Source File wren_compiler.c peekChar out-of-bounds

A vulnerability was identified in wren-lang wren up to 0.4.0. This affects the function peekChar of the file src/vm/wrencompiler.c of the component Source File Parser. Such manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...

4.8CVSS4.9AI score0.00124EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.11 views

PT-2026-20355

A security vulnerability has been detected in ggreer the silver searcher up to 2.2.0. The impacted element is the function search stream of the file src/search.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed...

4.8CVSS5.1AI score0.00153EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/02/11 12:0 a.m.4 views

CVE-2025-70085

An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames Source1Filename and the string returned by FileUtilFileStateStr into this buffer without any length checking and without using bounded format specifiers...

6AI score0.00532EPSS
Exploits0References4
Rows per page
Query Builder