109 matches found
100ms_edtech_template (>=0.1.4 <=0.1.5), 3d-ar-product-card (>=1.0.0 <=3.4.27) +2427 more potentially affected by unknown CVE via hls.js (>=1.0.0-alpha.5 <=1.6.5)
hls.js NPM version =1.0.0-alpha.5, =0.1.4, =1.0.0, =1.0.0, =0.3.0, =0.1.1, =1.0.0, =0.0.0, =1.0.0, =1.1.0, =1.0.0, =0.0.1-alpha.0, =0.1.0, =0.5.0 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3019...
MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2024-7436:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7436:01 advisory. QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest CVE-2023-3019 Tenable has extracted the preceding description block directly from the...
MiracleLinux 8 : pcp-5.3.7-20.el8 (AXSA:2024-8455:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8455:03 advisory. pcp: exposure of the redis server backend allows remote command execution via pmproxy CVE-2024-3019 Tenable has extracted the preceding description block...
SUSE-SU-2025:03233-1 Security update for pcp
This update for pcp fixes the following issues: - CVE-2024-3019: exposure of the redis server backend allows remote command execution via pmproxy bsc1222121...
Linux Distros Unpatched Vulnerability : CVE-2011-3019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact vi...
CVE-2024-3019
creationtimestamp| type| source ---|---|--- 2025-07-05 03:15:14+00:00| seen| Telegram/kQ-58MzrAkbIJfUuyir2UK-qHB4EoNcfifJSkojFVJCMlUY...
TencentOS Server 4: pcp (TSSA-2024:0788)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0788 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 3: pcp (TSSA-2024:0223)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0223 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2021-3019
ffay lanproxy 0.1 allows Directory Traversal to read /../conf/config.properties to obtain credentials for a connection to the intranet...
CVE-2019-3019
Vulnerability in the Oracle Banking Digital Experience product of Oracle Financial Services Applications component: Loan Calculator. Supported versions that are affected are 18.1, 18.2, 18.3 and 19.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...
Alibaba Cloud Linux 3 : 0021: virt:rhel and virt-devel:rhel (ALINUX3-SA-2024:0021)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0021 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3750: A DMA reentrancy issue was...
RLSA-2024:0135 Moderate: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
[SECURITY] [DLA 4144-1] qemu security update
Debian LTS Advisory DLA-4144-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón April 30, 2025 https://wiki.debian.org/LTS Package : qemu Version : 1:5.2+dfsg-11+deb11u4 CVE ID : CVE-2023-1544 CVE-2023-3019 CVE-2023-5088 CVE-2023-6693 CVE-2024-3447 Debian Bug...
CVE-2023-3019 affecting package qemu for versions less than 6.2.0-23
CVE-2023-3019 affecting package qemu for versions less than 6.2.0-23. A patched version of the package is available...
Advisory ROSA-SA-2025-2814
Software: qemu-kvm 6.2.0 OS: ROSA Virtualization 3.0 packageevrstring: qemu-kvm-6.2.0-53.rv30.2 CVE-ID: CVE-2021-3750 BDU-ID: 2024-04421 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the QEMU hardware emulator is related to a lack of checks to see if the buffer pointer overlaps with the MMIO...
CVE-2025-3019
creationtimestamp| type| source ---|---|--- 2025-03-31 07:30:38+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9608 2025-03-31 10:49:39+00:00| seen| https://t.me/cvedetector/21564 2025-04-05 00:34:16+00:00| seen|...
CVE-2025-3019 Cross-site scripting vulnerabilities in KNIME Business Hub web pages
KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If a user clicks on a malicious link or opens a malicious web page, arbitrary Java Script may be executed with this user's permissions. This can lead to information loss and/or modification of existin...
Linux Distros Unpatched Vulnerability : CVE-2024-3019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the...
Linux Distros Unpatched Vulnerability : CVE-2023-3019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to...
CVE-2022-3019
The forgot password token basically just makes us capable of taking over the account of whoever comment in an app that we can see bruteforcing comment id's might also be an option but I wouldn't count on it, since it would take a long time to find a valid one...