8 matches found
Arbitrary Command Injection
Overview kubectl-mcp-tool is an Alias package for kubectl-mcp-server use kubectl-mcp-server instead Affected versions of this package are vulnerable to Arbitrary Command Injection via the runkubectlcommand function in the minimalwrapper.py component. An attacker can execute arbitrary system...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the getSecretKey function. An attacker can gain unauthorized access to secrets across namespaces by exploiting the function's ability to bypass security mechanisms and retrieve secrets using elevated...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper validating access controls at time of access. An attacker can gain unauthorized access to thread content by leveraging AI-generated posts. Remediation Upgrade...
CVE-2020-36619
A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the function addch of the file demodflex.c. The manipulation of the argument ch leads to format string. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is...
PT-2023-9150 · Owasp · Owasp Antisamy .Net
Name of the Vulnerable Software and Affected Versions: OWASP AntiSamy .NET versions prior to 1.2.0 Description: The issue is related to a mutation cross-site scripting mXSS vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. This vulnerability can be exploited when the...
UBUNTU-CVE-2020-36619
A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the function addch of the file demodflex.c. The manipulation of the argument ch leads to format string. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is...
PT-2022-9015 · Unknown +2 · Multimon-Ng +2
Name of the Vulnerable Software and Affected Versions: multimon-ng versions prior to 1.2.0 Description: A critical issue affects the function add ch of the file demod flex.c. The manipulation of the argument ch leads to a format string issue. Recommendations: For versions prior to 1.2.0, upgrade ...
Cross-site Scripting (XSS)
Overview AngularJS.Core is a AngularJS. package for other Angular modules within .NET. Affected versions of this package are vulnerable to Cross-site Scripting XSS. Concatenating expressions makes it hard to reason about whether some combination of concatenated values are unsafe to use and could...