CVE-2026-3099

creationtimestamp| type| source ---|---|--- 2026-03-12 15:40:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mguqdjecn22o...

Linux Distros Unpatched Vulnerability : CVE-2026-3099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or...

MiracleLinux 7 : mod_nss-1.0.14-7.el7 (AXSA:2016-1119:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-1119:01 advisory. The modnss module provides strong cryptography for the Apache Web server via the Secure Sockets Layer SSL and Transport Layer Security TLS protocols using th...

CVE-2024-3099

A vulnerability in mlflow/mlflow version 2.11.1 allows attackers to create multiple models with the same name by exploiting URL encoding. This flaw can lead to Denial of Service DoS as an authenticated user might not be able to use the intended model, as it will open a different model each time...

CVE-2025-3099

creationtimestamp| type| source ---|---|--- 2025-04-02 09:34:30+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10045 2025-04-02 12:56:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lltgrtruqw2x 2025-04-02 14:58:57+00:00| seen| https://t.me/cvedetector/21855...

CVE-2025-3099

The CVE-2025-3099 entry concerns the Advanced Search by My Solr Server WordPress plugin. It is described as vulnerable to Cross-Site Request Forgery in all versions up to 2.0.5 due to missing or incorrect nonce validation on the MySolrServerSettings page. The impact stated is that unauthenticated...

CVE-2025-3099 Advanced Search by My Solr Server <= 2.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Advanced Search by My Solr Server plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on the 'MySolrServerSettings' page. This makes it possible for unauthenticated attackers to upda...

CVE-2025-3099 Advanced Search by My Solr Server <= 2.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Advanced Search by My Solr Server plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on the 'MySolrServerSettings' page. This makes it possible for unauthenticated attackers to upda...

WordPress Advanced Search by My Solr Server plugin <= 2.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Advanced Search by My Solr Server versions = 2.0.5...

Linux Distros Unpatched Vulnerability : CVE-2022-3099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in GitHub repository vim/vim prior to 9.0.0360. CVE-2022-3099 Note that Nessus relies on the presence of the package as reported by the vendor. C...

Linux Distros Unpatched Vulnerability : CVE-2016-3099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7...

a2 (>=0.1.0 <=0.3.17), agentos (>=0.0.5 <=0.0.7) +159 more potentially affected by CVE-2024-3099 via mlflow (>=0.8.2 <=2.11.1)

mlflow PYPI version =0.8.2, =0.1.0, =0.0.5, =0.1.2, =1.0.18.2, =0.0.1, =1.0.41, =1.4.0, =0.2.5, =3.0.0, =0.1.0, =0.2.0, =0.3.5, =0.8.0, =1.0.0 and more Source cves: CVE-2024-3099 Source advisory: OSV:GHSA-8F8Q-Q2J7-7J2M...

CVE-2024-3099 Denial of Service and Data Model Poisoning via URL Encoding in mlflow/mlflow

A vulnerability in mlflow/mlflow version 2.11.1 allows attackers to create multiple models with the same name by exploiting URL encoding. This flaw can lead to Denial of Service DoS as an authenticated user might not be able to use the intended model, as it will open a different model each time...

CVE-2024-3099

CVE-2024-3099 affects mlflow/mlflow 2.11.1 and is caused by inadequate validation of model names, allowing URL-encoded names to be treated as distinct from their decoded counterparts. This enables an attacker to create multiple models with the same name, leading to DoS (an authenticated user may ...

RHEL 6 : mod_nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - modnss: Invalid handling of +CIPHER operator CVE-2016-3099 Note that Nessus has not tested for this issue but has...

RHEL 5 : mod_nss (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - modnss: Invalid handling of +CIPHER operator CVE-2016-3099 Note that Nessus has not tested for this issue but has...

BELL-CVE-2022-3099 CVE-2022-3099 does not affect BellSoft software

Bulletin has no description...

Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS : Vim vulnerabilities (USN-6302-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6302-1 advisory. It was discovered that Vim incorrectly handled memory when opening certain files. If an attacker could trick a user into opening ...

CBL Mariner 2.0 Security Update: vim (CVE-2022-3099)

The version of vim installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3099 advisory. - Use After Free in GitHub repository vim/vim prior to 9.0.0360. CVE-2022-3099 Note that Nessus has not tested for...

SUSE CVE-2016-3099

modns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled...