CVE-2026-3146 vulnerabilities

Vulnerabilities for packages: libvips...

CVE-2026-3146 vulnerabilities

Vulnerabilities for packages: libvips...

CVE-2026-3146

A flaw was found in libvips. A local user could trigger a null pointer dereference by manipulating the vipsforeignloadmatrixheader function. This vulnerability could lead to a Denial of Service DoS, causing the application to become unresponsive. Mitigation Mitigation for this issue is either not...

CVE-2026-3146

A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of the patch is...

CVE-2026-3146

A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of the patch is...

UBUNTU-CVE-2026-3146

A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of the patch is...

CVE-2026-3146

CVE-2026-3146 affects libvips up to 8.18.0. The vulnerable element is vips_foreign_load_matrix_header in libvips/foreign/matrixload.c , which may trigger a null pointer dereference . Exploitation requires local access. The patch identifier is d4ce337c76bff1b278d7085c3c4f4725e3aa6ece and applying ...

CVE-2026-3146

A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of the patch is...

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3146 (ALAS-2026-3146)

The version of nerdctl installed on the remote host is prior to 2.2.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3146 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP...

EUVD-2018-0088

Malware in sbrugna...

CVE-2021-3146

The Dolby Audio X2 DAX2 API service before 0.8.8.90 on Windows allows local users to gain privileges...

CVE-2025-3146

A vulnerability, which was classified as critical, was found in PHPGurukul Bus Pass Management System 1.0. This affects an unknown part of the file /view-pass-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit ha...

Linux Distros Unpatched Vulnerability : CVE-2014-3146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting XSS attacks via...

Linux Distros Unpatched Vulnerability : CVE-2015-3146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 SSHMSGNEWKEYS and 2 SSHMSGKEXDHREPLY packet handlers in packagecb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers t...

RHEL 7 : python-lxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-lxml: XSS in lxml.html.clean module in lxml/html/clean.py CVE-2018-19787 - Incomplete blacklist...

RHEL 6 : python-lxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-lxml: XSS in lxml.html.clean module in lxml/html/clean.py CVE-2018-19787 - Incomplete blacklist...

RHEL 5 : python-lxml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-lxml: XSS in lxml.html.clean module in lxml/html/clean.py CVE-2018-19787 - Incomplete blacklist...

CVE-2024-3146 DedeCMS makehtml_rss_action.php cross-site request forgery

A vulnerability classified as problematic has been found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/makehtmlrssaction.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2024-3146 DedeCMS makehtml_rss_action.php cross-site request forgery

A vulnerability classified as problematic has been found in DedeCMS 5.7. This affects an unknown part of the file /src/dede/makehtmlrssaction.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2011-3146

creationtimestamp| type| source ---|---|--- 2024-03-25 11:49:23+00:00| seen| https://t.me/ETHICALHACKERSCOMMUNITY2/3889 2024-03-25 14:38:09+00:00| seen| Telegram/HKj6TR4hMohrGsEUcNFDijNGdim3MCZhggfzha3EYtXw 2024-03-25 14:38:09+00:00| seen| https://t.me/tengkorakcybercrewz/4400 2024-03-25...