Amazon Linux 2 : libpng, --advisory ALAS2-2026-3189 (ALAS-2026-3189)

The version of libpng installed on the remote host is prior to 1.5.13-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3189 advisory. libpng: An out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogra...

NewStart CGSL MAIN 6.06 (SP) : bzip2 Vulnerability (NS-SA-2026-0013)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has bzip2 packages installed that are affected by a vulnerability: - Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service crash via a crafted bzip2 file, related to block ends...

CVE-2026-3189

creationtimestamp| type| source ---|---|--- 2026-02-25 17:17:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfp6riyntc2v...

RHEL 9 : 389-ds-base (RHSA-2026:3189)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3189 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server an...

Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2016-3189)

Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service crash via a crafted bzip2 file, related to block ends set to before the start of the block. This plugin only works with Tenable.ot. Please visit...

NewStart CGSL MAIN 6.06 : bzip2 Vulnerability (NS-SA-2025-0224)

The remote NewStart CGSL host, running version MAIN 6.06, has bzip2 packages installed that are affected by a vulnerability: - Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service crash via a crafted bzip2 file, related to block ends set...

CVE-2025-3189

creationtimestamp| type| source ---|---|--- 2025-04-04 15:37:09+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10480 2025-04-04 16:20:53+00:00| seen| https://t.me/cvedetector/22123...

CVE-2025-3189

Stored Cross-Site Scripting XSS in DoWISP in versions prior to 1.16.2.50, which consists of an stored XSS through the upload of a profile picture in SVG format with malicious Javascript code in it...

CVE-2025-3189

CVE-2025-3189 affects DoWISP before 1.16.2.50. A stored XSS flaw arises when a malicious SVG profile picture is uploaded, allowing code execution within DoWISP view contexts. Connected sources consistently report the same vulnerability and version boundary. The CVSS 4.0 vector indicates network a...

CVE-2025-3189 Stored Cross-Site Scripting (XSS) in DoWISP

Stored Cross-Site Scripting XSS in DoWISP in versions prior to 1.16.2.50, which consists of an stored XSS through the upload of a profile picture in SVG format with malicious Javascript code in it...

Linux Distros Unpatched Vulnerability : CVE-2016-3189

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service crash via a crafted bzip2 file, related to bloc...

RHEL 7 : bzip2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bzip2: out-of-bounds write in function BZ2decompress CVE-2019-12900 - Use-after-free vulnerability in...

RHEL 6 : bzip2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - bzip2: heap use after free in bzip2recover CVE-2016-3189 Note that Nessus has not tested for this issue but has...

CVE-2024-3189 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.37 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Testimonial', 'Progress Bar', 'Lottie Animations', 'Row Layout', 'Google Maps', and 'Advanced Gallery' blocks in all versions up to, and including,...

RHEL 7 : bzip2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - bzip2: heap use after free in bzip2recover CVE-2016-3189 Note that Nessus has not tested for this issue but has...

RHEL 6 : bzip2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bzip2: out-of-bounds write in function BZ2decompress CVE-2019-12900 - Use-after-free vulnerability in...

CVE-2016-3189

creationtimestamp| type| source ---|---|--- 2023-12-10 18:06:39+00:00| seen| https://t.me/arpsyndicate/1669 2025-06-09 16:56:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17711...

BELL-CVE-2016-3189 CVE-2016-3189 does not affect BellSoft software

Bulletin has no description...

CVE-2023-3189 SourceCodester Online School Fees System POST Parameter branch.php cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Online School Fees System 1.0. This affects an unknown part of the file /paysystem/branch.php of the component POST Parameter Handler. The manipulation of the argument branch leads to cross site scripting. It is...

CVE-2023-3189

CVE-2023-3189 affects SourceCodester Online School Fees System 1.0, via an XSS flaw in the POST Parameter Handler at /paysystem/branch.php (branch parameter). The vulnerability allows remote attackers to trigger cross-site scripting by manipulating the branch argument. Multiple connected sources ...