66 matches found
📄 libvips 8.19.0 vips_extract_area_build Local Integer Overflow
This Python script performs an advanced security audit on libvips version 8.19.0. It specifically targets the integer overflow vulnerability in the function vipsextractareabuild...
CVE-2026-3284
creationtimestamp| type| source ---|---|--- 2026-02-27 05:50:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfszc5jyy32n...
CVE-2025-20677
In Bluetooth driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412256; Issue ID: MSV-3284...
CVE-2022-3284
Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0...
CVE-2009-3284
Directory traversal vulnerability in phpspot PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHPRSSBuilder, and webshot, dated before 20090914, allows remote attackers to read arbitrary files via unspecified vectors...
CVE-2025-3284 User Registration & Membership PRO – Custom Registration Form, Login Form, and User Profile <= 5.1.3 - Cross-Site Request Forgery to User Deletion
The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.1.3. This is due to missing or incorrect nonce validation on the userregistrationprodeleteaccount...
CVE-2025-3284
CVE-2025-3284 concerns WordPress plugin User Registration & Membership PRO (
BELL-CVE-2018-3284 CVE-2018-3284 does not affect BellSoft software
Bulletin has no description...
CVE-2022-3284
Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0...
CVE-2022-3284 Insecure way of passing a download key
Download key for a file in a vault was passed in an insecure way that could easily be logged in M-Files New Web in M-Files before 22.11.12011.0. This issue affects M-Files New Web: before 22.11.12011.0...
CVE-2022-3284
CVE-2022-3284 affects M-Files New Web versions prior to 22.11.12011.0, where the download key for a vault file was passed insecurely and could be logged. Multiple sources (NVD, Red Hat, PRION, CNNVD, PT-Security) corroborate this issue and specify impact to confidentiality (high) with no integrit...
K50148721: MySQL vulnerabilities CVE-2018-3282, CVE-2018-3283, CVE-2018-3284, CVE-2018-3285, and CVE-2018-3286
Security Advisory Description CVE-2018-3282 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Storage Engines. Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allow...
Debian dla-3284 : libapache-session-ldap-perl - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3284 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3284-1 [email protected]...
SUSE SLES15: flatpak / flatpak-devel / flatpak-zsh-completion / libflatpak0 / etc (SUSE-SU-2022:3284-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3284-1 advisory. - CVE-2021-41133: Fixed sandbox bypass via recent syscalls bsc1191507. - CVE-2021-43860: Fixed metadata validation bsc1194610...
SUSE: Security Advisory (SUSE-SU-2019:0555-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2021-3284 · Microsoft · Sharepoint Server +1
Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Foundation affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: The issue is related to incorrect...
CVE-2020-3284
A vulnerability in the enhanced Preboot eXecution Environment PXE boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the...
CVE-2020-3284
Cisco IOS XR 64-bit devices are affected by CVE-2020-3284 due to a vulnerability in the enhanced PXE boot loader. The issue arises because internal commands during the PXE network boot process are not properly verified, allowing an unauthenticated, remote attacker to execute unsigned code if they...
Oracle Linux 6 : postgresql-jdbc (ELSA-2020-3284)
The remote Oracle Linux 6 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-3284 advisory. 8.4.704-4 - require explicitly jdk-1.6 due to ABI bytecode compatibility 8.4.704-3 - fixed XXE vulnerability CVE-2020-13692 Tenable has extracted the preceding...
CVE-2018-3284
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Serve...