Amazon Linux 2 : rclone, --advisory ALAS2-2026-3285 (ALAS-2026-3285)

The version of rclone installed on the remote host is prior to 1.55.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3285 advisory. Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC...

MINI-HW86-3285-6JH8

Bulletin has no description...

MINI-3285-2839-MH97

Bulletin has no description...

CVE-2026-3285

A vulnerability was determined in berry-lang berry up to 1.1.0. The affected element is the function scanstring of the file src/belexer.c. This manipulation causes out-of-bounds read. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Patch name:...

CVE-2026-3285

creationtimestamp| type| source ---|---|--- 2026-02-27 05:45:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfsyz6qyfw2o...

CVE-2022-3285

Bypass of healthcheck endpoint allow list affecting all versions from 12.0 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an unauthorized attacker to prevent access to GitLab...

CVE-2025-3285

creationtimestamp| type| source ---|---|--- 2025-04-08 19:22:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmd756ore525 2025-04-09 13:15:45+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114308189037550499 2025-04-10 10:00:00+00:00| seen|...

CVE-2025-3285

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...

CVE-2025-3285 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...

CVE-2025-3285 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to read outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute...

CVE-2023-3285

creationtimestamp| type| source ---|---|--- 2024-07-09 13:05:32+00:00| seen| https://t.me/cvedetector/304...

CVE-2023-3285

CVE-2023-3285 refers to an Insecure Authorization (BOLA) in the EasyAppointments web app. The vulnerability resides in the POST /appointments endpoint, where a low-privileged user can create an appointment for any user (including administrators), leading to unauthorized data manipulation. Technic...

WordPress Responsive Slider by MetaSlider Plugin <= 3.70.0 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Slider by MetaSlider Type Plugin Vulnerable versions = 3.70.0 Fixed in 3.70.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3285 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 334dac19f012 Credits wesley...

CVE-2024-3285

The Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'metaslider' shortcode in all versions up to, and including, 3.70.0 due to insufficient input sanitization and output escaping on us...

CVE-2024-3285

CVE-2024-3285 concerns the Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin. The vulnerability is a Stored Cross-Site Scripting issue in the metaslider shortcode, triggered by insufficient input sanitization and output escaping on user-supplied attributes. It a...

CVE-2024-3285 Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows <= 3.70.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via metaslider Shortcode

The Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'metaslider' shortcode in all versions up to, and including, 3.70.0 due to insufficient input sanitization and output escaping on us...

CVE-2024-3285 Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows <= 3.70.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via metaslider Shortcode

The Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'metaslider' shortcode in all versions up to, and including, 3.70.0 due to insufficient input sanitization and output escaping on us...

CVE-2018-3285

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:23+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5991...

K50148721: MySQL vulnerabilities CVE-2018-3282, CVE-2018-3283, CVE-2018-3284, CVE-2018-3285, and CVE-2018-3286

Security Advisory Description CVE-2018-3282 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Storage Engines. Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allow...

Debian: Security Advisory (DLA-3285-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...