8 matches found
PT-2026-51006
Name of the Vulnerable Software and Affected Versions mcp-memory-service versions prior to 10.65.3 Description The HTTP MCP JSON-RPC endpoint at "/mcp" fails to properly validate OAuth scopes. It allows requests with only the read scope to be dispatched to handlers that include mutating tools...
AgentScope 安全漏洞
AgentScope is an open-source application developed by ModelScope. It simplifies the development of multi-agent applications based on LLMs. Versions of AgentScope prior to 1.0.18 contained a security vulnerability, which was caused by incorrect handling of the parameter url in the file...
SUSE CVE-2026-34393
Weblate is a web based localization tool. In versions prior to 5.17, the user patching API endpoint didn't properly limit the scope of edits. This issue has been fixed in version 5.17...
EasyVirt DC Scope和EasyVirt CO2 Scope 安全漏洞
EasyVirt DC Scope and EasyVirt CO2 Scope are both products of the French company EasyVirt.EasyVirt DC Scope is a monitoring and management solution for VMware Virtualization VMware.EasyVirt CO2 Scope is a real-time monitoring and control solution for IT services, virtual machines and servers in...
CVE-2021-1491
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying file system of the device. This vulnerability is due to insufficient file scope limiting. An attacker could exploit this...
IBM Robotic Process Automation Resources Exposed to False Scope Vulnerability
IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM, Inc. It can help you automate more business and IT processes at scale with the ease and speed of traditional RPA.IBM Robotic Process Automation for Cloud Pak suffers from a resource...
OSV-2022-944 Stack-use-after-scope in RefCopyBytes
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51689 Crash type: Stack-use-after-scope READ Crash state: RefCopyBytes dngstream::Put tagdataptr::Put...
CVE-2017-7756
A use-after-free and use-after-scope vulnerability when logging errors from headers for XML HTTP Requests XHR. This could result in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...