Advisory ROSA-SA-2026-3295

Component: kernel-ml 5.15.208 OS: rosa-server79 Unaffected versions: = kernel-ml-5.15.208-1.0.1.res7 Affected versions: kernel-ml-5.15.208-1.0.1.res7 CVE-ID: CVE-2026-46300 BDU-ID: None CVE-Crit: Not available CVE-DESCRIPTION: A vulnerability in the XFRM ESP-in-TCP subsystem of Linux kernels. A...

MINI-6MVP-3295-3X65

Bulletin has no description...

CVE-2022-3295

creationtimestamp| type| source ---|---|--- 2025-05-21 20:41:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17195...

CVE-2025-3295

creationtimestamp| type| source ---|---|--- 2025-04-17 05:57:32+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12191 2025-04-17 06:48:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmyj7gz55g2u 2025-04-17 10:28:11+00:00| seen| https://t.me/cvedetector/23216...

CVE-2025-3295 WP Editor <= 1.2.9.1 - Authenticated (Administrator+) Directory Traversal to Arbitrary File Read

The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.2.9.1. This makes it possible for authenticated attackers, with Administrator-level access and above, to read arbitrary files on the affected site's server which may reveal sensitive...

CVE-2025-3295

CVE-2025-3295 : The WP Editor WordPress plugin is vulnerable to an authenticated Directory Traversal leading to Arbitrary File Read in all versions up to 1.2.9.1. Exploitation requires Administrator-level access or higher, enabling an attacker to read arbitrary files on the affected site’s server...

CVE-2025-3295 WP Editor <= 1.2.9.1 - Authenticated (Administrator+) Directory Traversal to Arbitrary File Read

The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.2.9.1. This makes it possible for authenticated attackers, with Administrator-level access and above, to read arbitrary files on the affected site's server which may reveal sensitive...

WordPress WP Editor plugin <= 1.2.9.1 - Authenticated (Administrator+) Directory Traversal to Arbitrary File Read vulnerability

Authenticated Administrator+ Directory Traversal to Arbitrary File Read vulnerability discovered by nquangit in WordPress Plugin WP Editor versions = 1.2.9.1...

Cisco NX-OS Improper Authentication (CVE-2014-3295)

The HSRP implementation in Cisco NX-OS 6.22a and earlier allows remote attackers to bypass authentication and cause a denial of service group-member state modification and traffic blackholing via malformed HSRP packets, aka Bug ID CSCup11309. This plugin only works with Tenable.ot. Please visit...

CVE-2024-3295

CVE-2024-3295 affects the WordPress plugin User Registration – Custom Registration Form, Login Form, and User Profile, with vulnerable versions up to 3.1.5. The issue is a missing capability check in profile_pic_remove, enabling unauthenticated attackers to delete media files. The CVE entry is su...

WordPress User Registration Plugin <= 3.1.5 is vulnerable to Broken Access Control

Software User Registration Type Plugin Vulnerable versions = 3.1.5 Fixed in 3.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3295 Patch priority Medium CVSS severity Medium 6.5 Developer Masteriyo PSID 0a09ce75cc11 Credits wesley wcraft Required...

CVE-2023-3295

The Unlimited Elements For Elementor Free Widgets, Addons, Templates for WordPress is vulnerable to arbitrary file uploads due to missing file type validation of files in the file manager functionality in versions up to, and including, 1.5.66 . This makes it possible for authenticated attackers,...

CVE-2023-3295 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.66 - Authenticated (Contributor+) Arbitrary File Upload

The Unlimited Elements For Elementor Free Widgets, Addons, Templates for WordPress is vulnerable to arbitrary file uploads due to missing file type validation of files in the file manager functionality in versions up to, and including, 1.5.66 . This makes it possible for authenticated attackers,...

CVE-2023-3295

Affected software : WordPress plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) (versions up to and including 1.5.66). Root cause : missing file-type validation in the plugin’s file manager allows uploading arbitrary files. Impact : authenticated attackers with contributor...

CVE-2023-3295 Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.66 - Authenticated (Contributor+) Arbitrary File Upload

The Unlimited Elements For Elementor Free Widgets, Addons, Templates for WordPress is vulnerable to arbitrary file uploads due to missing file type validation of files in the file manager functionality in versions up to, and including, 1.5.66 . This makes it possible for authenticated attackers,...

CVE-2022-3295

CVE-2022-3295 affects the rdiffweb project (rdiffweb, prior to 2.4.8). The root cause is unlimited length for root directory names, allowing a crafted long string to trigger a denial of service. Impact is a DoS condition with potential memory issues; no data confidentiality or integrity impact is...

CVE-2022-3295 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8...

CVE-2022-3295 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8...

Mageia: Security Advisory (MGASA-2018-0437)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : libsndfile on SL7.x i686/x86_64 (2021:3295)

The remote Scientific Linux 7 host has packages installed that are affected by a vulnerability as referenced in the SLSA-2021:3295-1 advisory. - libsndfile: Heap buffer overflow via crafted WAV file allows arbitrary code execution CVE-2021-3246 Note that Nessus has not tested for this issue but h...