73 matches found
CVE-2026-3046
A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This vulnerability affects unknown code of the file /checkprofileold.php. The manipulation of the argument profileid leads to sql injection. Remote exploitation of the attack is...
CVE-2026-3046
A security vulnerability has been detected in itsourcecode E-Logbook with Health Monitoring System for COVID-19 1.0. This vulnerability affects unknown code of the file /checkprofileold.php. The manipulation of the argument profileid leads to sql injection. Remote exploitation of the attack is...
CVE-2026-3046
creationtimestamp| type| source ---|---|--- 2026-02-24 01:15:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfkyjrxphg27 2026-02-26 02:00:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfq3xnxtt52r...
EUVD-2026-3046
EUVD-2026-3046...
CVE-2025-3046
A vulnerability in the ObsidianReader class of the run-llama/llamaindex repository, versions 0.12.23 to 0.12.28, allows for arbitrary file read through symbolic links. The ObsidianReader fails to resolve symlinks to their real paths and does not validate whether the resolved paths lie within the...
aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +37 more potentially affected by CVE-2025-3046 via llama-index (>=0.10.0 <=0.12.22)
llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.7.0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =1.0.9, =1.0.3.post1, =0.1.2, =0.1.7.dev20240924104148, =0.1.0, =0.2.0 and more Source cves: CVE-2025-3046 Source advisory: SNYK:PYTHON-LLAMAINDEX-10645583...
CVE-2025-3046 Path Traversal via Symbolic Links in run-llama/llama_index
A vulnerability in the ObsidianReader class of the run-llama/llamaindex repository, versions 0.12.23 to 0.12.28, allows for arbitrary file read through symbolic links. The ObsidianReader fails to resolve symlinks to their real paths and does not validate whether the resolved paths lie within the...
CVE-2025-3046 Path Traversal via Symbolic Links in run-llama/llama_index
A vulnerability in the ObsidianReader class of the run-llama/llamaindex repository, versions 0.12.23 to 0.12.28, allows for arbitrary file read through symbolic links. The ObsidianReader fails to resolve symlinks to their real paths and does not validate whether the resolved paths lie within the...
CVE-2024-3046
In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an...
CVE-2023-3046
creationtimestamp| type| source ---|---|--- 2023-07-25 12:28:07+00:00| seen| https://t.me/cibsecurity/67214...
CVE-2023-3046
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Biltay Technology Scienta allows SQL Injection. This issue affects Scienta: before 20230630.1953...
CVE-2023-3046 SQLi in Biltay Technlogys Scienta
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Biltay Technology Scienta allows SQL Injection. This issue affects Scienta: before 20230630.1953...
CVE-2023-3046 SQLi in Biltay Technlogys Scienta
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Biltay Technology Scienta allows SQL Injection. This issue affects Scienta: before 20230630.1953...
SUSE CVE-2022-3046
Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...
Fedora: Security Advisory for chromium (FEDORA-2022-3f28aa88cf)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-3046
Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-3046
Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-3046
Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-3046
Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-3046
Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...