CVE-2026-10691 wonderwhy-er DesktopCommanderMCP start_search search-manager.ts redos

A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component startsearch. Performing a manipulation of the argument SearchResult results in inefficient regular expression complexity. It is...

CVE-2025-10691

creationtimestamp| type| source ---|---|--- 2025-11-06 07:50:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4x3dircyo2q...

WordPress Easy Email Subscription plugin <= 1.3 - Cross-Site Request Forgery to Arbitrary Subscriber Deletion vulnerability

Cross-Site Request Forgery to Arbitrary Subscriber Deletion vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Easy Email Subscription versions = 1.3...

Linux Distros Unpatched Vulnerability : CVE-2020-10691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a...

Moxa AWK-3121 Improper Access Control (CVE-2018-10691)

An issue was discovered on Moxa AWK-3121 1.14 devices. It is intended that an administrator can download /systemlog.log the system log. However, the same functionality allows an attacker to download the file without any authentication or authorization. This plugin only works with Tenable.ot. Plea...

Ansible Tower 3.6.x =< 3.6.3 Archive Traversal Arbitrary File Overwrite Vulnerability

The version of Ansible Tower running on the remote web server is 3.6.x equal or prior to 3.6.3. It is, therefore, affected by an archive traversal arbitrary file overwrite vulnerability when extracting tar.gz archives. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

CVE-2020-10691

An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file with...

CVE-2020-10691

An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file with...

ALPINE-CVE-2020-10691

An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file with...

CVE-2020-10691

An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file with...

CVE-2020-10691

An archive traversal flaw was found in all ansible-engine versions 2.9.x prior to 2.9.7, when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file with...

CVE-2020-10691

CVE-2020-10691 affects Ansible Engine: all 2.9.x versions prior to 2.9.7. The vulnerability is an archive traversal in the extraction of a collection .tar.gz during ansible-galaxy collection install, where the target directory is created without sanitizing filenames, allowing an attacker to overw...

Fedora: Security Advisory for ansible (FEDORA-2020-3990f03ba3)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 30 : ansible (2020-1b6ce91e37)

Update to upstream bugfix and security update 2.9.7. See https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELO G-v2.9.rst for a detailed list of changes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system websit...

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.7)

An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.9.7)

An update for ansible is now available for Ansible Engine 2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

RHEL 7 / 8 : Ansible security update (2.9.7) (Important) (RHSA-2020:1541)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1541 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over S...

CVE-2020-10691

An archive traversal flaw was found in Ansible Engine when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system. Mitigation A possibl...

Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-1644)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-10691

creationtimestamp| type| source ---|---|--- 2019-06-08 00:28:28+00:00| seen| https://t.me/cibsecurity/4791...