Lucene search
K

368 matches found

Vulnrichment
Vulnrichment
added 2024/12/16 12:0 a.m.5 views

CVE-2024-56083

Cognition Devin before 2024-12-12 provides write access to code by an attacker who discovers the https://vscode-randomlygeneratedstring.devinapps.com URL aka the VSCode live share URL for a specific "Use Devin's Machine" session. For example, this URL may be discovered if a customer posts a...

7AI score0.00531EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/12 9:25 p.m.4 views

Malicious code in vscode-reh-rce (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 645c7a216c974ca0e1e77bbdfbbd3659bf3ea42e681d987c858de32c8f3bcc34 The OpenSSF Package Analysis project identified 'vscode-reh-rce' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSV
OSV
added 2024/12/12 9:25 p.m.7 views

MAL-2024-11801 Malicious code in vscode-reh-rce (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 645c7a216c974ca0e1e77bbdfbbd3659bf3ea42e681d987c858de32c8f3bcc34 The OpenSSF Package Analysis project identified 'vscode-reh-rce' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/09 6:15 a.m.5 views

Malicious code in vscode-dotnet-runtime (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/12/09 6:15 a.m.6 views

MAL-2024-11485 Malicious code in vscode-dotnet-runtime (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2024/11/24 3:55 p.m.4 views

MAL-2024-10905 Malicious code in dashlane-vscode (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 79f2a48c1181725012456cc91fb5af9013cdea7e6e5b193c8cd5947f247a4d52 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/24 3:55 p.m.4 views

Malicious code in dashlane-vscode (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 79f2a48c1181725012456cc91fb5af9013cdea7e6e5b193c8cd5947f247a4d52 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/10/12 5:2 p.m.8 views

MAL-2024-9282 Malicious code in huggingface-vscode (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 05d5f0f4f0cc4f4b8a99f6a6b4c1ca2e0aa13ab6cd2d0d7fd3e7a23a2d9593cb The OpenSSF Package Analysis project identified 'huggingface-vscode' @ 100.2.2 npm as malicious. It is considered malicious because: - The packa...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/12 5:2 p.m.4 views

Malicious code in huggingface-vscode (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 05d5f0f4f0cc4f4b8a99f6a6b4c1ca2e0aa13ab6cd2d0d7fd3e7a23a2d9593cb The OpenSSF Package Analysis project identified 'huggingface-vscode' @ 100.2.2 npm as malicious. It is considered malicious because: - The packa...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/10/11 12:0 a.m.17 views

FreeBSD : vscode -- Visual Studio Code for Linux Remote Code Execution Vulnerability (64e299b6-d12b-4a7a-a94f-ab133703925a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 64e299b6-d12b-4a7a-a94f-ab133703925a advisory. VSCode developers report: Visual Studio Code for Linux Remote Code Execution Vulnerability A remote cod...

7.8CVSS6.6AI score0.01002EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2024/10/08 12:0 a.m.17 views

vscode -- Visual Studio Code for Linux Remote Code Execution Vulnerability

VSCode developers report: Visual Studio Code for Linux Remote Code Execution Vulnerability A remote code execution vulnerability exists in VS Code 1.94.0 and earlier versions in the elevated save flow...

7.8CVSS8.4AI score0.01002EPSS
Exploits0References2
NVD
NVD
added 2024/08/13 7:15 p.m.13 views

CVE-2024-7739

A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...

6.9CVSS0.00421EPSS
Exploits0References5
NVD
NVD
added 2024/08/13 7:15 p.m.28 views

CVE-2024-7738

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...

7.8CVSS0.003EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/08/13 7:0 p.m.22 views

CVE-2024-7739 yzane vscode-markdown-pdf cross site scripting

A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...

6.9CVSS0.00421EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/08/13 7:0 p.m.17 views

CVE-2024-7739 yzane vscode-markdown-pdf cross site scripting

A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used...

6.9CVSS6.4AI score0.00421EPSS
Exploits0References5
CVE
CVE
added 2024/08/13 7:0 p.m.53 views

CVE-2024-7739

CVE-2024-7739 affects the yzane vscode-markdown-pdf extension (version 1.5.0). The issue is a cross-site scripting vulnerability caused by manipulation in an unknown part of the extension, with remote exploitation possible. The vulnerability is publicly disclosed and has PoC materials referenced ...

6.9CVSS4.5AI score0.00421EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/08/13 7:0 p.m.4 views

CVE-2024-7738 yzane vscode-markdown-pdf Markdown File pathname traversal

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...

4.8CVSS5AI score0.003EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/08/13 7:0 p.m.33 views

CVE-2024-7738 yzane vscode-markdown-pdf Markdown File pathname traversal

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...

4.8CVSS0.003EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/08/13 7:0 p.m.16 views

CVE-2024-7738 yzane vscode-markdown-pdf Markdown File pathname traversal

A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has...

4.8CVSS7AI score0.003EPSS
Exploits0References5
CVE
CVE
added 2024/08/13 7:0 p.m.85 views

CVE-2024-7738

The CVE-2024-7738 entry affects yzane vscode-markdown-pdf 1.5.0 (Markdown File Handler) and describes a pathname traversal vulnerability exploitable with local access. Several connected sources confirm the issue, with exploitation disclosed publicly (POCs/videos referenced). The root cause is unk...

7.8CVSS4AI score0.003EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder