Lucene search
K

7 matches found

CNNVD
CNNVD
added 2026/04/23 12:0 a.m.11 views

Radare2 MCP Server 操作系统命令注入漏洞

Radare2 MCP Server is an open-source binary analysis tool based on Radare2 developed by the radare.org community. Versions of Radare2 MCP Server prior to version 1.6.0 contained a vulnerability related to operating system command injection. This vulnerability arises from operating system command...

9.8CVSS6.1AI score0.0192EPSS
Exploits1References1
CVE
CVE
added 2025/03/31 9:52 p.m.65 views

CVE-2025-31695

CVE-2025-31695 affects the Drupal Link field display mode formatter. The issue is Improper Neutralization of Input During Web Page Generation (XSS) in the module, allowing cross-site scripting. Affected versions are 0.0.0 through 1.6.0; the component is the Link field display mode formatter. Root...

6.1CVSS6.4AI score0.00242EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/05/15 12:0 a.m.3 views

Arc 安全漏洞

ARC is a software package for creating and maintaining file archives. A security vulnerability exists in versions prior to Arc v1.6.0 that stems from using archives without properly validating the filenames within them, making them vulnerable to path traversal attacks...

8.9CVSS6.7AI score0.00673EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.6 views

jose2go Security Vulnerabilities

jose2go is a Golang implementation of the Javascript object signing and encryption specification for individual developers at DV. A security vulnerability exists in jose2go versions prior to 1.6.0, which originated from a vulnerability that allows an attacker to cause a denial of service via a...

7.5CVSS8.6AI score0.00824EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/02/06 7:59 p.m.6 views

CVE-2023-0178 Annual Archive < 1.6.0 - Contributor+ Stored XSS

The Annual Archive WordPress plugin before 1.6.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6AI score0.00573EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2021/04/14 12:0 a.m.4 views

PT-2021-12082 · Gin · Gin-Gonic/Gin

Name of the Vulnerable Software and Affected Versions: gin-gonic/gin versions prior to 1.6.0 Description: The issue allows remote attackers to inject arbitrary log lines due to unsanitized input in the default logger. This can be achieved by manipulating the request path, which affects the defaul...

7.5CVSS4.6AI score0.01448EPSS
Exploits1References14
CNNVD
CNNVD
added 2021/04/05 12:0 a.m.8 views

WordPress 代码问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A code issue vulnerability exists in the WordPress plugin Backup and Migrate Plugin Backup Guard...

7.2CVSS7.8AI score0.84112EPSS
Exploits9References6
Rows per page
Query Builder