RHCOS 4 : OpenShift Container Platform 4.1.20 golang (RHSA-2019:3131)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3131 advisory. - HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9512 - HTTP/2: flood using HEADERS frames results in...

CVE-2026-3131

creationtimestamp| type| source ---|---|--- 2026-02-24 21:51:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfn5mri7pw2d...

CVE-2026-3131

Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...

CVE-2026-3131

Improper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user with view-only permission to access sensitive connection data...

ECHO-C416-3131-D35B

Bulletin has no description...

CVE-2023-3131

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

CVE-2022-3131

The Search Logger WordPress plugin through 0.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users...

CVE-2021-3131

The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter...

CVE-2016-3131

Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls...

CVE-2025-3131 ECA: Event - Condition - Action - Critical - Cross site request forgery - SA-CONTRIB-2025-031

Cross-Site Request Forgery CSRF vulnerability in Drupal ECA: Event - Condition - Action allows Cross Site Request Forgery.This issue affects ECA: Event - Condition - Action: from 0.0.0 before 1.1.12, from 2.0.0 before 2.0.16, from 2.1.0 before 2.1.7, from 0.0.0 before 1.2...

CVE-2025-3131

The CVE-2025-3131 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the Drupal ECA: Event - Condition - Action module. Affected versions are ECA: Event - Condition - Action prior to 1.1.12 (0.0.0–1.1.11), 2.0.0 prior to 2.0.16, and 2.1.0 prior to 2.1.7 (also 0.0.0 prior to 1.2....

CVE-2025-3131 ECA: Event - Condition - Action - Critical - Cross site request forgery - SA-CONTRIB-2025-031

Cross-Site Request Forgery CSRF vulnerability in Drupal ECA: Event - Condition - Action allows Cross Site Request Forgery.This issue affects ECA: Event - Condition - Action: from 0.0.0 before 1.1.12, from 2.0.0 before 2.0.16, from 2.1.0 before 2.1.7, from 0.0.0 before 1.2...

Snowflake Connector for Python 安全漏洞

Snowflake Connector for Python is an open source interface from Snowflake Computing. It is used to develop Python applications that can connect to Snowflake and perform all standard operations. A security vulnerability exists in Snowflake Connector for Python versions prior to 3.13.1, which stems...

CVE-2024-3131 SourceCodester Computer Laboratory Management System sql injection

A vulnerability was found in SourceCodester Computer Laboratory Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /classes/Master.php?f=savecategory. The manipulation of the argument id leads to sql injection. The attack can be initiated...

CVE-2016-3131

creationtimestamp| type| source ---|---|--- 2024-02-28 10:41:10+00:00| seen| https://t.me/ctinow/195305...

SUSE: Security Advisory (SUSE-SU-2023:3131-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-3131

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

CVE-2023-3131 MStore API < 3.9.7 - Subscriber+ Unauthorized Settings Update

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...

CVE-2023-3131

CVE-2023-3131 affects the MStore API WordPress plugin prior to version 3.9.7. The vulnerability arises because most AJAX actions are not protected by privilege checks or nonce validation, enabling unauthorized actions such as modifying settings. Public references describe practical proof-of-conce...

CVE-2023-3131 MStore API < 3.9.7 - Subscriber+ Unauthorized Settings Update

The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both...