19194 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986549)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986549 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986789)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986789 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix use-after-free warning Fix the following use-after-free warning which is...
CVE-2025-11320
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...
CVE-2025-11320 zhuimengshaonian wisdom-education UploadController.java uploadFile unrestricted upload
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...
CVE-2025-11320
CVE-2025-11320 affects zhuimengshaonian wisdom-education up to 1.0.4. The vulnerability lies in the uploadFile function in src/main/java/com/education/core/controller/UploadController.java, where improper handling/manipulation of the File argument enables unrestricted file upload. Remote exploita...
CVE-2025-11320 zhuimengshaonian wisdom-education UploadController.java uploadFile unrestricted upload
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...
EUVD-2025-32485
A security vulnerability has been detected in zhuimengshaonian wisdom-education up to 1.0.4. Impacted is the function uploadFile of the file src/main/java/com/education/core/controller/UploadController.java. Such manipulation of the argument File leads to unrestricted upload. It is possible to...
PT-2025-40848
Name of the Vulnerable Software and Affected Versions zhuimengshaonian wisdom-education versions prior to 1.0.5 Description A security issue exists in zhuimengshaonian wisdom-education. The uploadFile function within the file src/main/java/com/education/core/controller/UploadController.java is...
wisdom-education 代码问题漏洞
wisdom-education is a cloud intelligence education platform by zhuimengshaonian individual developer. A code issue vulnerability exists in wisdom-education 1.0.4 and earlier versions, which stems from the incorrect manipulation of the parameter File in the file...
Command Injection
Overview @samanhappy/mcphub is an A hub server for mcp servers Affected versions of this package are vulnerable to Command Injection via the serverController.ts process. A user can execute arbitrary operating system commands by supplying crafted input to the command or args parameters. Remediatio...
Server-side Request Forgery (SSRF)
Overview @samanhappy/mcphub is an A hub server for mcp servers Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the baseUrl argument in the serverController.ts. An attacker can make the server initiate arbitrary requests to internal or external systems by...
CVE-2025-11286
CVE-2025-11286 affects samanhappy MCPHub up to version 0.9.10. The flaw is in src/controllers/serverController.ts of the MCPRouter Service, where manipulation of the baseUrl argument enables server-side request forgery (SSRF). Exploitation can be remote; the exploit has been publicly disclosed. T...
GHSA-5Q2P-3JG8-2M98 MCPHub's ServerController is vulnerable to Command Injection
A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...
EUVD-2025-32449
A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...
MCPHub's ServerController is vulnerable to Command Injection
A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...
CVE-2025-11285
A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...
CVE-2025-11285
A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...
CVE-2025-11285 samanhappy MCPHub serverController.ts os command injection
A vulnerability was found in samanhappy MCPHub up to 0.9.10. Affected by this issue is some unknown functionality of the file src/controllers/serverController.ts. The manipulation of the argument command/args results in os command injection. The attack can be launched remotely. The exploit has be...
Bluetooth: HCI: Remove HCI_AMP support
...
MCPHub 安全漏洞
MCPHub is an MCP server management tool by samanhappy individual developer. A security vulnerability exists in MCPHub version 0.9.10 and earlier, which stems from the incorrect manipulation of the parameter command/args in the file src/controllers/serverController.ts, which could lead to an os...