CVE-2026-3106

creationtimestamp| type| source ---|---|--- 2026-03-31 10:48:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3midyuykuoa24 2026-03-31 11:17:40+00:00| seen| Telegram/-8jI6AiqCmQgWrggXH9YLwpKKzzq7by02yxwbxJ-KYwNVwI...

Advisory ROSA-SA-2025-3106

Software: c-ares 1.13.0 OS: ROSA Virtualization 2.1 packageevrstring: c-ares-1.13.0-11.rv3 CVE-ID: CVE-2020-22217 BDU-ID: 2023-05898 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the aresparsesoareply function of the C-ares asynchronous DNS query library is related to an operation exceeding...

EUVD-2007-3106

Malware in sbrugna...

CVE-2025-3106

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Table of Contents widget in all versions up to, and including, 1.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2025-3106

creationtimestamp| type| source ---|---|--- 2025-04-18 09:58:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12412 2025-04-18 11:16:04+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln3ilsuwtjj2 2025-04-18 16:34:34+00:00| seen|...

CVE-2025-3106 LA-Studio Element Kit for Elementor <= 1.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Table of Contents Widget

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Table of Contents widget in all versions up to, and including, 1.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2025-3106

CVE-2025-3106 affects LA-Studio Element Kit for Elementor (WordPress) up to version 1.4.9, enabling Stored Cross-Site Scripting via the Table of Contents widget when a contributor+ user supplies crafted attributes. Root cause: insufficient input sanitization and output escaping on user-provided a...

CVE-2025-3106 LA-Studio Element Kit for Elementor <= 1.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Table of Contents Widget

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Table of Contents widget in all versions up to, and including, 1.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2005-3106

creationtimestamp| type| source ---|---|--- 2025-01-16 19:55:56+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2015...

Malicious code in wlwz-2312-3106 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb33ddaad44ef021058fccd80c73e1d8716ee5f03a9092e925e35c82fc0ea15b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Unbreakable Enterprise kernel security update

4.1.12-124.78.2 - xfrm: fix crash in XFRMMSGGETSA netlink handler Vegard Nossum Orabug: 35598955 CVE-2023-3106 - netfilter: nftables: validate registers coming from userspace Harshvardhan Jha Orabug: 34012909 CVE-2022-1015 4.1.12-124.78.1 - vcscreen: move load of struct vcdata pointer in vcsread ...

CVE-2023-3106

creationtimestamp| type| source ---|---|--- 2023-07-12 12:41:34+00:00| seen| https://t.me/cibsecurity/66488...

CVE-2023-3106

CVE-2023-3106 is reported in Unity Linux advisories as a NULL pointer dereference in netlink_dump. The issue occurs when a Netlink socket receives a message (sendmsg) for XFRM_MSG_GETSA or XFRM_MSG_GETPOLICY with the DUMP flag set, potentially causing a denial of service. The description notes pr...

CVE-2023-3106 Kernel: netlink socket crash (null pointer deref) in netlink_dump function

A NULL pointer dereference vulnerability was found in netlinkdump. This issue can occur when the Netlink socket receives the messagesendmsg for the XFRMMSGGETSA, XFRMMSGGETPOLICY type message, and the DUMP flag is set and can cause a denial of service or possibly another unspecified impact. Due t...

Oracle Linux 8 : curl (ELSA-2023-3106)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-3106 advisory. 7.61.1-30.el88.2 - sftp: do not specify OAPPEND when not in append mode 2187717 7.61.1-30.el88.1 - fix FTP too eager connection reuse CVE-2023-27535 Tenable has...

RHEL 8 : curl (RHSA-2023:3106)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3106 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, a...

CBL Mariner 2.0 Security Update: kernel (CVE-2022-3106)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3106 advisory. - An issue was discovered in the Linux kernel through 5.16-rc6. ef100updatestats in...

SUSE CVE-2015-3106

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and befor...

SUSE: Security Advisory (SUSE-SU-2023:0149-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:0147-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0147-1 advisory. - An issue was discovered in the Linux kernel through 5.16-rc6. lkdtmARRAYBOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the...