GHSA-XQV9-QR76-HFQ2 @elgentos/magento2-dev-mcp vulnerable to command injection

A vulnerability was identified in elgentos magento2-dev-mcp up to 1.0.2. The affected element is the function executeMagerun2Command of the file src/index.ts. Such manipulation leads to os command injection. An attack has to be approached locally. The exploit is publicly available and might be...

EUVD-2017-16465

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-2391

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data...

CVE-2025-22010 affecting package kernel for versions less than 6.6.85.1-2

CVE-2025-22010 affecting package kernel for versions less than 6.6.85.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2018-3752

The utilities function in all versions = 1.0.0 of the merge-options node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all...

mapmyhome.com XSS vulnerability

Vulnerable URL: http://www.mapmyhome.com/themes/xpagemap/mmhWidgetMap.php?manner=standalone=1"...