EUVD-2026-3186

A vulnerability was detected in cijliu librtsp up to 2ec1a81ad65280568a0c7c16420d7c10fde13b04. The impacted element is the function rtspparserequest. The manipulation results in buffer overflow. Attacking locally is a requirement. This product takes the approach of rolling releases to provide...

MiracleLinux 7 : libtiff-4.0.3-32.el7 (AXSA:2019-4125:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4125:01 advisory. libtiff: buffer overflow in gif2tiff CVE-2016-3186 libtiff: Heap-based buffer overflow in the cpSeparateBufToContigBuf function resulting in a denia...

EUVD-2025-3186

Malicious code in bioql PyPI...

EUVD-2025-9969

Malicious code in bioql PyPI...

CVE-2024-3186

CWE-476 NULL Pointer Dereference vulnerability in the evalExpr function of GoAhead Web Server version = 6.0.0 when compiled with the MEGOAHEADJAVASCRIPT flag. This vulnerability allows a remote attacker with the privileges to modify JavaScript template JST files to trigger a crash and cause a...

CVE-2023-3186

The Popup by Supsystic WordPress plugin before 1.10.19 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties into Object.prototype...

CVE-2009-3186

Multiple cross-site scripting XSS vulnerabilities in VideoGirls BiZ allow remote attackers to inject arbitrary web script or HTML via the 1 t parameter to forum.php, 2 profilename parameter to profile.php, and 3 p parameter to view.php...

CVE-2025-20660

In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3186...

CVE-2025-3186

A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /patient/invoice.php. The manipulation of the argument appid leads to sql injection. The attack can be...

CVE-2025-3186 projectworlds Online Doctor Appointment Booking System invoice.php sql injection

A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /patient/invoice.php. The manipulation of the argument appid leads to sql injection. The attack can be...

CVE-2025-3186 projectworlds Online Doctor Appointment Booking System invoice.php sql injection

A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /patient/invoice.php. The manipulation of the argument appid leads to sql injection. The attack can be...

CVE-2025-3186

The CVE-2025-3186 entry describes a SQL injection vulnerability in projectworlds Online Doctor Appointment Booking System v1.0, exploitable via the /patient/invoice.php endpoint when the appid parameter is manipulated. Affected component: unknown functionality within that PHP file. Root cause: im...

Linux Distros Unpatched Vulnerability : CVE-2016-3186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service application crash via a crafte...

CVE-2022-3186

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to...

CVE-2024-3186

CWE-476 NULL Pointer Dereference vulnerability in the evalExpr function of GoAhead Web Server version = 6.0.0 when compiled with the MEGOAHEADJAVASCRIPT flag. This vulnerability allows a remote attacker with the privileges to modify JavaScript template JST files to trigger a crash and cause a...

CVE-2024-3186

GoAhead Web Server (embedded GoAhead) contains a CWE-476 NULL Pointer Dereference in evalExpr() (and related valexpr in GoAhead) on versions 6.0.0 and earlier when built with ME_GOAHEAD_JAVASCRIPT. A remote attacker able to modify JST templates can trigger a crash leading to DoS. Affected product...

CVE-2024-3186

CWE-476 NULL Pointer Dereference vulnerability in the evalExpr function of GoAhead Web Server version = 6.0.0 when compiled with the MEGOAHEADJAVASCRIPT flag. This vulnerability allows a remote attacker with the privileges to modify JavaScript template JST files to trigger a crash and cause a...

openSUSE: Security Advisory for buildah (SUSE-SU-2024:3186-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:3186-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-3186

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:23+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5991...