207 matches found
OPENSUSE-SU-2026:21149-1 Security update for bitcoin
This update for bitcoin fixes the following issues: Changes in bitcoin: - Reference the tracking bugs for CVEs already fixed in current bitcoin the affected versions all predate the shipped release: CVE-2018-20587 boo1125092 CVE-2019-15947 boo1149711 CVE-2020-14198 boo1181786 CVE-2021-3195...
DEBIAN-CVE-2026-3195
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...
CVE-2026-3195 Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...
Ubuntu: Security Advisory (USN-8161-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2026-3195
creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/ 2026-06-19 18:29:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3monxwnga622h...
Amazon Linux 2 : compat-libtiff3, --advisory ALAS2-2026-3195 (ALAS-2026-3195)
The version of compat-libtiff3 installed on the remote host is prior to 3.9.4-12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3195 advisory. libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c...
TencentOS Server 4: qemu (TSSA-2026:0167)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0167 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
BELL-CVE-2026-3195
Bulletin has no description...
SUSE CVE-2026-3195
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...
CVE-2026-3195
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...
UBUNTU-CVE-2026-3195
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...
MiracleLinux 7 : firefox-91.9.1-1.0.1.el7.AXS7 (AXSA:2022-3195:12)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3195:12 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...
MiracleLinux 7 : openssl-1.0.1e-51.el7.1 (AXSA:2015-933:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-933:02 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...
PT-2026-23849
Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description A heap buffer overflow condition exists in QEMU. This issue was automatically discovered and reported by an AI Agent three months prior to public disclosure. Recommendations At the moment, there...
CVE-2021-3195
bitcoind in Bitcoin Core through 0.21.0 can create a new file in an arbitrary directory e.g., outside the /.bitcoin directory via a dumpwallet RPC call. NOTE: this reportedly does not violate the security model of Bitcoin Core, but can violate the security model of a fork that has implemented...
CVE-2025-3195
A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown processing of the file /bbms.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The...
CVE-2025-3195
A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown processing of the file /bbms.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The...
CVE-2025-3195 itsourcecode Online Blood Bank Management System bbms.php sql injection
A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown processing of the file /bbms.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The...
CVE-2025-3195 itsourcecode Online Blood Bank Management System bbms.php sql injection
A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown processing of the file /bbms.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The...
Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-3195)
The ASN1TFLGCOMBINE implementation in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by...