Amazon Linux 2 : kernel, --advisory ALAS2-2026-3302 (ALAS-2026-3302)

The version of kernel installed on the remote host is prior to 4.14.355-282.728. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3302 advisory. In the Linux kernel, the following vulnerability has been resolved:xfrm: esp: avoid in-place decrypt on shared skb...

CVE-2026-3302

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched...

MiracleLinux 8 : thunderbird-115.10.0-2.el8_9.ML.1 (AXSA:2024-7726:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7726:10 advisory. Mozilla: Denial of Service using HTTP/2 CONTINUATION frames CVE-2024-3302 Tenable has extracted the preceding description block directly from the...

TencentOS Server 4: firefox (TSSA-2024:0153)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0153 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

EUVD-2020-3302

Malware in sbrugna...

TencentOS Server 3: thunderbird (TSSA-2024:0142)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0142 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

WordPress Xagio SEO plugin <= 7.1.0.16 - Unauthenticated Stored Cross-Site Scripting via 'HTTP_REFERER' vulnerability

Unauthenticated Stored Cross-Site Scripting via 'HTTPREFERER' vulnerability discovered by Jack Taylor in WordPress Plugin Xagio SEO versions = 7.1.0.16...

CVE-2025-20675

In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413201; Issue ID: MSV-3302...

CVE-2023-3302

Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9...

CVE-2022-3302

The Spam protection, AntiSpam, FireWall by CleanTalk WordPress plugin before 5.185.1 does not validate ids before using them in a SQL statement, which could lead to SQL injection exploitable by high privilege users such as admin...

Linux Distros Unpatched Vulnerability : CVE-2017-3302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and...

CVE-2005-3302

creationtimestamp| type| source ---|---|--- 2025-01-16 19:55:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2014...

RHEL 6 / 7 : rh-mariadb100-mariadb (RHSA-2018:0279)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0279 advisory. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The...

AguardNet Space Management System Cross-Site Scripting Vulnerability

AguardNet Space Management System is a space management system from China-based AguardNet. A cross-site scripting vulnerability exists in AguardNet Space Management System versions prior to 2024-04-09-3302, which stems from not properly filtering user input, allowing a remote attacker with regula...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This updat...

RLSA-2024:1940 Low: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.10.0. Security Fixes: Mozilla: Denial of Service using HTTP/2 CONTINUATION frames CVE-2024-3302 For more details about the security issues, including the impact, a CVSS score,...

SUSE: Security Advisory (SUSE-SU-2024:1319-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:1350-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: firefox

Issue Overview: An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. This vulnerability affects Firefox 124.0.1 and Firefox ESR 115.9.1. CVE-2024-29944 There was no limit to the number of HTTP/2 CONTINUATIO...

Amazon Linux 2 : firefox (ALASFIREFOX-2024-024)

The version of firefox installed on the remote host is prior to 115.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2024-024 advisory. An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript...