PT-2026-6350

Summary Cross-client response data leak when a single McpServer/Server and transport instance is reused across multiple client connections, most commonly in stateless StreamableHTTPServerTransport deployments. Impact Who is affected: Any MCP server deployment using the TypeScript SDK where a sing...

PT-2026-2312

Name of the Vulnerable Software and Affected Versions PILOS versions prior to 4.10.0 Description PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. A Cross-Site Request Forgery CSRF issue exists in an administrative API endpoint responsible for terminating all...

PT-2025-45399

Name of the Vulnerable Software and Affected Versions CLUSTERPRO X for Linux versions 4.0 through 5.2 EXPRESSCLUSTER X for Linux versions 4.0 through 5.2 CLUSTERPRO X SingleServerSafe for Linux versions 4.0 through 5.2 EXPRESSCLUSTER X SingleServerSafe for Linux versions 4.0 through 5.2 NEC...

Collusion Resistant DNS with Private Information Retrieval

There has been a growing interest in Internet user privacy, demonstrated by the popularity of privacy-preserving products such as Telegram and Brave, and the widespread adoption of HTTPS. The Domain Name System DNS is a key component of Internet-based communication and its privacy has been...

CVE-2021-20704

Buffer overflow vulnerability in the compatible API with previous versions CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attack...

CB-CPIR: Code-Based Computational Private Information Retrieval

A private information retrieval PIR scheme is a protocol that allows a user to retrieve a file from a database without revealing the identity of the desired file to a curious database. Given a distributed data storage system, efficient PIR can be achieved by making assumptions about the colluding...

PT-2023-27010 · Unknown · Clusterpro X +3

Name of the Vulnerable Software and Affected Versions: CLUSTERPRO X versions 5.1 and earlier EXPRESSCLUSTER X versions 5.1 and earlier CLUSTERPRO X SingleServerSafe versions 5.1 and earlier EXPRESSCLUSTER X SingleServerSafe versions 5.1 and earlier Description: The issue allows an attacker to log...

NEC Expresscluster X 安全漏洞

NEC Expresscluster X is a specialized high availability cluster software from Nippon Electric NEC. It is used to enable fast restore functions and continuously protect critical applications and data. A security vulnerability exists in NEC Expresscluster X 5.0 for Windows and prior versions,...

PT-2022-22377 · Unknown · Clusterpro X +3

Name of the Vulnerable Software and Affected Versions: CLUSTERPRO X versions 5.0 and earlier EXPRESSCLUSTER X versions 5.0 and earlier CLUSTERPRO X SingleServerSafe versions 5.0 and earlier EXPRESSCLUSTER X SingleServerSafe versions 5.0 and earlier Description: The issue allows a remote...

CVE-2020-4773

A cross-site request forgery CSRF vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which is an attack that forces a user to execute unwanted actions on the web application while they are currently authenticated. This applies to a single server class only, with no...

CVE-2019-12491

OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to run arbitrary commands with root privileges on servers managed by OnApp for XEN/KVM hypervisors. To exploit the vulnerability an attacker has to have control of a single server on a given cloud e.g. by renting one. From the sour...

WSS v3 Single Server Detectoid

The detectoid is true if and only if WSS is installed in a single-server configuration. It is used to prevent offering of WSS updates to farm installations. Also includes WS2003...