240 matches found
CVE-2026-3139
creationtimestamp| type| source ---|---|--- 2026-03-31 13:33:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miec4236ft2d 2026-04-01 18:45:04+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mihdxqcpqd2e...
Amazon Linux 2 : java-11-amazon-corretto, --advisory ALAS2-2026-3139 (ALAS-2026-3139)
The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.30+7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3139 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...
MiracleLinux 4 : kernel-2.6.32-696.30.1.el6 (AXSA:2018-3139:05)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3139:05 advisory. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Tenable has extracted the...
MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.191.b12-0.el7 (AXSA:2018-3359:06)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3359:06 advisory. OpenJDK: Improper field access checks Hotspot, 8199226 CVE-2018-3169 OpenJDK: Unrestricted access to scripting engine Scripting, 8202936 CVE-2018-31...
CVE-2023-3139
creationtimestamp| type| source ---|---|--- 2025-09-16 21:02:28+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lyy7rtzk5b25...
CVE-2023-3139
The Protect WP Admin WordPress plugin before 4.0 discloses the URL of the admin panel via a redirection of a crafted URL, bypassing the protection offered...
CVE-2022-3139
The We’re Open! WordPress plugin before 1.42 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2014-3139
recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string...
CVE-2022-3139
creationtimestamp| type| source ---|---|--- 2025-05-14 16:33:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16326...
CVE-2025-3139
A vulnerability was found in code-projects Bus Reservation System 1.0 and classified as critical. Affected by this issue is the function Login of the component Login Form. The manipulation of the argument Str1 leads to buffer overflow. It is possible to launch the attack on the local host. The...
CVE-2025-3139
creationtimestamp| type| source ---|---|--- 2025-04-03 06:52:18+00:00| seen| https://t.me/cvedetector/21938 2025-04-03 07:06:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3llvdotrrts2w 2025-04-03 13:35:04+00:00| published-proof-of-concept|...
CVE-2025-3139
A vulnerability was found in code-projects Bus Reservation System 1.0 and classified as critical. Affected by this issue is the function Login of the component Login Form. The manipulation of the argument Str1 leads to buffer overflow. It is possible to launch the attack on the local host. The...
CVE-2025-3139 code-projects Bus Reservation System Login Form login buffer overflow
A vulnerability was found in code-projects Bus Reservation System 1.0 and classified as critical. Affected by this issue is the function Login of the component Login Form. The manipulation of the argument Str1 leads to buffer overflow. It is possible to launch the attack on the local host. The...
CVE-2025-3139 code-projects Bus Reservation System Login Form login buffer overflow
A vulnerability was found in code-projects Bus Reservation System 1.0 and classified as critical. Affected by this issue is the function Login of the component Login Form. The manipulation of the argument Str1 leads to buffer overflow. It is possible to launch the attack on the local host. The...
Linux Distros Unpatched Vulnerability : CVE-2016-3139
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The wacomprobe function in drivers/input/tablet/wacomsys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service NU...
Linux Distros Unpatched Vulnerability : CVE-2017-3139
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an...
openSUSE 15 Security Update : python-Django (SUSE-SU-2024:3139-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3139-1 advisory. - CVE-2024-45230: Fixed potential denial-of-service vulnerability in django.utils.html.urlize. bsc1229823 - CVE-2024-45231: Fixed potential user emai...
Rocky Linux 8 : squashfs-tools (RLSA-2024:3139)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3139 advisory. squashfs-tools: unvalidated filepaths allow writing outside of destination CVE-2021-40153 squashfs-tools: possible Directory Traversal via symbolic link...
Oracle Linux 8 : squashfs-tools (ELSA-2024-3139)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-3139 advisory. 4.3-21 - CVE-2021-41072 squashfs-tools: additional write outside destination directory exploit fix CVE-2021-40153 squashfs-tools: unvalidated filepaths...
CentOS 8 : squashfs-tools (CESA-2024:3139)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2024:3139 advisory. - squashfsopendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new...