Lucene search
K

6 matches found

Snyk
Snyk
added 2026/04/14 12:4 a.m.9 views

Arbitrary Argument Injection

Overview @aiondadotcom/mcp-ssh is a MCP Agent for managing SSH hosts - A Model Context Protocol server for SSH operations Affected versions of this package are vulnerable to Arbitrary Argument Injection via improper handling of the hostAlias, command, localPath, or remotePath arguments. An attack...

8.8CVSS6AI score
Exploits0References3
Snyk
Snyk
added 2026/01/27 10:47 p.m.3 views

Use of Less Trusted Source

Overview Affected versions of this package are vulnerable to Use of Less Trusted Source that can circumvent the trusted dependencies list. An attacker can cause unintended dependencies to be loaded by including malicious file:, link:, git:, or github: URLs to import packages whose names also exis...

6.9CVSS5.9AI score0.00108EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.8 views

PT-2025-47405

Name of the Vulnerable Software and Affected Versions joserfc versions 1.3.3 through 1.3.4 joserfc versions 1.4.0 through 1.4.1 Description The joserfc library has an issue where excessively large JWT JSON Web Token payloads can be logged, potentially leading to resource exhaustion. Specifically,...

9.2CVSS6.7AI score0.00329EPSS
Exploits1References27
Prion
Prion
added 2023/12/19 3:15 a.m.19 views

Information disclosure

A vulnerability was found in Corveda PHPSandbox 1.3.4 and classified as critical. Affected by this issue is some unknown functionality of the component String Handler. The manipulation leads to protection mechanism failure. The attack may be launched remotely. Upgrading to version 1.3.5 is able t...

5CVSS7.1AI score0.00734EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/01 12:0 a.m.5 views

PT-2023-10804 · Zenoss · Zenoss Dashboard

Name of the Vulnerable Software and Affected Versions: Zenoss Dashboard versions up to 1.3.4 Description: A vulnerability was found in an unknown functionality of the file ZenPacks/zenoss/Dashboard/browser/resources/js/defaultportlets.js. The manipulation of the HTMLString argument leads to...

6.1CVSS4.3AI score0.0053EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2007/07/23 12:0 a.m.5 views

PT-2007-5165 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Rule Set Based Access Control RSBAC versions prior to 1.3.5 Description: The issue allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked...

6.4CVSS7AI score0.0248EPSS
Exploits0References8
Rows per page
Query Builder