Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-21091

Malware in sbrugna...

9.8CVSS9.2AI score0.02223EPSS
Exploits0References2
OSV
OSV
added 2021/09/02 9:15 p.m.19 views

CVE-2021-34436

In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote code execution and XXE via the theia-xml-extension. This extension uses lsp4xml recently renamed to LemMinX in order to provide language support for XML. This is installed by default...

9.8CVSS7.7AI score
Exploits0References1
NVD
NVD
added 2021/09/02 9:15 p.m.14 views

CVE-2021-34436

In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote code execution and XXE via the theia-xml-extension. This extension uses lsp4xml recently renamed to LemMinX in order to provide language support for XML. This is installed by default...

9.8CVSS0.02223EPSS
Exploits0References1
Prion
Prion
added 2021/09/02 9:15 p.m.15 views

Design/Logic Flaw

In Eclipse Theia 0.1.1 to 0.2.0, it is possible to exploit the default build to obtain remote code execution and XXE via the theia-xml-extension. This extension uses lsp4xml recently renamed to LemMinX in order to provide language support for XML. This is installed by default...

7.5CVSS9.6AI score0.02223EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/09/02 8:55 p.m.50 views

CVE-2021-34436

The CVE affects Eclipse Theia 0.1.1–0.2.0, where the default build loads the theia-xml-extension (using lsp4xml, recently renamed LemMinX) to provide XML language support. This extension is installed by default, enabling remote code execution and XXE via the XML support component. Connected docum...

9.8CVSS9.7AI score0.02223EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/09/02 12:0 a.m.7 views

Eclipse Theia 代码问题漏洞

Eclipse Theia is the Eclipse Foundation's set of open source IDE frameworks for desktop and web applications based on Visual Studio Code. A security vulnerability exists in Eclipse Theia versions 0.1.1 through 0.2.0, which can be exploited by an attacker to obtain remote code execution via...

9.8CVSS9.1AI score0.02223EPSS
Exploits0References1
Rows per page
Query Builder