73 matches found
RHEL 9 : protobuf (RHSA-2026:3097)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3097 advisory. The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet...
MiracleLinux 8 : dotnet5.0-5.0.212-1.el8.ML.1 (AXSA:2022-3097:08)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3097:08 advisory. dotnet: ASP.NET Denial of Service via FormPipeReader CVE-2022-24464 dotnet: double parser stack buffer overrun CVE-2022-24512 brotli: buffer overflo...
Amazon Linux 2 : cri-tools, --advisory ALAS2-2025-3097 (ALAS-2025-3097)
The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3097 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a...
EUVD-2006-3097
Malware in sbrugna...
CVE-2013-3097
Unspecified Cross-site scripting XSS vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I router...
CVE-2025-3097
creationtimestamp| type| source ---|---|--- 2025-04-02 09:34:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10038 2025-04-02 14:59:04+00:00| seen| https://t.me/cvedetector/21861...
CVE-2025-3097
CVE-2025-3097 affects the WordPress plugin wp Time Machine. It is vulnerable to Cross-Site Request Forgery due to missing nonce validation on wpTimeMachineCore.php in all versions up to 3.4.0. This allows unauthenticated attackers to update settings and inject malicious web scripts via forged req...
CVE-2025-3097 wp Time Machine <= 3.4.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The wp Time Machine plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.0. This is due to missing or incorrect nonce validation on the 'wpTimeMachineCore.php' page. This makes it possible for unauthenticated attackers to update settings and...
CVE-2025-3097 wp Time Machine <= 3.4.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The wp Time Machine plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.0. This is due to missing or incorrect nonce validation on the 'wpTimeMachineCore.php' page. This makes it possible for unauthenticated attackers to update settings and...
WordPress wp Time Machine plugin <= 3.4.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin wp Time Machine versions = 3.4.0...
RHEL 9 : kpatch-patch-5_14_0-427_13_1, kpatch-patch-5_14_0-427_31_1, kpatch-patch-5_14_0-427_44_1, and kpatch-patch-5_14_0-427_55_1 (RHSA-2025:3097)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3097 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module i...
Adobe Digital Editions < 4.5.5 Multiple Vulnerabilities (APSB17-20) (macOS)
The version of Adobe Digital Editions installed on the remote macOS host is prior to 4.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB17-20 advisory. - Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The...
Adobe Digital Editions < 4.5.5 Multiple Vulnerabilities (APSB17-20)
The version of Adobe Digital Editions installed on the remote Windows host is prior to 4.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB17-20 advisory. - Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The...
WordPress NextGEN Gallery Plugin <= 3.59 is vulnerable to Broken Access Control
Software NextGEN Gallery Type Plugin Vulnerable versions = 3.59 Fixed in 3.59.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3097 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1d6376e4869c Credits Peng Zhou Required privilege...
openSUSE: Security Advisory for pipewire (SUSE-SU-2023:3097-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-3097
creationtimestamp| type| source ---|---|--- 2024-02-13 12:31:39+00:00| seen| https://t.me/ctinow/183769...
CVE-2023-3097
CVE-2023-3097 affects KylinSoft kylin-software-properties on KylinOS. A flaw in the function setMainSource allows an OS command injection with local access. The vulnerability is publicly disclosed and version prior to 0.0.1-130 is affected; upgrading to 0.0.1-130 addresses the issue. Multiple con...
Oracle Linux 8 : gssntlmssp (ELSA-2023-3097)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3097 advisory. - Fix CVE-2023-25563: multiple out-of-bounds read when decoding NTLM fields - Fix CVE-2023-25564: memory corruption when decoding UTF16 strings - Fix...
RHEL 8 : gssntlmssp (RHSA-2023:3097)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3097 advisory. The gssntlmssp is a GSSAPI NTLM mechanism that allows to perform NTLM authentication in GSSAPI programs. Security Fixes: gssntlmssp: multipl...
SUSE CVE-2011-3097
The PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an out-of-bounds write error in the implementation of sampled functions...