Lucene search
+L

4 matches found

Snyk
Snyk
added 2026/07/01 6:16 p.m.5 views

Server-side Request Forgery (SSRF)

Overview auth-fetch-mcp is a MCP server that lets AI read Notion, Google Docs, Jira & any login-protected page via a real browser Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the isPrivateV6 function, which fails to properly detect IPv4-mapped IPv6...

7.4CVSS6AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/13 9:2 p.m.7 views

CVE-2023-49736

A wherein JINJA macro allows users to specify a quote, which combined with a carefully crafted statement would allow for SQL injection in Apache Superset.This issue affects Apache Superset: before 2.1.2, from 3.0.0 before 3.0.2. Users are recommended to upgrade to version 3.0.2, which fixes the...

8.8CVSS7.6AI score0.01178EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/06/08 12:0 a.m.3 views

PT-2023-24757 · Snowflake · Snowflake Connector For Python

Name of the Vulnerable Software and Affected Versions: Snowflake Connector for Python versions prior to 3.0.2 Description: The issue concerns a command injection vulnerability via single sign-on SSO browser URL authentication. An attacker would need to establish a malicious resource and redirect...

8.8CVSS7.6AI score0.01841EPSS
Exploits1References9
OSV
OSV
added 2023/06/05 7:15 a.m.4 views

CVE-2023-3099

A vulnerability classified as critical was found in KylinSoft youker-assistant on KylinOS. Affected by this vulnerability is the function deletefile in the library dbus.SystemBus of the component Arbitrary File Handler. The manipulation leads to improper access controls. It is possible to launch...

7.1CVSS5.3AI score0.00306EPSS
Exploits1References3
Rows per page
Query Builder