DEBIAN-CVE-2026-3195

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...

Ubuntu: Security Advisory (USN-8161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-3195

creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/ 2026-06-19 18:29:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3monxwnga622h...

Amazon Linux 2 : compat-libtiff3, --advisory ALAS2-2026-3195 (ALAS-2026-3195)

The version of compat-libtiff3 installed on the remote host is prior to 3.9.4-12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3195 advisory. libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c...

TencentOS Server 4: qemu (TSSA-2026:0167)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0167 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

BELL-CVE-2026-3195

Bulletin has no description...

SUSE CVE-2026-3195

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...

UBUNTU-CVE-2026-3195

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...

CVE-2026-3195

two potential OOB memory accesses in virtio-snd...

MiracleLinux 7 : firefox-91.9.1-1.0.1.el7.AXS7 (AXSA:2022-3195:12)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3195:12 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

MiracleLinux 7 : openssl-1.0.1e-51.el7.1 (AXSA:2015-933:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-933:02 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

PT-2026-23849

Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description A heap buffer overflow condition exists in QEMU. This issue was automatically discovered and reported by an AI Agent three months prior to public disclosure. Recommendations At the moment, there...

CVE-2021-3195

bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory e.g., outside the /.bitcoin directory via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of a fork that has implemented...

CVE-2025-3195

A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown processing of the file /bbms.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-3195

A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown processing of the file /bbms.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-3195 itsourcecode Online Blood Bank Management System bbms.php sql injection

A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown processing of the file /bbms.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-3195 itsourcecode Online Blood Bank Management System bbms.php sql injection

A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown processing of the file /bbms.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The...

Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-3195)

The ASN1TFLGCOMBINE implementation in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by...

Linux Distros Unpatched Vulnerability : CVE-2014-3195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google V8, as used in Google Chrome before 38.0.2125.101, does not properly track JavaScript heap-memory allocations as allocations of uninitialized memory and...

CVE-2024-3195 MailCleaner Admin Endpoints path traversal

A vulnerability was found in MailCleaner up to 2023.03.14. It has been classified as critical. This affects an unknown part of the component Admin Endpoints. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...