Lucene search
K

800 matches found

CVE
CVE
added 2026/01/12 6:43 p.m.36 views

CVE-2026-22785

Summary: Orval (MCP client/server code path) is vulnerable to arbitrary code execution via unsanitized input in OpenAPI specs. The CVE-2026-22785/MCP issue arises from string-manipulation in the MCP server generation logic that embeds the summary field without proper validation/escaping, allowing...

9.8CVSS6.6AI score0.00709EPSS
Exploits2References2Affected Software1
CNNVD
CNNVD
added 2026/01/12 12:0 a.m.4 views

orval 命令注入漏洞

Orval is an interface development tool from Orval Open Source. A command injection vulnerability exists in versions prior to orval 7.18.0 that stems from the MCP server generation logic not properly validating or escaping the summary field of the OpenAPI specification, which could lead to arbitra...

9.8CVSS7.7AI score0.00709EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/01/12 12:0 a.m.6 views

PT-2026-2296

Name of the Vulnerable Software and Affected Versions orval versions prior to 7.18.0 Description orval generates type-safe JS clients TypeScript from OpenAPI specifications. Before version 7.18.0, the server generation logic in the MCP component used string manipulation on the summary field from...

9.3CVSS5.6AI score0.00709EPSS
Exploits2References11
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.5 views

CVE-2025-23887

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in scottwallick Blog Summary blog-summary allows Stored XSS.This issue affects Blog Summary: from n/a through = 0.1.2 β...

6.5CVSS7.2AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.5 views

CVE-2024-41943

I, Librarian is an open-source version of a PDF managing SaaS. PDF notes are displayed on the Item Summary page without any form of validation or sanitation. An attacker can exploit this vulnerability by inserting a payload in the PDF notes that contains malicious code or script. This code will...

4.6CVSS7.1AI score0.00279EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:59 a.m.5 views

CVE-2023-49334

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report...

8.8CVSS8AI score0.03005EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/12/25 1:4 a.m.4 views

SUSE CVE-2022-50753

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...

6.6AI score0.00206EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/24 3:30 p.m.5 views

EUVD-2022-55808

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...

6AI score0.00206EPSS
Exploits0References7
NVD
NVD
added 2025/12/24 1:16 p.m.5 views

CVE-2022-50753

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...

0.00206EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/24 1:16 p.m.3 views

CVE-2022-50753

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...

5.9AI score0.00206EPSS
Exploits0References7
OSV
OSV
added 2025/12/24 1:16 p.m.4 views

UBUNTU-CVE-2022-50753

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...

5.7AI score0.00206EPSS
Exploits0References8
CVE
CVE
added 2025/12/24 1:5 p.m.16 views

CVE-2022-50753

CVE-2022-50753 affects the Linux kernel F2FS recovery paths. Public details in connected documents show a use-after-free in recover_data due to an SSA table corruption (ofs_in_node > ADDRS_PER_PAGE) leading to out-of-bounds access during mount for a fuzzed image. The patch adds sanity checks o...

6.2AI score0.00206EPSS
Exploits0References6
OSV
OSV
added 2025/12/24 1:5 p.m.4 views

CVE-2022-50753 f2fs: fix to do sanity check on summary info

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...

6.4AI score0.00206EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/12/24 1:5 p.m.27 views

CVE-2022-50753 f2fs: fix to do sanity check on summary info

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...

0.00206EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.4 views

PT-2025-53119

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc4 Description The Linux kernel contains a flaw within the f2fs file system related to sanity checks on summary information. This issue can lead to a use-after-free condition, specifically triggered by...

6.5AI score0.00206EPSS
Exploits0References8
Wolfi
Wolfi
added 2025/12/23 7:48 p.m.3 views

GHSA-9FJM-6W64-76R7 vulnerabilities

Vulnerabilities for packages: chromium...

7AI score
Exploits0
EUVD
EUVD
added 2025/12/18 4:43 p.m.4 views

EUVD-2025-204382

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AmentoTech Tuturn allows Path Traversal.This issue affects Tuturn: from n/a before 3.6...

6.5CVSS6.3AI score0.00302EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/11/22 1:1 a.m.7 views

f2fs: zone: fix to avoid inconsistence in between SIT and SSA

...

5.5CVSS7AI score0.00138EPSS
Exploits0
CNVD
CNVD
added 2025/11/20 12:0 a.m.3 views

Online Shopping Portal product-details.php file SQL Injection Vulnerability

Online Shopping Portal is an online store system. Online Shopping Portal suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements for the name, summary, review, quality, price, and value parameters in product-details.php. An attacker c...

6.5CVSS8.3AI score0.00215EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2025/11/19 12:0 a.m.215 views

📄 Fortinet FortiWeb 8.0.0 Authentication Bypass

Analysis write up of the Fortinet FortiWeb version 8.0.0 authentication bypass vulnerability that can be leveraged for remote code execution. Titles: Fortinet FortiWeb Auth-8.0.0 Bypass CVE-2025-64446 Author: nu11secur1ty Date: 11/17/2025 Vendor: https://www.fortinet.com/ Software: v8.0.0...

9.8CVSS8.5AI score0.89177EPSS
Exploits17
Rows per page
Query Builder