Lucene search
K

8 matches found

Snyk
Snyk
added 2026/05/08 11:1 p.m.6 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization through the DeleteUpNodeLink process. An attacker can cause the application to crash and alter the in-memory user-plane topology by sending unauthenticated DELETE requests to the affected endpoint. Remediation...

8.8CVSS5.8AI score0.00324EPSS
Exploits1References4
Snyk
Snyk
added 2026/01/16 9:15 p.m.7 views

Missing Authentication for Critical Function

Overview @mcpjam/inspector is a MCPJam Inspector Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the connect route in the HTTP API. An attacker can execute arbitrary commands on the host system by sending a crafted HTTP request containing...

9.8CVSS6.3AI score0.43671EPSS
Exploits34References2
Positive Technologies
Positive Technologies
added 2026/01/16 12:0 a.m.8 views

PT-2026-3321

Name of the Vulnerable Software and Affected Versions MCPJam inspector versions prior to 1.4.3 Description MCPJam inspector, a local-first development platform for MCP servers, contains a flaw that allows remote code execution RCE. The software by default listens on 0.0.0.0 instead of 127.0.0.1,...

9.8CVSS6.7AI score0.43671EPSS
Exploits34References30
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.5 views

PT-2026-2128

Name of the Vulnerable Software and Affected Versions CryptoLib versions prior to 1.4.3 Description CryptoLib is a software solution that uses the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft and a ground station. Prior to...

8.2CVSS6.6AI score0.00414EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.6 views

PT-2026-2130

Name of the Vulnerable Software and Affected Versions CryptoLib versions prior to 1.4.3 Description CryptoLib is a software solution utilizing the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft and a ground station. An...

8.2CVSS6.8AI score0.00514EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.12 views

PT-2024-9681 · Lunary Ai · Lunary

Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary versions 1.3.2 through 1.4.2 Description: The issue is related to an IDOR vulnerability in the 'Evaluations' function of the 'umgws datasets' section. This vulnerability allows an authenticated user to update other users'...

8.2CVSS7.5AI score0.00433EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/03/10 12:0 a.m.9 views

PT-2023-10009 · Mmdeveloper · Mmdeveloper A Forms Plugin

Name of the Vulnerable Software and Affected Versions: MMDeveloper A Forms Plugin versions up to 1.4.2 Description: A problematic issue was found in the MMDeveloper A Forms Plugin, affecting an unknown part of the file a-forms.php. This issue leads to cross-site scripting and can be initiated...

6.1CVSS6.4AI score0.00594EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2020/01/23 12:0 a.m.12 views

PT-2020-7942

Name of the Vulnerable Software and Affected Versions: sanitize-html versions prior to 1.4.3 Description: The issue allows an attacker to execute arbitrary Javascript due to the lack of recursive sanitization of input in affected versions of sanitize-html. Recommendations: Update to version 1.4.3...

6.1CVSS6.5AI score0.0084EPSS
Exploits0References10
Rows per page
Query Builder