CVE-2026-3052 DataLinkDC dinky Flink Proxy Controller FlinkProxyController.java proxyUba server-side request forgery

A vulnerability was found in DataLinkDC dinky up to 1.2.5. The impacted element is the function proxyUba of the file dinky-admin/src/main/java/org/dinky/controller/FlinkProxyController.java of the component Flink Proxy Controller. Performing a manipulation results in server-side request forgery. ...

Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-3052 (ALAS-2025-3052)

The version of thunderbird installed on the remote host is prior to 140.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3052 advisory. There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the...

Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass

Untrusted pointer dereference in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...

CVE-2023-3052

The Page Builder by AZEXO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.27.133. This is due to missing or incorrect nonce validation on the 'azhaddpost', 'azhduplicatepost', 'azhupdatepost' and 'azhremovepost' functions. This makes it possibl...

CVE-2025-3052

creationtimestamp| type| source ---|---|--- 2025-05-12 19:49:32+00:00| published-proof-of-concept| https://t.me/TheDarkWebInformer/17179 2025-06-10 15:24:53+00:00| seen| https://www.thezdi.com/blog/2025/6/10/the-june-2025-security-update-review 2025-06-10 19:06:54+00:00| seen|...

CVE-2024-3052

Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is required to recover the gateway...

SUSE: Security Advisory (SUSE-SU-2024:3052-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3052 Z/IP Gateway S2 Nonce Get Denial of Service Vulnerability

Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is required to recover the gateway...

CVE-2024-3052 Z/IP Gateway S2 Nonce Get Denial of Service Vulnerability

Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is required to recover the gateway...

CVE-2024-3052

CVE-2024-3052 affects SiLabs Z-Wave over IP Gateway (Z/IP Gateway). Connected sources describe a Denial of Service caused by malformed S2 Nonce Get command classes that can crash the gateway, with a hard reset required to recover. Reported vulnerable context includes SiLabs Z-Wave over IP Gateway...

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an "aggressive" campaign. Google-owned Mandiant is tracking the activity under its...

WordPress Page Builder with Image Map by AZEXO Plugin <= 1.27.133 is vulnerable to Cross Site Request Forgery (CSRF)

Software Page Builder with Image Map by AZEXO Type Plugin Vulnerable versions = 1.27.133 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-3052 Patch priority Low CVSS severity Low 6.3 Developer Claim ownership PSID 3ed12ddc506d Credit...

CVE-2023-3052

The Page Builder by AZEXO plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.27.133. This is due to missing or incorrect nonce validation on the 'azhaddpost', 'azhduplicatepost', 'azhupdatepost' and 'azhremovepost' functions. This makes it possibl...

CVE-2023-3052

CVE-2023-3052 refers to the Page Builder by AZEXO WordPress plugin. A CSRF flaw exists in versions up to 1.27.133 caused by missing/incorrect nonce validation in the azh_add_post, azh_duplicate_post, azh_update_post, and azh_remove_post actions, enabling unauthenticated attackers to create, modif...

Fedora: Security Advisory for chromium (FEDORA-2022-3f28aa88cf)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2022-3052

creationtimestamp| type| source ---|---|--- 2022-09-26 20:23:04+00:00| seen| https://t.me/cibsecurity/50513...

CVE-2022-3052

Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions...

CVE-2022-3052

Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions...

CVE-2022-3052

The CVE-2022-3052 issue affects Google Chrome on ChromeOS (Lacros) before 105.0.5195.52, tied to a heap-buffer/heap-corruption risk in Window Manager when processing crafted UI interactions. The vulnerability requires a user to perform specific UI actions and could enable remote exploitation via ...

openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10120-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10120-1 advisory. - Use after free in Network Service. CVE-2022-3038 - Use after free in WebSQL. CVE-2022-3039, CVE-2022-3041 - Use after free in Layout...