CVE-2026-3105

creationtimestamp| type| source ---|---|--- 2026-02-24 20:28:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfmyyayknb2t 2026-02-24 20:29:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfmyz2eui52k 2026-02-24 22:06:59+00:00| seen|...

EUVD-2011-3069

Malware in sbrugna...

CVE-2025-3105 Vehica Core <= 1.0.97 - Authenticated (Subscriber+) Privilege Escalation

The Vehica Core plugin for WordPress, used by the Vehica - Car Dealer & Listing WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 1.0.97. This is due to the plugin not properly validating user meta fields prior to updating them in the database. This make...

WordPress Vehica Core plugin <= 1.0.97 - Authenticated (Subscriber+) Privilege Escalation vulnerability

Authenticated Subscriber+ Privilege Escalation vulnerability discovered by Alyudin Nafiie in WordPress Plugin Vehica Core versions = 1.0.97...

Linux Distros Unpatched Vulnerability : CVE-2016-3105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name. CVE-2016-3105...

Linux Distros Unpatched Vulnerability : CVE-2011-3105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in the Cascading Style Sheets CSS implementation in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of...

CVE-2024-3105

The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the 'insertphp' shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-3 (SUSE-SU-2024:3105-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3105-1 advisory. - CVE-2024-6119: Fixed denial of service in X.509 name checks bsc1229465 Tenable has extracted the...

Exploit for CVE-2024-3105

CVE-2024-3105 PoC The Woody code snippets – Insert Header Fo...

CVE-2024-3105

creationtimestamp| type| source ---|---|--- 2024-06-17 09:54:04+00:00| published-proof-of-concept| https://t.me/HackingInsights/2662 2024-08-10 15:29:59+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8232 2024-08-11 16:16:27+00:00| published-proof-of-concept|...

CVE-2024-3105 Woody code snippets – Insert Header Footer Code, AdSense Ads <= 2.5.0 -Authenticated (Contributor+) Remote Code Execution

The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the 'insertphp' shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized...

RHEL 7 : mercurial (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mercurial: arbitrary command execution in mercurial repo with a git submodule CVE-2017-17458 - The...

RHEL 8 : python3.11-cryptography (RHSA-2024:3105)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3105 advisory. The python-cryptography packages contain a Python Cryptographic Authority's PyCA's cryptography library, which provides cryptographic primitives and...

MAL-2024-454 Malicious code in wlwz-2312-3105 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a2eb4ea6faabf6083bcb5d38c607f239b21271d7ad50feaca0d61fc019c3705 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0105)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - An issue was discovered in the Linux kernel through 5.16-rc6. uapifinalize in drivers/infiniband/core/uverbsuapi.c lacks check of kmallocarray. CVE-2022-3105 - ...

CVE-2023-3105

creationtimestamp| type| source ---|---|--- 2023-07-12 12:45:23+00:00| seen| https://t.me/cibsecurity/66502...

CVE-2023-3105 LearnDash LMS <= 4.6.0 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary User Password Change

The LearnDash LMS plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.6.0. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for...

Critical Security Flaw in Social Login Plugin for WordPress Exposes Users' Accounts

A critical security flaw has been disclosed in miniOrange's Social Login and Register plugin for WordPress that could enable a malicious actor to log in as any user-provided information about email address is already known. Tracked as CVE-2023-2982 CVSS score: 9.8, the authentication bypass flaw...

WordPress LearnDash LMS Plugin <= 4.6.0 is vulnerable to Broken Authentication

Software LearnDash LMS Type Plugin Vulnerable versions = 4.6.0 Fixed in 4.6.0.1 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2023-3105 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID fcee4e28c7df Credits István Márton Required...

WordPress LearnDash LMS 4.6.0 Insecure Direct Object Reference Vulnerability

Description: LearnDash LMS = 4.6.0 – Authenticated Subscriber+ Insecure Direct Object Reference to Arbitrary User Password Change Affected Plugin: LearnDash LMS Plugin Slug: sfwd-lms Affected Versions: = 4.6.0 CVE ID: CVE-2023-3105 CVSS Score: 8.8 High CVSS Vector:...