Command Injection

@sunwood-ai-labs/github-kanban-mcp-server is vulnerable to command injection. The vulnerability is due to the use of the unsafe exec API with untrusted user input in the addcomment tool, which allows an attacker to execute arbitrary system commands through crafted input...

GHSA-6JX8-RCJX-VMWF GitHub Kanban MCP Server vulnerable to Command Injection

The MCP Server at https://github.com/Sunwood-ai-labs/github-kanban-mcp-server/ is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. Vulnerable tool The MCP Server exposes the tool addcomment which...

CVE-2025-53818 github-kanban-mcp-server Command Injection vulnerability

GitHub Kanban MCP Server is a Model Context Protocol MCP server for managing GitHub issues in Kanban board format and streamlining LLM task management. Version 0.3.0 of the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Serv...

PT-2025-29513 · Unknown · Github-Kanban-Mcp-Server

Name of the Vulnerable Software and Affected Versions: GitHub Kanban MCP Server versions 0.3.0 through 0.4.0 Description: GitHub Kanban MCP Server is a Model Context Protocol MCP server designed for managing GitHub issues in Kanban board format and streamlining LLM task management. The server’s a...

CVE-2025-6392

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server...

CVE-2025-6392

Brocade SANnav prior to version 2.4.0a exposes database passwords in cleartext in audit logs generated by the daily data dump collector when docker exec commands run. Logs reside on the host VM local audit logs and are not controlled by SANnav, only visible to the host admin. Affected release is ...

CVE-2025-6392 Daily Data Dump Collector logs database password in cleartext when running docker exec commands (CVE-2025-6392)

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server...

CVE-2025-6392 Daily Data Dump Collector logs database password in cleartext when running docker exec commands (CVE-2025-6392)

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server...

CVE-2025-34099

Affected software: VICIdial v2.9 RC1–2.13 RC1; component: vicidial_sales_viewer.php. Root cause: when password encryption is enabled (non-default), the HTTP Basic Authentication password is directly passed to exec(), enabling unauthenticated command injection. Impact: arbitrary OS command executi...

CVE-2025-34099 VICIdial vicidial_sales_viewer.php Unauthenticated Command Injection via Basic Auth Password

An unauthenticated command injection vulnerability exists in VICIdial versions 2.9 RC1 through 2.13 RC1, within the vicidialsalesviewer.php component when password encryption is enabled a non-default configuration. The application improperly passes the HTTP Basic Authentication password directly ...

CVE-2025-34099 VICIdial vicidial_sales_viewer.php Unauthenticated Command Injection via Basic Auth Password

An unauthenticated command injection vulnerability exists in VICIdial versions 2.9 RC1 through 2.13 RC1, within the vicidialsalesviewer.php component when password encryption is enabled a non-default configuration. The application improperly passes the HTTP Basic Authentication password directly ...

Broadcom Brocade SANnav 日志信息泄露漏洞

Broadcom Brocade SANnav is a storage area network management and automation software platform from Broadcom, Inc. A security vulnerability exists in Broadcom Brocade SANnav versions prior to 2.4.0a, which stems from a daily data dump collector that may record database passwords in plaintext to...

kernel: ELF: fix kernel.randomize_va_space double read

In the Linux kernel, the following vulnerability has been resolved: ELF: fix kernel.randomizevaspace double read ELF loader uses "randomizevaspace" twice. It is sysctl and can change at any moment, so 2 loads could see 2 different values in theory with unpredictable consequences. Issue exactly on...

VulnCheck KEV: CVE-2025-29891

Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 before 4.10.2, from 4.8.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases. This vulnerability is...

Command Injection

ios-simulator-mcp is vulnerable to command injection. The vulnerability is due to unsafe use of Node.js exec with untrusted user input in the uitap tool, which allows attackers to inject shell meta-characters via arguments like duration, udid, x, and y...

GHSA-6F6R-M9PV-67JW iOS Simulator MCP Command Injection allowed via exec API

Command Injection in MCP Server The MCP Server at https://github.com/joshuayoes/ios-simulator-mcp/ is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. Vulnerable tool The MCP Server exposes the too...

iOS Simulator MCP Command Injection allowed via exec API

Command Injection in MCP Server The MCP Server at https://github.com/joshuayoes/ios-simulator-mcp/ is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. Vulnerable tool The MCP Server exposes the too...

Exploit for Code Injection in Langflow

CVE-2025-3248 – Unauthenticated Remote Code Execution in Langf...

CVE-2025-6363

A vulnerability, which was classified as critical, was found in code-projects Simple Pizza Ordering System 1.0. Affected is an unknown function of the file /adding-exec.php. The manipulation of the argument ingname leads to sql injection. It is possible to launch the attack remotely...

Code-Projects Simple Pizza Ordering System 安全漏洞

Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter ingname in the file /adding-exec.php. An attacker can exploit this...