CVE-2026-3279 Enable jQuery Migrate Helper <= 1.4.1 - Missing Authorization to Authenticated (Subscriber+) jQuery Version Downgrade

The Enable jQuery Migrate Helper plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the downgradejqueryversion function in all versions up to, and including, 1.4.1. This is due to the function only verifying a nonce without checking user...

Amazon Linux 2 : cups, --advisory ALAS2-2026-3279 (ALAS-2026-3279)

The version of cups installed on the remote host is prior to 1.6.3-51. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3279 advisory. OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and...

CGA-8R6W-X595-3279

Bulletin has no description...

MiracleLinux 7 : postgresql-9.2.24-8.el7 (AXSA:2022-3279:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3279:01 advisory. postgresql: Autovacuum, REINDEX, and others omit security restricted operation sandbox CVE-2022-1552 Tenable has extracted the preceding description block...

CGA-3279-8PRX-X244

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2025-3279

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed...

CVE-2025-3279

An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS condition by sending crafted GraphQL requests...

UBUNTU-CVE-2025-3279

An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS condition by sending crafted GraphQL requests...

CVE-2025-3279

creationtimestamp| type| source ---|---|--- 2025-06-26 05:49:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19574 2025-06-26 05:54:43+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lsigriehbcg2 2025-06-26...

CVE-2025-3279

Removed by vendor...

GitLab 10.7 < 17.11.5 / 18.0 < 18.0.3 / 18.1 < 18.1.1 (CVE-2025-3279)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 17.11.5, 18.0 before 18.0.3, and 18.1 before 18.1.1 that could have allowed authenticated attackers to create a DoS...

CVE-2023-3279

The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks...

CVE-2005-3279

Stack-based buffer overflow in the vgascoprintf function in Jan Kybic BitMap Viewer BMV 1.2, when compiled with the MUNIX flag and running setuid, allows local users to gain privileges via a long filename in the -b command line option...

CVE-2022-3279

creationtimestamp| type| source ---|---|--- 2025-05-13 16:30:48+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16166...

CVE-2024-3279

The CVE concerns mintplex-labs/anything-llm, specifically the import endpoint. An improper access control flaw allegedly allows anonymous, unauthenticated users to import their own database file, potentially deleting or spoofing the existing anythingllm.db and enabling serving malicious data or c...

CVE-2023-3279

creationtimestamp| type| source ---|---|--- 2023-10-17 00:32:20+00:00| seen| https://t.me/cibsecurity/72352...

WordPress NextGEN Gallery Plugin < 3.39 is vulnerable to Local File Inclusion

Software NextGEN Gallery Type Plugin Vulnerable versions 3.39 Fixed in 3.39 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2023-3279 Patch priority Low CVSS severity Low 6 Developer Claim ownership PSID 1c647829048b Credits Linwz from DEVCORE Required privilege Administrat...

CVE-2023-3279

The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks...

CVE-2023-3279 NextGEN Gallery < 3.39 - Admin+ Local File Inclusion

The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks...

CVE-2023-3279 NextGEN Gallery < 3.39 - Admin+ Local File Inclusion

The WordPress Gallery Plugin WordPress plugin before 3.39 does not validate some block attributes before using them to generate paths passed to include function/s, allowing Admin users to perform LFI attacks...