DomiExploit-Cyber-Scanner

It is an offensive tool for penetration testing. The DomiExploit...

Linux Distros Unpatched Vulnerability : CVE-2024-9773

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab EE affecting all versions starting from 14.9 before 17.8.6, all versions starting from 17.9 before 17.8.3, all versions starti...

Malicious code in mongose-cli (npm)

The package mongose-cli was found to contain malicious code...

Malicious code in anypoint-cli-api-project (npm)

The package anypoint-cli-api-project was found to contain malicious code...

Malicious code in lovable-cli (npm)

The package lovable-cli was found to contain malicious code...

MAL-2025-42025 Malicious code in mongose-cli (npm)

The package mongose-cli was found to contain malicious code...

MAL-2025-42020 Malicious code in lovable-cli (npm)

The package lovable-cli was found to contain malicious code...

Malicious code in eslint-validation-cli (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2025-20295 Cisco UCS Manager Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files. This vulnerabili...

Linux Distros Unpatched Vulnerability : CVE-2022-39327

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection...

Linux Distros Unpatched Vulnerability : CVE-2018-15869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Amazon Web Services AWS developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source...

com.github.cafaudit:caf-audit-binding-elasticsearch (>=5.0.3-1321 <=5.0.4-1329), com.github.cafaudit:caf-audit-monkey-container (>=5.0.3-1321 <=5.0.4-1329) +78 more potentially affected by CVE-2025-9340 via org.bouncycastle:bc-fips (=2.1.0)

org.bouncycastle:bc-fips MAVEN version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bc-fips and may be impacted: - com.github.cafaudit:caf-audit-binding-elasticsearch =5.0.3-1321, =5.0.3-1321, =5.0.3-1321, =5.0.3-1321,...

com.github.cafaudit:caf-audit-binding-elasticsearch (>=5.0.3-1321 <=5.0.4-1329), com.github.cafaudit:caf-audit-monkey-container (>=5.0.3-1321 <=5.0.4-1329) +78 more potentially affected by CVE-2025-9341 via org.bouncycastle:bc-fips (=2.1.0)

org.bouncycastle:bc-fips MAVEN version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bc-fips and may be impacted: - com.github.cafaudit:caf-audit-binding-elasticsearch =5.0.3-1321, =5.0.3-1321, =5.0.3-1321, =5.0.3-1321,...

@cloudbase/cli (>=2.8.19 <=2.11.7) potentially affected by CVE-2025-57755 via @musistudio/claude-code-router (=1.0.36)

@musistudio/claude-code-router NPM version =1.0.36 is affected by a known vulnerability. The following packages have a transitive dependency on @musistudio/claude-code-router and may be impacted: - @cloudbase/cli =2.8.19, =2.11.7 Source cves: CVE-2025-57755 Source advisory:...

card-ocr-fastmcp (=1.0.0) potentially affected by CVE-2025-9262 via @wong2/mcp-cli (=1.13.0)

@wong2/mcp-cli NPM version =1.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on @wong2/mcp-cli and may be impacted: - card-ocr-fastmcp =1.0.0 Source cves: CVE-2025-9262 Source advisory: OSV:GHSA-P6RM-483J-37JF...

CVE-2025-9262

A flaw has been found in wong2 mcp-cli 1.13.0. Affected is the function redirectToAuthorization of the file /src/oauth/provider.js of the component oAuth Handler. This manipulation causes os command injection. The attack may be initiated remotely. The attack is considered to have high complexity...

CVE-2025-9262

A flaw has been found in wong2 mcp-cli 1.13.0. Affected is the function redirectToAuthorization of the file /src/oauth/provider.js of the component oAuth Handler. This manipulation causes os command injection. The attack may be initiated remotely. The attack is considered to have high complexity...

GHSA-XH9H-692F-MMG4 Withdrawn Advisory: Microsoft Knack ReDoS Vulnerability in the Introspection Module

Withdrawn Advisory This advisory has been withdrawn because the attack surface of this vulnerability is outside of Knack's intended functionality. The maintainer states the following: These CVEs are invalid. Knack is a CLI framework used by Azure CLI. It's a local library, not a web service. In...

DEBIAN-CVE-2025-54364

Microsoft Knack 0.12.0 allows Regular expression Denial of Service ReDoS in the knack.introspection module. optiondescriptions employs an inefficient regular expression pattern: "\s:param\s+.+?\s:." that is susceptible to catastrophic backtracking when processing crafted docstrings containing a...

DEBIAN-CVE-2025-54363

Microsoft Knack 0.12.0 allows Regular expression Denial of Service ReDoS in the knack.introspection module. extractfullsummaryfromsignature employs an inefficient regular expression pattern: "\s:param\s+.+?\s:." that is susceptible to catastrophic backtracking when processing crafted docstrings...