CVE-1999-0346

CGI PHP mlog script allows an attacker to read any file on the target server...

MCP Server Tools Detected

This is an informational notice that the scanner was able to detect the exposition of tools on the target Model Context Protocol MCP server. No source data...

SUSE SLES15 / openSUSE 15 Security Update : postgresql14 (SUSE-SU-2025:03019-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03019-1 advisory. Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child...

SUSE-SU-2025:03031-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

SUSE-SU-2025:03020-1 Security update for postgresql14

This update for postgresql14 fixes the following issues: Upgrade to 14.19: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

SUSE SLES12 Security Update : postgresql15 (SUSE-SU-2025:03004-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03004-1 advisory. Upgrade to 15.14: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. -...

SUSE-SU-2025:03003-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.22: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

CVE-2025-55383

Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server...

SUSE-SU-2025:02842-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to 13.22: - CVE-2025-8713: optimizer statistics can expose sampled data within a view, partition, or child table bsc1248120. - CVE-2025-8714: untrusted data inclusion in pgdump lets superuser of origin server execute arbitrary code ...

MCP Server Unauthenticated Access

This is an informational notice that the scanner was able to detect a Model Context Protocol MCP server available without authentication on the target server. When available, the plugin provides the list of tools, prompts and resources in the attachments. No source data...

MCP Manifest Detected

This is an informational notice that the scanner was able to detect an MCP Model Context Procol manifest on the target server. No source data...

MCP Server Detected

This is an informational notice that the scanner was able to detect a Model Context Protocol MCP HTTP server using SSE or Streamable-HTTP transport mode on the target server. No source data...

MCP Inspector Detected

This is an informational notice that the scanner was able to detect an MCP Model Context Procol Inspector instance on the target server. No source data...

Exposed Dangerous Method or Function

Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function through the EncryptionTool endpoint. An attacker can encrypt arbitrary files on the target server with a key of their choosing, making it exceedingly difficult for the target to recover the keys need...

Exploit for Unrestricted Upload of File with Dangerous Type in Mayurik Best_House_Rental_Management_System

CVE-2024-46377 PoC for Arbitrary File Upload Vulnerability...

Command Execution Vulnerability in T+

T+ is a new Internet-based business management software. A command execution vulnerability exists in Changjitong T+, which can be exploited by an attacker to execute arbitrary commands on the target server...

SPIP BigUp Plugin Unauthenticated RCE

This module exploits a Remote Code Execution vulnerability in the BigUp plugin of SPIP. The vulnerability lies in the listerfichiersparchamps function, which is triggered when the bigupretrouverfichiers parameter is set to any value. By exploiting the improper handling of multipart form data in...

Malware package cipherbcrypt

Malicious package. Exfiltrated secrets to a target server...

GHSA-5GRR-72F9-678V Malware package cipherbcrypt

Malicious package. Exfiltrated secrets to a target server...

PT-2024-40100 · Pypi · Cipherbcrypt

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue involves a malicious package that exfiltrates secrets to a target server. No further details are provided about the nature of the issue or its potential impact. Recommendation...