Lucene search
K

6 matches found

CVE
CVE
added 2026/04/30 12:0 a.m.20 views

CVE-2026-7446

VetCoders mcp-server-semgrep version 1.0.0 is affected by CVE-2026-7446 in the MCP Interface. The vulnerability exists in the file src/index.ts (functions analyze_results, filter_results, export_results, compare_results, scan_directory, create_rule) where manipulation of the argument ID enables a...

7.5CVSS7.2AI score0.01394EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/08/18 12:33 a.m.10 views

CVE-2017-20199

A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this vulnerability is an unknown functionality of the component Vault Handler. The manipulation results in improper access controls. The attack may be performed from a remote location. A high complexity...

6.5CVSS3.8AI score0.00426EPSS
Exploits0References1
OSV
OSV
added 2025/08/16 12:15 a.m.7 views

CVE-2017-20199

A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this vulnerability is an unknown functionality of the component Vault Handler. The manipulation results in improper access controls. The attack may be performed from a remote location. A high complexity...

6.5CVSS3.8AI score
Exploits0References8
Cvelist
Cvelist
added 2025/08/15 11:32 p.m.13 views

CVE-2017-20199 Buttercup buttercup-browser-extension Vault access control

A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this vulnerability is an unknown functionality of the component Vault Handler. The manipulation results in improper access controls. The attack may be performed from a remote location. A high complexity...

3.1CVSS0.00426EPSS
Exploits0References8
Snyk
Snyk
added 2025/03/28 2:45 p.m.1 views

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip in the extract function in extractor.go, which doesn't sufficiently sanitize its input. An attacker can execute arbitrary commands or modify files with the permission of the user by...

8.8CVSS8.3AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/02/06 3:48 a.m.4 views

SUSE CVE-2025-24371

CometBFT is a distributed, Byzantine fault-tolerant, deterministic state machine replication engine. In the blocksync protocol peers send their base and latest heights when they connect to a new node A, which is syncing to the tip of a network. base acts as a lower ground and informs A that the...

7.1CVSS7AI score0.00447EPSS
Exploits0References3
Rows per page
Query Builder