tagDiv Composer < 4.2 - Stored Cross-Site Scripting

tagDiv Composer plugin versions before 4.2 for WordPress are vulnerable to unauthenticated stored XSS via the /wp-json/tdw/savecss endpoint. An attacker can inject malicious JavaScript code through the compiledcss parameter, which gets stored and executed when the CSS is loaded. id: CVE-2023-3169...

CVE-2026-3169

creationtimestamp| type| source ---|---|--- 2026-02-25 09:36:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfoexv3lob2o 2026-03-01 20:00:16+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfzjpnfpeu2a...

CVE-2026-3169

A security vulnerability has been detected in Tenda F453 1.0.0.3. This impacts the function fromSafeEmailFilter of the file /goform/SafeEmailFilter of the component httpd. The manipulation of the argument page leads to buffer overflow. Remote exploitation of the attack is possible. The exploit ha...

Amazon Linux 2 : openssl11, --advisory ALAS2-2026-3169 (ALAS-2026-3169)

The version of openssl11 installed on the remote host is prior to 1.1.1zf-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3169 advisory. Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...

EUVD-2026-3169

Malicious code in eslint-plugin-fuel-react npm...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.191.b12-0.el7 (AXSA:2018-3359:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3359:06 advisory. OpenJDK: Improper field access checks Hotspot, 8199226 CVE-2018-3169 OpenJDK: Unrestricted access to scripting engine Scripting, 8202936 CVE-2018-31...

MiracleLinux 7 : httpd-2.4.6-67.2.0.1.el7.AXS7 (AXSA:2017-2042:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2042:02 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. CVE-2017-3167 In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.2...

MiracleLinux 4 : httpd-2.2.15-60.5.0.1.AXS4 (AXSA:2017-1918:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1918:04 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. CVE-2017-3167 In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.2...

CVE-2018-3169 vulnerabilities

Vulnerabilities for packages: openjdk-11-openj9, openjdk-8-openj9, openjdk-21-openj9, openjdk-17-openj9...

Linux Distros Unpatched Vulnerability : CVE-2022-3169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET...

CVE-2021-3169

An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets...

CVE-2005-3169

Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit directory service access" policy is enabled, does not record a 565 event message for File Delete Child operations on an Active Directory object in the security event log, which could allow attackers to conduct unauthorized...

CVE-2025-3169

creationtimestamp| type| source ---|---|--- 2025-04-03 17:35:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10285 2025-04-03 21:55:44+00:00| seen| https://t.me/cvedetector/22008 2025-05-10 10:25:11+00:00| seen|...

CVE-2025-3169

CVE-2025-3169 affects Projeqtor up to 12.0.2. The vulnerability resides in the file /tool/saveAttachment.php where manipulating the attachmentFiles parameter enables unrestricted uploads. It can be triggered remotely, with attack complexity rated as high; exploitation is known to be difficult and...

Linux Distros Unpatched Vulnerability : CVE-2024-3169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...

Linux Distros Unpatched Vulnerability : CVE-2017-3169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during ...

Siemens SIMATIC Devices Linux Kernel Improper Input Validation (CVE-2022-3169)

A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVMEIOCTLRESET and the NVMEIOCTLSUBSYSRESET through the device file of the driver, resulting in a PCIe link disconnect. This plugin only works with Tenable.ot. Please visit...

CVE-2024-3169

creationtimestamp| type| source ---|---|--- 2024-07-17 02:20:01+00:00| seen| https://t.me/cvedetector/1034...

CVE-2024-3169

Use after free in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2024-3169

The CVE-2024-3169 issue affects Google Chrome (V8/Chromium) and is caused by a Use after free in V8, leading to potential heap corruption via a crafted HTML page. Affected software includes Google Chrome with V8, prior to 121.0.6167.139. Impact is high: remote attacker could potentially exploit t...