CVE-2026-3193 Chia Blockchain send_transaction cross-site request forgery

A vulnerability was detected in Chia Blockchain 2.1.0. Impacted is an unknown function of the file /sendtransaction. The manipulation results in cross-site request forgery. The attack may be performed from remote. The attack requires a high level of complexity. The exploitability is considered...

MiracleLinux 3 : pango-1.14.9-8.AXS3.3 (AXSA:2011-317:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-317:02 advisory. Pango is a system for layout and rendering of internationalized text. Security issues fixed with this release: CVE-2011-3193 No information available at the...

@arcblock/gatsby-theme-docs (>=5.7.0 <=7.34.5), @changeinc/components (>=1.0.4 <=1.0.20) +87 more potentially affected by CVE-2025-3193 via algoliasearch-helper (>=2.13.0 <=2.2.0)

algoliasearch-helper NPM version =2.13.0, =5.7.0, =1.0.4, =1.0.4, =1.0.0, =2.2.1-custom, =0.0.7, =0.1.2, =0.1.4, =0.2.3, =0.2.1, =0.0.1, =2.0.0, =0.0.0, =1.9.0, =1.0.0, =1.4.2 and more Source cves: CVE-2025-3193 Source advisory: OSV:GHSA-529Q-4J3P-7C5R...

CVE-2025-3193

creationtimestamp| type| source ---|---|--- 2025-09-27 05:53:40+00:00| seen| Telegram/0HSSyxCpkFpeLmZywltR0PnyhYVaAOPjqGUBQnOK2lqwBWs...

CVE-2025-3193

Versions of the package algoliasearch-helper from 2.0.0-rc1 and before 3.11.2 are vulnerable to Prototype Pollution in the merge function in merge.js, which allows constructor.prototype to be written even though doing so throws an error. In the "extreme edge-case" that the resulting error is...

CVE-2023-3193

Cross-site scripting XSS vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.73, and Liferay DXP 7.4 update 70 through 73 allows remote attackers to inject arbitrary web script or HTML via the comliferaylayoutadminwebportletGroupPagesPortletbackURL...

CVE-2021-3193

Improper access and command validation in the Nagios Docker Config Wizard before 1.1.2, as used in Nagios XI through 5.7, allows an unauthenticated attacker to execute remote code as the apache user...

CVE-2024-3193

A vulnerability has been found in MailCleaner up to 2023.03.14 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Admin Endpoints. The manipulation leads to os command injection. The attack can be launched remotely. The exploit has been disclos...

CVE-2023-3193

Cross-site scripting XSS vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.73, and Liferay DXP 7.4 update 70 through 73 allows remote attackers to inject arbitrary web script or HTML via the comliferaylayoutadminwebportletGroupPagesPortletbackURL...

CVE-2023-3193

Cross-site scripting (XSS) vulnerability CVE-2023-3193 affects Liferay Portal 7.4.3.70–7.4.3.73 and Liferay DXP 7.4 update 70–73, in the Layout module’s SEO configuration. The issue allows remote attackers to inject arbitrary script/HTML via the _com_liferay_layout_admin_web_portlet_GroupPagesPor...

Important: Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus 2.7.1-1 security update

Red Hat Integration Camel Extensions for Quarkus 2.7.1-1 release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module forIBM BladeCenter use OpenSSL and have...

Debian: Security Advisory (DLA-117-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM b-type SAN switches and directors (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794)

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM b-type SAN switches and directors. IBM b-type SAN firmware has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3193DESCRIPTION: OpenSSL could allow a remote...

SUSE CVE-2014-3193

The SessionService::GetLastSession function in browser/sessions/sessionservice.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via vectors that leverage "type confusion" for callback processing...

SUSE CVE-2015-3193

The Montgomery squaring implementation in crypto/bn/asm/x8664-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x8664 platform, as used by the BNmodexp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key...

SA40100 - [Pulse Secure] December 3rd 2015 OpenSSL Security Advisory

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On December 3rd, 2015 the OpenSSL project announced a group of new security advisories. These issues may affect Pulse Secure products. The OpenSSL advisory can be found at the followin...

CVE-2022-3193

creationtimestamp| type| source ---|---|--- 2022-09-28 22:34:20+00:00| seen| https://t.me/cibsecurity/50615 2025-05-20 20:41:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17086...

CVE-2022-3193

An HTML injection/reflected Cross-site scripting XSS vulnerability was found in the ovirt-engine. A parameter "errordescription" fails to sanitize the entry, allowing the vulnerability to trigger on the Windows Service Accounts home pages...

CVE-2022-3193

CVE-2022-3193 – ovirt-engine exposes a HTML injection/reflected XSS flaw caused by insufficient sanitization of the parameter “error_description.” Vulnerable component: ovirt-engine web UI. Trigger: when the entry on the Windows Service Accounts home pages is processed, an attacker could cause re...