CVE-2013-3077

Multiple integer overflows in the IPMSFILTER and IPV6MSFILTER features in 1 sys/netinet/inmcast.c and 2 sys/netinet6/in6mcast.c in the multicast implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE allow local users to bypass intended restrictions on kernel-memory read and write...

CVE-2005-3077

Microsoft Internet Explorer 5.2.3 for Mac OS allows remote attackers to cause a denial of service crash via a web page with malformed attributes in a BGSOUND tag, possibly involving double-quotes in an about: URI...

CVE-2025-3077

The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button shortcode and Custom CSS field in all versions up to, and including, 28.0.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-3077

creationtimestamp| type| source ---|---|--- 2025-04-16 07:55:32+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11992 2025-04-16 10:43:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmwfusoyul2a 2025-04-16 11:50:55+00:00| seen| https://t.me/cvedetector/23059...

CVE-2025-3077

CVE-2025-3077 (Betheme, WordPress) : Betheme theme for WordPress (versions

WordPress Betheme Theme <= 28.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Betheme Type Theme Vulnerable versions = 28.0.3 Fixed in 28.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2025-3077 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7b297a9d938e Credits Webbernaut Required privilege...

openSUSE Security Advisory (SUSE-SU-2024:3077-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3077

An malicious BLE device can crash BLE victim device by sending malformed gatt packet...

CVE-2024-3077

An malicious BLE device can crash BLE victim device by sending malformed gatt packet...

CVE-2024-3077 Bluetooth: integer underflow in gatt_find_info_rsp

An malicious BLE device can crash BLE victim device by sending malformed gatt packet...

CVE-2024-3077

CVE-2024-3077 concerns Zephyr RTOS Bluetooth BLE: a vulnerability in GATT handling that can cause a victim BLE device to crash when receiving malformed GATT packets. The CVE description points to an integer underflow in gatt_find_info_rsp as the underlying issue. Affected software is Zephyr RTOS ...

CVE-2024-3077 Bluetooth: integer underflow in gatt_find_info_rsp

An malicious BLE device can crash BLE victim device by sending malformed gatt packet...

CVE-2018-3077

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:23+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5991...

CVE-2023-3077

The MStore API WordPress plugin before 3.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to a Blind SQL injection exploitable by unauthenticated users. This is only exploitable if the site owner elected to pay to get access to the plugins' pro features, an...

CVE-2023-3077

CVE-2023-3077 affects the MStore API WordPress plugin prior to version 3.9.8. The vulnerability is a Blind SQL injection in which the product_id parameter is not sanitized/escaped before being used in a SQL statement, and it is exploitable by unauthenticated users. Public details indicate exploit...

CVE-2023-3077 MStore API < 3.9.8 - Unauthenticated Blind SQLi

The MStore API WordPress plugin before 3.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to a Blind SQL injection exploitable by unauthenticated users. This is only exploitable if the site owner elected to pay to get access to the plugins' pro features, an...

CVE-2023-3077 MStore API < 3.9.8 - Unauthenticated Blind SQLi

The MStore API WordPress plugin before 3.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to a Blind SQL injection exploitable by unauthenticated users. This is only exploitable if the site owner elected to pay to get access to the plugins' pro features, an...

CBL Mariner 2.0 Security Update: kernel (CVE-2022-3077)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3077 advisory. - A buffer overflow vulnerability was found in the Linux kernel Intel's iSMT SMBus host controller driver in th...

SUSE CVE-2009-3077

Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns aka TreeColumns of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability."...

RLSA-2023:0300 Important: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: watch queue race condition can lead to privilege escalation CVE-2022-2959 kernel: memory corruption in AX88179178A based USB...