PT-2026-37120

Name of the Vulnerable Software and Affected Versions YARD versions prior to 0.9.42 Description A path traversal issue exists when using yard server to serve documentation. This flaw allows unsanitized HTTP requests to access arbitrary files on the host machine under certain conditions. Path...

MiracleLinux 7 : python-2.7.5-89.0.1.el7.AXS7 (AXSA:2020-863:49)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-863:49 advisory. python: XSS vulnerability in the documentation XML-RPC server in servertitle field CVE-2019-16935 Tenable has extracted the preceding description block direct...

EUVD-2025-31041

Malicious code in bioql PyPI...

Mastra Docs MCP Server `@mastra/mcp-docs-server` Leads to Information Exposure

The Mastra Docs MCP Server package @mastra/mcp-docs-server is a server designed to provide documentation context to AI agentic workflows, such as those used in AI-powered IDEs. Resources: Package URL: https://www.npmjs.com/package/@mastra/mcp-docs-server ----- Overview The @mastra/mcp-docs-server...

CVE-2024-1624

An OS Command Injection vulnerability affecting documentation server on 3DEXPERIENCE from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x, SIMULIA Abaqus from Release 2022 through Release 2024, SIMULIA Isight from Release 2022 through Release 2024 and CATIA Composer from Release...

CVE-2024-1624 OS Command Injection vulnerability affecting documentation server on certain Releases of 3DEXPERIENCE, SIMULIA Abaqus, SIMULIA Isight and CATIA Composer

An OS Command Injection vulnerability affecting documentation server on 3DEXPERIENCE from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x, SIMULIA Abaqus from Release 2022 through Release 2024, SIMULIA Isight from Release 2022 through Release 2024 and CATIA Composer from Release...

Siemens PLM Help Server

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: PLM Help Server Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code after tricking users into...

Python 2.22.3 - Documentation Server Error Page Cross-Site Scripting

Python 2.22.3 - Documentation Server Error Page Cross-Site Scripting source: https://www.securityfocus.com/bid/7353/info It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting problem in error pages. Because of this, an attacker could potentially cause t...

Python 2.2/2.3 - Documentation Server Error Page Cross-Site Scripting

source: https://www.securityfocus.com/bid/7353/info It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting problem in error pages. Because of this, an attacker could potentially cause the execution of malicious HTML and script code in the browser of a we...

XSS in Python Documentation Server

=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: XSS in Python Documentation Server product: Python 2.2.2 and 2.3a2 for Win32 vendor: http://www.python.org risk: low date: 04/02/2k3 tested platform: Windows 98 Second Edition discovered by: euronymous /F0KP advisory urls:...