114 matches found
Exploit for Improper Access Control in Proftpd
OpenVAS-Vulnerability-Analysis-Incident-Response-Report Real-W...
Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3306 (ALAS-2026-3306)
The version of thunderbird installed on the remote host is prior to 140.10.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3306 advisory. libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document. CVE-2026-41080...
CVE-2026-3306
An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed a user with read access to a repository and write access to a project to modify issue and pull request metadata through the project. When adding an item to a project that already existed, column value...
SUSE: Security Advisory (SUSE-SU-2024:3306-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-3306
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android...
CVE-2023-3306
A vulnerability was found in Ruijie RG-EW1200G EW3.01B11P204. It has been declared as critical. This vulnerability affects unknown code of the file app.09df2a9e44ab48766f5f.js of the component Admin Password Handler. The manipulation leads to improper access controls. The attack can be initiated...
CVE-2025-3306
creationtimestamp| type| source ---|---|--- 2025-04-06 01:38:10+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10621 2025-04-06 04:00:30+00:00| published-proof-of-concept| Telegram/HBFUUrGa3cJHt131NCCP4tblCqepouVMBTuDsYMDuf5r-jI 2025-04-06 05:07:20+00:00| seen|...
CVE-2025-3306
A vulnerability was found in code-projects Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /don.php. The manipulation of the argument fullname leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-3306 code-projects Blood Bank Management System don.php sql injection
A vulnerability was found in code-projects Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /don.php. The manipulation of the argument fullname leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2024-3306
creationtimestamp| type| source ---|---|--- 2024-09-12 15:37:07+00:00| seen| https://t.me/cvedetector/5473...
CVE-2024-3306 IDOR in Utarit Information's SoliClub
Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android...
CVE-2024-3306
This CVE-2024-3306 entry concerns Utarit Information SoliClub. Affected software: SoliClub mobile app on iOS (versions before 4.4.0) and Android (versions before 5.2.1). Vulnerability: Authorization Bypass Through User-Controlled Key due to incorrectly configured access control security levels. I...
Oracle Linux 9 : kernel (ELSA-2024-3306)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3306 advisory. - netfilter: nftables: disallow anonymous set with timeout flag Phil Sutter RHEL-32971 RHEL-30082 CVE-2024-26642 - netfilter: nftables: mark set as dea...
Moderate: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
ROS-20240404-18
Vulnerability in the OpenVAS database management system's OpenVAS scanning and vulnerability management tool MariaDB is associated with uncontrolled resource consumption when connecting to ports 3306 and 4567. Exploitation exploitation of the vulnerability could allow a remote attacker to cause a...
BIT-MARIADB-2023-5157 Mariadb: node crashes with transport endpoint is not connected mysqld got signal 6
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service...
openSUSE: Security Advisory for chromium (openSUSE-SU-2022:10138-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MAL-2024-473 Malicious code in wlwz-2312-3306 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e6fb0515359e7dad3e48666e86ee03e74725ee3c58c53c7d30d5502e2e40f5ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
mariadb: node crashes with Transport endpoint is not connected mysqld got signal 6
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service...
mariadb: node crashes with Transport endpoint is not connected mysqld got signal 6
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service...