Lucene search
K

19194 matches found

Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986549)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986549 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is...

7.8CVSS5.9AI score0.00241EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986789)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986789 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is...

7.8CVSS5.9AI score0.00241EPSS
Exploits0References4
NVD
NVD
added 2025/10/06 5:15 a.m.5 views

CVE-2025-11320

A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...

6.5CVSS0.00298EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/06 4:32 a.m.8 views

CVE-2025-11320 zhuimengshaonian wisdom-education UploadController.java uploadFile unrestricted upload

A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...

6.5CVSS0.00298EPSS
Exploits0References5
CVE
CVE
added 2025/10/06 4:32 a.m.9 views

CVE-2025-11320

CVE-2025-11320 affects zhuimengshaonian wisdom-education up to 1.0.4. The vulnerability lies in the uploadFile function in src/main/java/com/education/core/controller/UploadController.java, where improper handling/manipulation of the File argument enables unrestricted file upload. Remote exploita...

6.5CVSS6.6AI score0.00298EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/10/06 4:32 a.m.1 views

CVE-2025-11320 zhuimengshaonian wisdom-education UploadController.java uploadFile unrestricted upload

A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...

6.5CVSS6.4AI score0.00298EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/06 4:32 a.m.3 views

EUVD-2025-32485

A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...

6.5CVSS6.4AI score0.00298EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/10/06 12:0 a.m.3 views

PT-2025-40848

Name of the Vulnerable Software and Affected Versions zhuimengshaonian wisdom-education versions prior to 1.0.5 Description A security issue exists in zhuimengshaonian wisdom-education. The uploadFile function within the file src/main/java/com/education/core/controller/UploadController.java is...

6.5CVSS6.3AI score0.00298EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/10/06 12:0 a.m.3 views

wisdom-education 代码问题漏洞

wisdom-education is a cloud intelligence education platform by zhuimengshaonian individual developer. A code issue vulnerability exists in wisdom-education 1.0.4 and earlier versions, which stems from the incorrect manipulation of the parameter File in the file...

6.5CVSS6.6AI score0.00298EPSS
Exploits0References5
Snyk
Snyk
added 2025/10/05 6:45 a.m.3 views

Command Injection

Overview @samanhappy/mcphub is an A hub server for mcp servers Affected versions of this package are vulnerable to Command Injection via the serverController.ts process. A user can execute arbitrary operating system commands by supplying crafted input to the command or args parameters. Remediatio...

8.8CVSS7.1AI score0.07794EPSS
Exploits1References2
Snyk
Snyk
added 2025/10/05 6:45 a.m.1 views

Server-side Request Forgery (SSRF)

Overview @samanhappy/mcphub is an A hub server for mcp servers Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the baseUrl argument in the serverController.ts. An attacker can make the server initiate arbitrary requests to internal or external systems by...

5.8CVSS7.1AI score0.00287EPSS
Exploits1References2
CVE
CVE
added 2025/10/05 6:32 a.m.12 views

CVE-2025-11286

CVE-2025-11286 affects samanhappy MCPHub up to version 0.9.10. The flaw is in src/controllers/serverController.ts of the MCPRouter Service, where manipulation of the baseUrl argument enables server-side request forgery (SSRF). Exploitation can be remote; the exploit has been publicly disclosed. T...

5.8CVSS5AI score0.00287EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/10/05 6:30 a.m.3 views

GHSA-5Q2P-3JG8-2M98 MCPHub's ServerController is vulnerable to Command Injection

A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...

5.3CVSS6.9AI score0.07794EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/05 6:30 a.m.4 views

EUVD-2025-32449

A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...

6.5CVSS6.3AI score0.07794EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2025/10/05 6:30 a.m.7 views

MCPHub's ServerController is vulnerable to Command Injection

A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...

8.8CVSS6.9AI score0.07794EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2025/10/05 6:15 a.m.8 views

CVE-2025-11285

A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...

8.8CVSS0.07794EPSS
Exploits1References4
OSV
OSV
added 2025/10/05 6:15 a.m.4 views

CVE-2025-11285

A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...

8.8CVSS6.9AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/05 6:2 a.m.2 views

CVE-2025-11285 samanhappy MCPHub serverController.ts os command injection

A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...

6.5CVSS6.5AI score0.07794EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2025/10/05 1:1 a.m.4 views

Bluetooth: HCI: Remove HCI_AMP support

...

5.5CVSS7AI score0.00209EPSS
Exploits0
CNNVD
CNNVD
added 2025/10/05 12:0 a.m.3 views

MCPHub 安全漏洞

MCPHub is an MCP server management tool by samanhappy individual developer. A security vulnerability exists in MCPHub version 0.9.10 and earlier, which stems from the incorrect manipulation of the parameter command/args in the file src/controllers/serverController.ts, which could lead to an os...

8.8CVSS6.7AI score0.07794EPSS
Exploits1References4
Rows per page
Query Builder