CVE-2026-3048 Nexus Repository 3 - Improper LDAP Referral Handling

An authenticated administrator who configures or tests LDAP connectivity in Sonatype Nexus Repository Manager versions 3.0.0 through 3.91.1 may be able to initiate unintended server-side connections when interacting with a malicious LDAP server...

MiracleLinux 3 : libpng-1.2.10-17.0.1.AXS3 (AXSA:2012-642:03)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-642:03 advisory. The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphic...

MiracleLinux 4 : libpng-1.2.49-1.AXS4 (AXSA:2012-541:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-541:03 advisory. The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphic...

CVE-2010-3048

Cisco Unified Personal Communicator 7.0 1.13056 does not free allocated memory for received data and does not perform validation if memory allocation is successful, causing a remote denial of service condition...

CVE-2025-3048

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

better-lambda-deploy (>=0.0.4 <=0.6.9), localambda (=0.0.1) +1 more potentially affected by CVE-2025-3048 via aws-sam-cli (>=0.17.0 <=1.12.0)

aws-sam-cli PYPI version =0.17.0, =0.0.4, =0.0.7, =0.0.12 Source cves: CVE-2025-3048 Source advisory: OSV:GHSA-PP64-WJ43-XQCR...

AWS SAM CLI Path Traversal allows file copy to local cache

Summary The AWS Serverless Application Model Command Line Interface AWS SAM CLI is an open-source CLI tool that helps Lambda developers to build and develop Lambda applications locally on their computers using Docker. After completing a build with AWS SAM CLI which include symlinks, the content o...

CVE-2025-3048

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

CVE-2025-3048

creationtimestamp| type| source ---|---|--- 2025-03-31 15:31:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9675 2025-03-31 16:40:47+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114258034481176074 2025-03-31 16:40:47+00:00| seen|...

CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

CVE-2025-3048

CVE-2025-3048 concerns AWS SAM CLI. When building with Docker (--use-container) and symlinks are included, the content of those symlinks can be copied into the SAM CLI cache as regular files/directories, potentially exposing privileged host files to users within the local workspace. This affects ...

CVE-2025-3048 Path Traversal in AWS SAM CLI allows file copy to local cache

After completing a build with AWS Serverless Application Model Command Line Interface SAM CLI which include symlinks, the content of those symlinks are copied to the cache of the local workspace as regular files or directories. As a result, a user who does not have access to those symlinks outsid...

Huawei EulerOS: Security Advisory for syslinux (EulerOS-SA-2024-2839)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for syslinux (EulerOS-SA-2024-2915)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3048

The Bannerlid WordPress plugin through 1.1.0 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

CVE-2024-3048 Bannerlid <= 1.1.0 - Reflected XSS

The Bannerlid WordPress plugin through 1.1.0 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

CVE-2024-3048 Bannerlid <= 1.1.0 - Reflected XSS

The Bannerlid WordPress plugin through 1.1.0 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as administrators...

WordPress Bannerlid Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Bannerlid Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3048 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID febfae6c0eaf Credits Bob Matyas Required...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2023-3048)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-3048

Authorization Bypass Through User-Controlled Key vulnerability in TMT Lockcell allows Authentication Abuse, Authentication Bypass. This issue affects Lockcell: before 15...