PT-2026-35222

A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description leads to command injection. The attack must be carried out locally. The exploit has been disclosed...

CVE-2020-8826

As of v1.5.0, the Argo web interface authentication system issued immutable tokens. Authentication tokens, once issued, were usable forever without expiration—there was no refresh or forced re-authentication...

CVE-2025-48264

Cross-Site Request Forgery CSRF vulnerability in artiosmedia Product Code for WooCommerce product-code-for-woocommerce allows Cross Site Request Forgery.This issue affects Product Code for WooCommerce: from n/a through = 1.5.0...

Logpoint AgentX 安全漏洞

Logpoint AgentX is a component of a Security Information and Event Management SIEM solution from Logpoint Denmark. A security vulnerability exists in Logpoint AgentX versions prior to 1.5.0 that stems from inadequate access control and allows the li-admin user to access sensitive information...

CVE-2022-40238 A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5

A Remote Code Injection vulnerability exists in CERT software prior to version 1.50.5. An authenticated attacker can inject arbitrary pickle object as part of a user's profile. This can lead to code execution on the server when the user's profile is accessed...

IMAGE CONQUEST DICOM SERVER 命令注入漏洞

IMAGE CONQUEST DICOM SERVER is IMAGE an open source application. It can store, validate, query and retrieve through programmable SQL database tables. A security vulnerability exists in CONQUEST DICOM SERVER before 1.5.0, which can be exploited by attackers to execute malicious code...