367 matches found
Unspecified vulnerability in vscode-apple-swift-format
vscode-apple-swift-format is an unofficial VS Code extension for open source. Used to format Swift code using apple / swift-format. A security vulnerability exists in versions prior to vscode-apple-swift-format 1.1.2, which can be exploited by attackers to execute arbitrary code on a system...
Unspecified vulnerability in vscode-swiftformat
vscode-swiftformat is open source an unofficial VS Code extension . A security vulnerability exists in versions of vscode-swiftformat prior to 1.3.7, which can be exploited by attackers to execute arbitrary code on a system...
Unspecified vulnerability in vscode-shellcheck
vscode-shellcheck is open source an unofficial VS Code extension . A security vulnerability exists in versions of vscode-shellcheck prior to 0.13.4, which can be exploited by an attacker to execute arbitrary code on a system...
Unspecified vulnerability in vscode-swiftformat (CNVD-2021-29562)
vscode-swiftformat is an open source application. Automatically organize Swift code through SwiftFormat. A security vulnerability exists in vscode-swiftformat versions prior to 2.12.1, which can be exploited by attackers to execute arbitrary code...
Xavier Hahn vscode-matlab 默认配置问题漏洞
Xavier Hahn vscode-matlab is an open source application by Xavier Hahn. MATLAB extension before 2.0.1 suffers from a Default Configuration Issue vulnerability that can be exploited by an attacker to execute arbitrary code via a crafted workspace...
CVE-2021-28956
The unofficial vscode-sass-lint aka Sass Lint extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2021-28956
The unofficial vscode-sass-lint aka Sass Lint extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
Code injection
UNSUPPORTED WHEN ASSIGNED The unofficial vscode-sass-lint aka Sass Lint extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintaine...
CVE-2021-28956
The CVE-2021-28956 entry covers the unofficial vscode-sass-lint extension for Visual Studio Code, vulnerable through version 1.0.7. The root issue enables an attacker to cause execution of arbitrary binaries when a user opens a crafted workspace. The affected component is the vscode-sass-lint ext...
CVE-2021-28956
The unofficial vscode-sass-lint aka Sass Lint extension through 1.0.7 for Visual Studio Code allows attackers to execute arbitrary binaries if the user opens a crafted workspace. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
vscode-swiftlint code execution vulnerability
vscode-swiftlint is open source an unofficial VS Code extension . Swift styles and conventions can be implemented through SwiftLint . A code execution vulnerability exists in versions prior to vscode-swiftlint 1.4.5, which can be exploited by an attacker to execute arbitrary code on a system...
vscode-shellcheck 安全漏洞
vscode-shellcheck is open source an unofficial VS Code extension . A security vulnerability exists in versions of vscode-shellcheck prior to 0.13.4, which can be exploited by an attacker to execute arbitrary code on a system...
Exploit for CVE-2021-26700
RCE in NPM VSCode Extension Fixed 10th February 2021 in https...
GitLab gitlab-vscode-extension injection vulnerability
GitLab gitlab-vscode-extension is a VSCode code editor extension for Gitlab from GitLab USA. A security vulnerability exists in GitLab gitlab-vscode-extension version v2.2.0. An attacker can exploit the vulnerability to execute code on a user's system...
CVE-2020-13279
Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system...
CVE-2020-13279
Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system...
Code injection
Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system...
CVE-2020-13279
Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system...
@bionicmetrics/bionic (>=1.2.0 <=1.3.6), @smoosee/wakemeup (>=1.0.9 <=1.20.0) +8 more potentially affected by CVE-2020-7627 via node-key-sender (>=1.0.11 <=1.0.9)
node-key-sender NPM version =1.0.11, =1.2.0, =1.0.9, =1.5.0, =0.0.1, =1.0.0, =1.0.5, =0.9.0, =1.2.1, =1.1.0, =2.2.0 Source cves: CVE-2020-7627 Source advisory: SNYK:JS-NODEKEYSENDER-564261...
Microsoft VSCode Python Extension - Code Execution
Microsoft VSCode Python Extension - Code Execution VSCode Python Extension Code Execution This repository contains the Proof-of-Concept of a code execution vulnerability discovered in the Visual Studio Code Python extension. TL;DR: VScode may use code from a virtualenv found in the project folder...