CVE-2023-3197

creationtimestamp| type| source ---|---|--- 2026-02-06 14:56:54+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-3197.yaml...

MiracleLinux 4 : openssl-1.0.1e-42.AXS4.4 (AXSA:2016-119:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-119:02 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

MiracleLinux 4 : openssl098e-0.9.8e-20.AXS4.1 (AXSA:2016-127:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-127:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

MiracleLinux 7 : openssl098e-0.9.8e-29.el7.3 (AXSA:2016-128:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-128:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

Linux Distros Unpatched Vulnerability : CVE-2021-3197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, ...

CVE-2025-3197

creationtimestamp| type| source ---|---|--- 2025-04-04 05:36:04+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10403 2025-04-04 07:58:38+00:00| seen| https://t.me/cvedetector/22072...

CVE-2025-3197

Versions of the package expand-object from 0.0.0 are vulnerable to Prototype Pollution in the expand function in index.js. This function expands the given string into an object and allows a nested property to be set without checking the provided keys for sensitive properties like proto...

CVE-2025-3197

Versions of the package expand-object from 0.0.0 are vulnerable to Prototype Pollution in the expand function in index.js. This function expands the given string into an object and allows a nested property to be set without checking the provided keys for sensitive properties like proto...

CVE-2025-3197

CVE-2025-3197 concerns the expand-object library. Reports across multiple sources confirm a Prototype Pollution flaw in the expand() function (index.js) that turns a string into an object without filtering keys like proto . Affected: expand-object versions 0.0.0 and later. Potential impact descri...

Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2015-3197)

ssl/s2srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the getclientmasterkey and...

Linux Distros Unpatched Vulnerability : CVE-2015-3197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ssl/s2srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle...

Ubuntu: Security Advisory (USN-6948-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for opera (openSUSE-SU-2022:10131-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for chromium (openSUSE-SU-2022:10123-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

3gtel-frontend-platform (=1.0.0), @achieve-all/v-element (=1.0.0) +294 more potentially affected by CVE-2025-3197 via expand-object (>=0.2.3 <=0.4.2)

expand-object NPM version =0.2.3, =0.1.1, =1.0.0, =1.0.0, =2.0.0, =2.0.7, =0.1.0, =1.0.0, =1.0.8, =0.1.2, =1.0.3, =6.0.0-rc1, =1.0.0, =1.0.8 and more Source cves: CVE-2025-3197 Source advisory: SNYK:JS-EXPANDOBJECT-5821390...

WordPress MStore API Plugin <= 4.0.1 is vulnerable to SQL Injection

Software MStore API Type Plugin Vulnerable versions = 4.0.1 Fixed in 4.0.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-3197 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 7aeff12fe9e3 Credits Truoc Phan / An Đặng Required privilege Unauthenticat...

openssl security update

1.0.1e-59.0.4 - Backport fixes for CVE-2023-0286 Orabug: 35212597 1.0.1e-59.0.3 - Fix possible infinite loop in BNmodsqrt CVE-2022-0778Orabug: 33969800 1.0.1e-59.0.1 - Backport fixes for CVE-2020-1971 Orabug: 32654738 1.0.1e-58.0.1 - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug...

SUSE CVE-2014-3197

The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive information via a...

MariaDB 5.5.0 < 5.5.27 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 5.5.27. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.27 advisory. - Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through...

Debian: Security Advisory (DLA-3197-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...