@anngdinh/remote-mcp-server-authless (=0.0.0), @aredes.me/mcp-camara (=1.0.6) +128 more potentially affected by unknown CVE via agents (>=0.0.100 <=0.2.35)

agents NPM version =0.0.100, =0.4.0, =1.1.1, =0.2.0, =0.1.0, =0.0.1, =1.0.2, =1.0.1, =0.2.0, =0.5.3 and more Source cves: unknown CVE Source advisory: SNYK:JS-AGENTS-15282793...

EUVD-2019-5237

Malware in sbrugna...

EUVD-2020-7919

Malware in sbrugna...

EUVD-2019-7583

Malware in sbrugna...

EUVD-2019-5238

Malware in sbrugna...

CVE-2023-53280 scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvmelswaitq wait queue System crash when qla2x00startspsp returns error code EGAIN and wakeup gets called for uninitialized wait queue sp-nvmelswaitq. qla2xxx 0000:37:00.1-2121:5: Returning existing...

CVE-2020-15948

eGain Chat 15.5.5 allows XSS via the Name aka fullname field...

CVE-2019-17123

The eGain Web Email API 11+ allows spoofed messages because the fromName and message fields to /system/ws/v11/ss/email are mishandled, as demonstrated by fromName header injection with a %0a or %0d character. Also, the message parameter can have initial HTML comment characters...

CVE-2019-13976

eGain Chat 15.0.3 allows unrestricted file upload...

CVE-2019-13975

eGain Chat 15.0.3 allows HTML Injection...

CVE-2020-15948

eGain Chat 15.5.5 allows XSS via the Name aka fullname field...

CVE-2020-15948

eGain Chat 15.5.5 allows XSS via the Name aka fullname field...

Design/Logic Flaw

eGain Chat 15.5.5 allows XSS via the Name aka fullname field...

CVE-2020-15948

CVE-2020-15948 affects eGain Chat 15.5.5. The vulnerability is a reflected XSS in the Name (full_name) input due to incomplete sanitization of special characters, enabling script injection in the user context. Vendor patch released August 2020; CVSS v3.1 base score 6.1 (MEDIUM). Other scores incl...

CVE-2020-15948

eGain Chat 15.5.5 allows XSS via the Name aka fullname field...

eGain Chat 15.5.5 Cross Site Scripting Vulnerability

Exploit Title: eGain Chat 15.5.5 Cross-Site Scripting Vendor Homepage: https://www.egain.com/ Software Link: https://www.egain.com/chat-software/ Exploit Authors: Brandon Ming Yang Ho https://www.linkedin.com/in/minhobrandon/, Hassy Vinod Eshan https://www.linkedin.com/in/hassy-vinod/ CVE:...

Egain eGain Chat 跨站脚本漏洞

Egain eGain Chat is a real-time chat software for customer service from eGain Egain USA. A security vulnerability exists in eGain Chat. Details of the vulnerability are not available at this time, so please follow the vendor's announcement...

eGain Chat 15.5.5 Cross Site Scripting

Exploit Title: eGain Chat 15.5.5 Cross-Site Scripting Vendor Homepage: https://www.egain.com/ Software Link: https://www.egain.com/chat-software/ Exploit Authors: Brandon Ming Yang Ho https://www.linkedin.com/in/minhobrandon/, Hassy Vinod Eshan https://www.linkedin.com/in/hassy-vinod/ CVE:...

CVE-2019-17123

The eGain Web Email API 11+ allows spoofed messages because the fromName and message fields to /system/ws/v11/ss/email are mishandled, as demonstrated by fromName header injection with a %0a or %0d character. Also, the message parameter can have initial HTML comment characters...

CVE-2019-17123

The eGain Web Email API 11+ allows spoofed messages because the fromName and message fields to /system/ws/v11/ss/email are mishandled, as demonstrated by fromName header injection with a %0a or %0d character. Also, the message parameter can have initial HTML comment characters...