Publicly Disclosed
PoC Exploits

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A command injection vulnerability exists in the crazyrabbitLTC mcp-code-review-server, specifically within the executeRepomix function located in src/repomix.ts. This flaw allows an attacker to execute arbitrary commands on the server, potentially leading to unauthorized actions. The vulnerabilit...

A security vulnerability exists in version 1.0.0 of 8nite Metatrader-4-MCP, specifically within the CallToolRequestSchema function in the software's src/index.ts file. This vulnerability arises due to improper handling of the 'ea_name' argument, allowing attackers to exploit path traversal issues...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A SQL injection vulnerability exists in itsourcecode Courier Management System version 1.0, specifically within the /edit_user.php file. By manipulating the 'ID' parameter, an attacker can execute unauthorized SQL commands, potentially compromising the database from a remote location. This vulner...

A vulnerability in the TRENDnet TEW-821DAP device's diagnostic tool exposes users to potential os command injection attacks. The flaw is located in the firmware's diagnostic function, specifically within the '/tmp/diagnostic' file, allowing malicious actors to execute arbitrary commands remotely....

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A significant vulnerability has been identified in the TRENDnet TEW-821DAP router models operating on firmware version 1.12B01. This vulnerability occurs in the tools_diagnostic function, which is susceptible to OS command injection. This allows attackers to execute arbitrary commands on the affe...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A security flaw has been identified in JeecgBoot, specifically in the function handling image upload, which can be exploited to perform server-side request forgery (SSRF). This vulnerability allows an attacker to manipulate requests in a way that may lead to unauthorized access to internal resour...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A serious vulnerability has been found in JeecgBoot affecting versions up to 3.9.1, specifically within the OpenApi Service's OpenApiController. This issue allows for server-side request forgery (SSRF) due to improper handling of the originUrl parameter. Attackers can exploit this flaw remotely, ...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability exists in the JeecgBoot application, specifically within the function checkPathTraversalBatch of the FileDownloadUtils.java component, allowing for an exploit known as server-side request forgery (SSRF). This issue arises from improper handling of input within the LoadFile endpoin...

A vulnerability exists in JeecgBoot versions up to 3.9.1 that allows for improper authorization through the manipulation of the argument 'ruleClass' in the FillRuleUtil component's file handling functionality. This issue can be exploited remotely, posing significant security risks to affected sys...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Dayoooun hwpx-mcp software version 0.2.0, specifically within the MCP Interface's save_document, export_to_text, and export_to_html functions. This flaw allows an attacker to manipulate the argument output_path, leading to path traversal issues. As a res...

A deserialization vulnerability exists in the mem0ai mem0 software, specifically affecting versions up to 1.0.11. The issue arises within the pickle.load and pickle.dump functions located in mem0/vector_stores/faiss.py. Attackers can exploit this vulnerability remotely, allowing for unauthorized ...

The affected versions of cPanel and WHM contain a serious authentication bypass flaw in the login flow. This vulnerability enables unauthenticated remote attackers to bypass authentication mechanisms, allowing them to gain unauthorized access to the control panel. Users of the specified versions ...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability exists in the Slide Generator component of Nextlevelbuilder's ui-ux-pro-max-skill up to version 2.5.0, specifically within the data.get function located in generate-slide.py. This flaw allows for remote cross-site scripting (XSS) attacks, enabling malicious actors to manipulate da...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A code injection vulnerability was identified in the Nextlevelbuilder UI-UX-Pro-Max-Skill plugin, specifically within the Tailwind Config Generator component. This issue affects versions up to 2.5.0, where improper handling in the _format_plugins function of the tailwind_config_gen.py file allows...

A path traversal vulnerability exists in the image_to_3d_async function within the MCP Interface of Flux159's mcp-game-asset-gen version 0.1.0. This issue arises from improper handling of the statusFile argument, allowing attackers to manipulate file paths. Without adequate input validation, this...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A security vulnerability has been identified in the Sunwood-ai-labs command-executor-mcp-server, specifically in version 0.1.0 and earlier. This flaw resides in the execute_command function located in src/index.ts of the MCP Interface component. The vulnerability allows for potential OS command i...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been discovered in the Itsourcode Courier Management System version 1.0, specifically within the /edit_staff.php file. This flaw allows attackers to manipulate the ID argument, leading to SQL injection attacks. Consequently, an unauthorized user can execute remote queries agai...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A security flaw in the TimBroddin astro-mcp-server, specifically within the MCP Tool Query Construction component, allows for an SQL injection via crafted parameters in the request. An attacker can exploit this vulnerability remotely by manipulating the 'request.params.arguments' argument, which ...

A critical OS command injection vulnerability exists in the Eyal-Gor p_69_branch_monkey_mcp component, particularly within the Preview Endpoint's advanced.py file. By manipulating the 'dev_script' argument, attackers can execute arbitrary commands on the host system remotely. This vulnerability h...

A vulnerability exists in the CSV Export function of Ghantakiran's Splunk MCP Integration, specifically within the create_csv_export function of the csv_export.py file. This vulnerability arises from improper handling of the job_name argument, allowing an attacker to exploit this weakness to perf...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A path traversal vulnerability exists in the ggerve coding-standards-mcp product, specifically in the get_style_guide/get_best_practices function within the server.py file. The flaw arises from improper handling of the 'Language' argument, allowing attackers to traverse the file system remotely a...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...