368 matches found
CVE-2024-56083
Cognition Devin before 2024-12-12 provides write access to code by an attacker who discovers the https://vscode-randomlygeneratedstring.devinapps.com URL aka the VSCode live share URL for a specific "Use Devin's Machine" session. For example, this URL may be discovered if a customer posts a...
Malicious code in vscode-reh-rce (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 645c7a216c974ca0e1e77bbdfbbd3659bf3ea42e681d987c858de32c8f3bcc34 The OpenSSF Package Analysis project identified 'vscode-reh-rce' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-11801 Malicious code in vscode-reh-rce (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 645c7a216c974ca0e1e77bbdfbbd3659bf3ea42e681d987c858de32c8f3bcc34 The OpenSSF Package Analysis project identified 'vscode-reh-rce' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in vscode-dotnet-runtime (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11485 Malicious code in vscode-dotnet-runtime (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-10905 Malicious code in dashlane-vscode (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 79f2a48c1181725012456cc91fb5af9013cdea7e6e5b193c8cd5947f247a4d52 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dashlane-vscode (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 79f2a48c1181725012456cc91fb5af9013cdea7e6e5b193c8cd5947f247a4d52 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9282 Malicious code in huggingface-vscode (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 05d5f0f4f0cc4f4b8a99f6a6b4c1ca2e0aa13ab6cd2d0d7fd3e7a23a2d9593cb The OpenSSF Package Analysis project identified 'huggingface-vscode' @ 100.2.2 npm as malicious. It is considered malicious because: - The packa...
Malicious code in huggingface-vscode (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 05d5f0f4f0cc4f4b8a99f6a6b4c1ca2e0aa13ab6cd2d0d7fd3e7a23a2d9593cb The OpenSSF Package Analysis project identified 'huggingface-vscode' @ 100.2.2 npm as malicious. It is considered malicious because: - The packa...
FreeBSD : vscode -- Visual Studio Code for Linux Remote Code Execution Vulnerability (64e299b6-d12b-4a7a-a94f-ab133703925a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 64e299b6-d12b-4a7a-a94f-ab133703925a advisory. VSCode developers report: Visual Studio Code for Linux Remote Code Execution Vulnerability A remote cod...
vscode -- Visual Studio Code for Linux Remote Code Execution Vulnerability
VSCode developers report: Visual Studio Code for Linux Remote Code Execution Vulnerability A remote code execution vulnerability exists in VS Code 1.94.0 and earlier versions in the elevated save flow...
CVE-2024-7739
A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...
CVE-2024-7738
A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...
CVE-2024-7739 yzane vscode-markdown-pdf cross site scripting
A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...
CVE-2024-7739 yzane vscode-markdown-pdf cross site scripting
A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...
CVE-2024-7739
CVE-2024-7739 affects the yzane vscode-markdown-pdf extension (version 1.5.0). The issue is a cross-site scripting vulnerability caused by manipulation in an unknown part of the extension, with remote exploitation possible. The vulnerability is publicly disclosed and has PoC materials referenced ...
CVE-2024-7738 yzane vscode-markdown-pdf Markdown File pathname traversal
A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...
CVE-2024-7738 yzane vscode-markdown-pdf Markdown File pathname traversal
A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...
CVE-2024-7738 yzane vscode-markdown-pdf Markdown File pathname traversal
A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...
CVE-2024-7738
The CVE-2024-7738 entry affects yzane vscode-markdown-pdf 1.5.0 (Markdown File Handler) and describes a pathname traversal vulnerability exploitable with local access. Several connected sources confirm the issue, with exploitation disclosed publicly (POCs/videos referenced). The root cause is unk...