mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries

modelcontextprotocol servers

NanaZip UFS Archive Parser Memory Corruption via Unvalidated Directory Record Length

M2Team NanaZip M2Team NanaZip +1个

NanaZip .NET Single-File Parser Integer Underflow Leads to Unbounded Allocation (DoS)

M2Team NanaZip M2Team NanaZip +1个

NanaZip .NET Single-File Manifest Parser Vulnerable to Out-of-Bounds Read via Unchecked RelativePathLength

M2Team NanaZip M2Team NanaZip +1个

Zed Extension Sandbox Escape via Tar Symlink Following

zed-industries zed

Symlink Escape in Agent File Tools

zed-industries zed

Zed has Zip Slip Path Traversal in Extension Archive Extraction

zed-industries zed

ImageMagick has a heap Buffer Over-read in its DJVU image format handler

ImageMagick ImageMagick ImageMagick ImageMagick +2个

ImageMagick: Heap Buffer Over-read in WaveletDenoise when processing small images

ImageMagick ImageMagick ImageMagick ImageMagick +2个

Manyfold vulnerable to session hijack via cookie leakage in proxy caches

manyfold3d manyfold manyfold manyfold

Manyfold vulnerable to OS command injection via ZIP filename in f3d render

manyfold3d manyfold manyfold manyfold

TinyWeb has Unbounded Content-Length Memory Exhaustion (DoS)

maximmasiutin TinyWeb ritlabs tinyweb

TinyWeb vulnerable to Remote Denial of Service via Thread/Connection Exhaustion (Slowloris)

maximmasiutin TinyWeb ritlabs tinyweb

fosrl Pangolin Role verifyApiKeyRoleAccess access control

fosrl Pangolin fosrl Pangolin +2个

CGI Parameter Injection (Bypass of STRICT_CGI_PARAMS and EscapeShellParam)

maximmasiutin TinyWeb

n8n has Arbitrary Command Execution via File Write and Git Operations

n8n-io n8n n8n-io n8n

n8n Vulnerable to Stored XSS via Various Nodes

n8n-io n8n n8n-io n8n +1个

n8n: Expression Sandbox Escape Leads to RCE

n8n-io n8n n8n-io n8n +1个

n8n has Potential Remote Code Execution via Merge Node

n8n-io n8n n8n-io n8n +1个

n8n has a Sandbox Escape in its JavaScript Task Runner

n8n-io n8n n8n-io n8n +1个