Amazon Linux 2 : compat-libtiff3, --advisory ALAS2-2026-3194 (ALAS-2026-3194)

The version of compat-libtiff3 installed on the remote host is prior to 3.9.4-12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3194 advisory. libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. CVE-2025-61145 A...

CVE-2026-3194

CVE-2026-3194 affects Chia Blockchain 2.1.0. The vulnerability is in the RPC Server Master Passphrase Handler, specifically the functions send_transaction and get_private_key, leading to missing authentication. It is locally exploitable with high attack complexity, and exploitation has been publi...

MiracleLinux 7 : openssl-1.0.1e-51.el7.1 (AXSA:2015-933:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-933:02 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

CVE-2009-3194

Cross-site scripting XSS vulnerability in index.php in JCE-Tech SearchFeed Script allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2025-3194

Versions of the package bigint-buffer from 0.0.0 are vulnerable to Buffer Overflow in the toBigIntLE function. Attackers can exploit this to crash the application...

0xppl-solana-portfolio (=1.0.0), 0xuath-sdk-react (>=0.0.2 <=0.0.23) +6378 more potentially affected by CVE-2025-3194 via bigint-buffer (=1.1.5)

bigint-buffer NPM version =1.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on bigint-buffer and may be impacted: - 0xppl-solana-portfolio =1.0.0 - 0xuath-sdk-react =0.0.2, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.0, =0.0.77, =0.2.0, =0.1.1,...

CVE-2025-3194

Versions of the package bigint-buffer from 0.0.0 are vulnerable to Buffer Overflow in the toBigIntLE function. Attackers can exploit this to crash the application...

CVE-2025-3194

Versions of the package bigint-buffer from 0.0.0 are vulnerable to Buffer Overflow in the toBigIntLE function. Attackers can exploit this to crash the application...

CVE-2025-3194

Versions of the package bigint-buffer from 0.0.0 are vulnerable to Buffer Overflow in the toBigIntLE function. Attackers can exploit this to crash the application...

Siemens SCALANCE X-200RNA Switch Devices NULL Pointer Dereference (CVE-2015-3194)

crypto/rsa/rsaameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an RSA PSS ASN.1 signature that lacks a mask generation function parameter. This plugin only works with Tenable.ot...

Linux Distros Unpatched Vulnerability : CVE-2015-3194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto/rsa/rsaameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service NULL pointer dereference and...

CVE-2007-3194

creationtimestamp| type| source ---|---|--- 2025-01-17 14:56:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2135...

CVE-2024-3194

A vulnerability was found in MailCleaner up to 2023.03.14 and classified as problematic. Affected by this issue is some unknown functionality of the component Log File Endpoint. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to...

CVE-2022-3194

creationtimestamp| type| source ---|---|--- 2024-01-24 19:16:33+00:00| seen| https://t.me/ctinow/173004 2024-02-06 10:11:19+00:00| seen| https://t.me/ctinow/179872...

CVE-2022-3194

The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators...

CVE-2022-3194

The CVE-2022-3194 entry concerns the Dokan WordPress plugin. Affected software: Dokan up to version 3.6.4. Vulnerability: vendors can inject arbitrary JavaScript into product reviews, enabling stored XSS attacks against other users, including site administrators. Root cause: injection via review ...

CVE-2022-3194 Dokan < 3.6.4 - Vendor Stored Cross-Site Scripting

The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators...

CVE-2022-3194 Dokan < 3.6.4 - Vendor Stored Cross-Site Scripting

The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators...

CVE-2023-5556 Cross-site Scripting (XSS) - Reflected in structurizr/onpremises

Cross-site Scripting XSS - Reflected in GitHub repository structurizr/onpremises prior to 3194...

onpremises Cross-Site Scripting Vulnerability

onpremises is an open source application from Structurizr. A cross-site scripting vulnerability exists in versions prior to onpremises 3194. An attacker could exploit this vulnerability to perform cross-site scripting attacks...