32 matches found
CVE-2026-5029
A remote code execution vulnerability exists in Code Runner MCP Server when run with the --transport http option, which exposes the /mcp JSON-RPC endpoint without authentication on port 3088. An unauthenticated remote attacker can invoke the run-code MCP tool to supply arbitrary source code and...
Expired Pointer Dereference
Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
The vulnerability of the `request_fulluri` configuration in the PHP programming language interpreter allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).
The vulnerability of the requestfulluri configuration in the PHP programming language interpreter is related to the failure to eliminate CRLF sequences due to the use of the true value. Exploiting this vulnerability allows a remote attacker to send hidden HTTP requests HTTP Request Smuggling atta...
[SECURITY] [DLA 3858-1] ruby2.7 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3858-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler September 02, 2024 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5677-1] ruby3.1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5677-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 03, 2024 https://www.debian.org/security/faq -...
ccxvii mujs 资源管理错误漏洞
ccxvii mujs is an open source embeddable C language interpreter. A security vulnerability exists in MuJS versions prior to 1.1.2, which stems from the presence of a memory reuse after release issue that could lead to a system denial of service...
[SECURITY] Fedora 36 Update: bash-5.1.16-3.fc36
The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...
The vulnerability of the mysqlnd/pdo function (mysqlnd_wireprotocol.c) in the PHP programming language interpreter allows a hacker to execute arbitrary code.
The vulnerability of the mysqlnd/pdo function mysqlndwireprotocol.c in the PHP programming language interpreter is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
The vulnerability of the utf8decode function in the PHP language interpreter allows attackers to execute XSS attacks.
The vulnerability of the utf8decode function in the PHP language interpreter exists due to insufficient validation of input data. Exploiting this vulnerability allows attackers to execute XSS attacks remotely...
The vulnerability of the rfc1867.c component of the PHP programming language interpreter allows a attacker to cause a service failure.
The vulnerability of the rfc1867.c component of the PHP programming language interpreter exists due to insufficient validation of input data. Exploiting this vulnerability may allow a malicious actor to cause service failures remotely...
The vulnerability of the asn1_time_to_time_t function (ext/openssl/openssl.c) in the PHP programming language allows a hacker to execute arbitrary code.
The vulnerability of the asn1timetotimet function in the OpenSSL library, a PHP programming language interpreter, arises due to buffer overflow. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...
The vulnerability of the mcrypt extension in the PHP programming language interpreter allows a hacker to trigger a service failure or possibly cause other effects.
The vulnerability of the mcrypt extension in the PHP programming language interpreter is caused by a numerical overflow condition. Exploiting this vulnerability could allow an attacker to cause service failures or potentially have other adverse effects...
The vulnerability of the Zend/zend_exceptions.c component of the PHP programming language interpreter allows a attacker to cause a service failure.
The vulnerability of the Zend/zendexceptions.c component of the PHP programming language interpreter is related to an infinite loop. Exploiting this vulnerability can allow a malicious actor to cause service failures through the created Exception object...
[SECURITY] [DSA 3966-1] ruby2.3 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3966-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 05, 2017 https://www.debian.org/security/faq -...
[SECURITY] Fedora 23 Update: bash-4.3.42-4.fc23
The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...
[SECURITY] Fedora 24 Update: bash-4.3.42-6.fc24
The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...
The vulnerability of the PHP interpreter, which allows attackers to trigger a service failure or exert other effects.
The vulnerability of the bcpowmod function ext/bcmath/bcmath.c in the PHP interpreter exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures or potentially have other adverse effects through specially crafted call...
The vulnerability of the PHP interpreter allows attackers to trigger a service failure or execute arbitrary code.
The vulnerability of the deserialization function in PHP interpreters relates to the incorrect invocation of multiple phpvarunserialize. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a denial-of-service attack i.e., the use of resources after they are...
[SECURITY] [DLA 263-1] ruby1.9.1 security update
Package : ruby1.9.1 Version : 1.9.2.0-2+deb6u5 CVE ID : CVE-2012-5371 CVE-2013-0269 Debian Bug : 693024 700471 Two vulnerabilities were identified in the Ruby language interpreter, version 1.9.1. CVE-2012-5371 Jean-Philippe Aumasson identified that Ruby computed hash values without properly...
DLA-263-1 ruby1.9.1 - security update
Bulletin has no description...