Amazon Linux 2 : python3-tornado, --advisory ALAS2-2026-3213 (ALAS-2026-3213)

The version of python3-tornado installed on the remote host is prior to 5.0.2-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3213 advisory. Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limi...

CVE-2026-3213

creationtimestamp| type| source ---|---|--- 2026-03-25 18:04:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhvogjrf7e2s...

CVE-2026-3213 Anti-Spam by CleanTalk - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-014

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Anti-Spam by CleanTalk allows Cross-Site Scripting XSS.This issue affects Anti-Spam by CleanTalk: from 0.0.0 before 9.7.0...

CVE-2026-3213 Anti-Spam by CleanTalk - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-014

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Anti-Spam by CleanTalk allows Cross-Site Scripting XSS.This issue affects Anti-Spam by CleanTalk: from 0.0.0 before 9.7.0...

CVE-2025-3213

A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. This vulnerability affects unknown code of the file /view-note.php?noteid=11. The manipulation of the argument remark leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-3213 PHPGurukul e-Diary Management System view-note.php sql injection

A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. This vulnerability affects unknown code of the file /view-note.php?noteid=11. The manipulation of the argument remark leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-3213 PHPGurukul e-Diary Management System view-note.php sql injection

A vulnerability classified as critical was found in PHPGurukul e-Diary Management System 1.0. This vulnerability affects unknown code of the file /view-note.php?noteid=11. The manipulation of the argument remark leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-3213

CVE-2025-3213 affects PHPGurukul e-Diary Management System 1.0. The vulnerability is in view-note.php?noteid=11 where the remark parameter enables SQL injection due to improper input validation. Exploitation appears remote (network vector) with potential data exposure. Multiple connected sources ...

openSUSE Security Advisory (SUSE-SU-2024:3213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NetBIOS Response BadTunnel Brute Force Spoof (NAT Tunnel)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetBIOS Response "BadTunnel" Brute Force Spoof NAT Tunnel', 'Description' = %q This module listens for a NetBIOS name request and then continuous...

CVE-2024-3213

The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssiupdatecounts function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive...

CVE-2024-3213 Relevanssi – A Better Search <= 4.22.1 - Missing Authorization to Unauthenticated Count Option Update

The Relevanssi – A Better Search plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the relevanssiupdatecounts function in all versions up to, and including, 4.22.1. This makes it possible for unauthenticated attackers to execute expensive...

WordPress Relevanssi Premium Plugin <= 2.25.1 is vulnerable to Broken Access Control

Software Relevanssi Premium Type Plugin Vulnerable versions = 2.25.1 Fixed in 2.25.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3213 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4260d574a21e Credits Thura Moe Myint...

WordPress Relevanssi Plugin <= 4.22.1 is vulnerable to Broken Access Control

Software Relevanssi Type Plugin Vulnerable versions = 4.22.1 Fixed in 4.22.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3213 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8c3f0b93ac8a Credits Thura Moe Myint mgthuramoemyint...

CVE-2023-3213

The WP Mail SMTP Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the isprintpage function in versions up to, and including, 3.8.0. This makes it possible for unauthenticated attackers to disclose potentially sensitive email information...

WordPress WP Mail SMTP Pro Plugin <= 3.8.0 is vulnerable to Broken Access Control

Software WP Mail SMTP Pro Type Plugin Vulnerable versions = 3.8.0 Fixed in 3.8.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3213 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 55736a8f4b7c Credits Alex Thomas Required privileg...

SUSE CVE-2012-3213

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting...

SUSE CVE-2022-3213

A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service...

Mageia: Security Advisory (MGASA-2022-0446)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:3487-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...