GHSA-287x-9rff-qvcg: Rust Web Push is vulnerable to a DoS attack via a large integer in a Content-Length header

GHSA-3qhf-m339-9g5v: MCP Python SDK vulnerability in the FastMCP Server causes validation error, leading to DoS

GHSA-j975-95f5-7wqh: MCP Python SDK has Unhandled Exception in Streamable HTTP Transport ,Leading to Denial of Service

GHSA-794x-8x6x-qpfc: Zipkin Server vulnerable to Insecure Resource Initialization through its /heapdump endpoint

GHSA-j4rj-fgcq-wmqp: Cockpit - Content Platform vulnerable to XSS through name or email argument names

Cross Site Request Forgery (CSRF) vulnerability in Phpsysinfo version 3.4.3 allows a remote attacker to obtain sensitive information via a crafted page in the XML.php file.  Phpsysinfo 3.4.3 disables the functionality by default but the users may enable the vulnerable functionality.

**Phpsysinfo Cross Site Request Forgery (CSRF) vulnerability**

Moderate severity GitHub Reviewed Published Dec 19, 2023 to the GitHub Advisory Database • Updated Dec 19, 2023

Headline

GHSA-67gv-xrw7-p72w: Phpsysinfo Cross Site Request Forgery (CSRF) vulnerability

ghsa: Latest News