Amazon Linux 2 : python-tornado, --advisory ALAS2-2026-3286 (ALAS-2026-3286)

The version of python-tornado installed on the remote host is prior to 4.2.1-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3286 advisory. In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to...

MINI-C3WH-C9Q6-3286

Bulletin has no description...

ECHO-B1A0-3286-88DA

Bulletin has no description...

CVE-2026-3286

creationtimestamp| type| source ---|---|--- 2026-02-27 05:20:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfsxnjw2va24...

CVE-2026-3286 itwanger paicoding Image Save Endpoint ImageRestController.java save server-side request forgery

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...

CVE-2026-3286

A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...

CVE-2022-3286

Lack of IP address checking in GitLab EE affecting all versions from 14.2 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows a group member to bypass IP restrictions when using a deploy token...

CVE-2025-3286

CVE-2025-3286 affects Rockwell Automation Arena. A local code execution vulnerability arises from improper validation of user-supplied data, allowing a threat actor to read outside the allocated memory buffer and, if exploited, disclose information and execute arbitrary code. The exploitation sce...

CVE-2023-3286 A BOLA vulnerability in POST /secretaries in EasyAppointments < 1.5.0

A BOLA vulnerability in POST /secretaries allows a low privileged user to create a low privileged user secretary in the system. This results in unauthorized data manipulation...

CVE-2023-3286 A BOLA vulnerability in POST /secretaries in EasyAppointments < 1.5.0

A BOLA vulnerability in POST /secretaries allows a low privileged user to create a low privileged user secretary in the system. This results in unauthorized data manipulation...

CVE-2023-3286

CVE-2023-3286 affects Easy!Appointments prior to version 1.5.0. The vulnerability is described as a BOLA issue on POST /secretaries that allows a low-privileged user to create another low-privileged secretary account, enabling unauthorized data manipulation. The connected sources consistently fra...

CVE-2024-3286

Summary (CVE-2024-3286): A buffer overflow vulnerability affecting certain Lenovo printers allows an unauthenticated user to trigger a device restart by sending a specially crafted web request. This is reported across multiple sources in the connected documents, including original CVE records and...

CVE-2018-3286

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:23+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5991...

K50148721: MySQL vulnerabilities CVE-2018-3282, CVE-2018-3283, CVE-2018-3284, CVE-2018-3285, and CVE-2018-3286

Security Advisory Description CVE-2018-3282 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Storage Engines. Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allow...

CVE-2022-3286

creationtimestamp| type| source ---|---|--- 2022-10-17 20:13:28+00:00| seen| https://t.me/cibsecurity/51610 2025-05-13 16:30:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16171...

CVE-2022-3286

Lack of IP address checking in GitLab EE affecting all versions from 14.2 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows a group member to bypass IP restrictions when using a deploy token...

CVE-2022-3286

Lack of IP address checking in GitLab EE affecting all versions from 14.2 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows a group member to bypass IP restrictions when using a deploy token...

CVE-2022-3286

The CVE-2022-3286 issue arises from a lack of IP address checking in GitLab EE, allowing a group member to bypass IP restrictions when using a deploy token. Affected products and ranges: GitLab EE versions 14.2 up to (but not including) 15.2.5; 15.3 up to 15.3.4; and 15.4 up to 15.4.1. Root cause...

GitLab 14.2 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3286)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Lack of IP address checking in GitLab EE affecting all versions from 14.2 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows a group member to bypass IP restrictions when using a...

FreeBSD : Gitlab -- Multiple vulnerabilities (04422df1-40d8-11ed-9be7-454b1dd82c64)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 04422df1-40d8-11ed-9be7-454b1dd82c64 advisory. - Gitlab reports: Denial of Service via cloning an issue Arbitrary PUT request as victim user...