CVE-2026-3054

creationtimestamp| type| source ---|---|--- 2026-02-24 05:27:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mflglmaiwn27...

CVE-2026-3054

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

CVE-2026-3054

A vulnerability was identified in Alinto SOGo 5.12.3/5.12.4. This impacts an unknown function. The manipulation of the argument hint leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...

EUVD-2023-3054

Malicious code in bioql PyPI...

CVE-2025-3054

The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadfiles function in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload...

CVE-2025-3054

creationtimestamp| type| source ---|---|--- 2025-06-05 06:01:27+00:00| published-proof-of-concept| Telegram/uHWvAuvUwozE9xqR-TnjEBub-qWhHMqFHErXUgC3HaO00ME 2025-06-05 06:49:03+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqtq34qno7v2...

CVE-2025-3054

The CVE-2025-3054 entry affects the WP User Frontend Pro plugin for WordPress, with versions up to 4.1.3. The vulnerability is an arbitrary file upload due to missing file type validation in upload_files(), impacting authenticated users at Subscriber level and above, under conditions where the Pr...

CVE-2025-3054 WP User Frontend Pro <= 4.1.3 - Authenticated (Subscriber+) Arbitrary File Upload

The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadfiles function in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload...

CVE-2025-3054 WP User Frontend Pro <= 4.1.3 - Authenticated (Subscriber+) Arbitrary File Upload

The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadfiles function in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload...

openSUSE Security Advisory (SUSE-SU-2024:3054-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:3054-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress WPvivid Backup and Migration Plugin <= 0.9.99 is vulnerable to PHP Object Injection

Software WPvivid Backup and Migration Type Plugin Vulnerable versions = 0.9.99 Fixed in 0.9.100 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-3054 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 2efae3e5e650 Credits Maksim Kosenko Required...

CVE-2024-3054

WPvivid Backup & Migration Plugin for WordPress is vulnerable to PHAR Deserialization in all versions up to, and including, 0.9.99 via deserialization of untrusted input at the wpvividstggetcustomexcludepathfree action. This is due to the plugin not providing sufficient path validation on the...

CVE-2018-3054

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:23+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5992...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3054)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for chromium (FEDORA-2022-3f28aa88cf)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2022-3054

Insufficient policy enforcement in DevTools in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2022-3054

Vulnerability CVE-2022-3054 affects Google Chrome/Chromium where DevTools policy enforcement is insufficient, allowing potential heap corruption via a crafted HTML page on versions prior to 105.0.5195.52. Connected sources confirm Chrome/Chromium updates addressing this: Debian lists fixed 105.0....

CVE-2022-3054

Insufficient policy enforcement in DevTools in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10120-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10120-1 advisory. - Use after free in Network Service. CVE-2022-3038 - Use after free in WebSQL. CVE-2022-3039, CVE-2022-3041 - Use after free in Layout...