arbor-ai (>=0.1.5 <=0.1.14), coreason-runtime (>=0.1.0 <=0.3.0) +11 more potentially affected by CVE-2026-3060 via sglang (>=0.1.26 <=0.5.2)

sglang PYPI version =0.1.26, =0.1.5, =0.1.0, =1.1.0, =2.0.0b40, =0.4.0, =0.0.1, =0.1.0, =0.1.0, =0.0.1.post1, =0.0.0, =0.8.0, =0.10.7 Source cves: CVE-2026-3060 Source advisory: SNYK:PYTHON-SGLANG-15470991...

CVE-2026-3060

SGLang' encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads without authentication...

CVE-2026-3060

SGLang' encoder parallel disaggregation system is vulnerable to unauthenticated remote code execution through the disaggregation module, which deserializes untrusted data using pickle.loads without authentication...

EUVD-2021-14843

Malware in sbrugna...

CVE-2021-28144

prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to inject arbitrary commands in an admin or root context because SetVirtualServerSettings calls CheckArpTables, which calls popen unsafely...

CVE-2025-3060

Vulnerability in Drupal Flattern – Multipurpose Bootstrap Business Profile.This issue affects Flattern – Multipurpose Bootstrap Business Profile:...

CVE-2022-3060

Improper control of a resource identifier in Error Tracking in GitLab CE/EE affecting all versions from 12.7 allows an authenticated attacker to generate content which could cause a victim to make unintended arbitrary requests...

SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2024:3060-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3060-1 advisory. This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-36921: wifi: iwlwifi:...

Rocky Linux 8 : gstreamer1-plugins-bad-free (RLSA-2024:3060)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3060 advisory. gstreamer-plugins-bad: Integer overflow leading to heap overwrite in MXF file handling with uncompressed video CVE-2023-40474 gstreamer-plugins-bad:...

Oracle Linux 8 : gstreamer1-plugins-bad-free (ELSA-2024-3060)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3060 advisory. - Patch CVE-2023-40474: Integer overflow - Patch CVE-2023-40475: Integer overflow - Patch CVE-2023-40476: Integer overflow in H.265 video parser Tenabl...

RHEL 8 : gstreamer1-plugins-bad-free (RHSA-2024:3060)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3060 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...

CVE-2024-3060

The ENL Newsletter WordPress plugin through 1.0.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin+ to perform SQL injection attacks...

CVE-2024-3060 ENL Newsletter <= 1.0.1 - Admin+ SQL Injection

The ENL Newsletter WordPress plugin through 1.0.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin+ to perform SQL injection attacks...

CVE-2024-3060 ENL Newsletter <= 1.0.1 - Admin+ SQL Injection

The ENL Newsletter WordPress plugin through 1.0.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin+ to perform SQL injection attacks...

WordPress ENL Newsletter Plugin <= 1.0.1 is vulnerable to SQL Injection

Software ENL Newsletter Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-3060 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 26e4041d5fe0 Credits Bob Matyas Required privilege Administrator Published...

Exploit for OS Command Injection in Paloaltonetworks Prisma_Access

CVE-2021-3060 POC/ Exploit Description: An OS command inj...

CVE-2023-3060

creationtimestamp| type| source ---|---|--- 2023-06-02 18:40:26+00:00| seen| https://t.me/cibsecurity/64892...

CVE-2023-3060

A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as problematic. This vulnerability affects the function doAddQuestion of the file btnfunctions.php. The manipulation of the argument Question leads to cross site scripting. The attack can be initiated...

CVE-2023-3060 code-projects Agro-School Management System btn_functions.php doAddQuestion cross site scripting

A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as problematic. This vulnerability affects the function doAddQuestion of the file btnfunctions.php. The manipulation of the argument Question leads to cross site scripting. The attack can be initiated...

CVE-2023-3060

CVE-2023-3060 affects code-projects’ Agro-School Management System 1.0, specifically the vulnerable function doAddQuestion in btn_functions.php. The issue arises from improper handling of the Question argument, enabling cross-site scripting (XSS). Exploitation is described as remote. Several conn...