ECHO-9B56-3337-79ED

Bulletin has no description...

Fedora: Security Advisory (FEDORA-2026-eb2fc8e93d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 44 : task (2026-04f13ba6d8)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-04f13ba6d8 advisory. Update to new release, includes updated dependencies that fix for a number of CVEs Tenable has extracted the preceding description block directly fr...

jsonwebtoken-aws-lc (=9.3.0), jwts (>=0.5.0 <=0.5.1) +2 more potentially affected by CVE-2026-3337 via aws-lc-sys (>=0.14.1 <=0.21.0)

aws-lc-sys CARGO version =0.14.1, =0.5.0, =0.102.2, =0.20.0, =0.31.0 Source cves: CVE-2026-3337 Source advisory: OSV:GHSA-65P9-R9H6-22VJ...

CVE-2026-3337

A flaw was found in AWS-LC. This vulnerability, a timing discrepancy, allows an unauthenticated attacker to potentially determine the validity of an authentication tag. This information disclosure could be exploited through timing analysis. Mitigation Mitigation for this issue is either not...

CVE-2026-3337

creationtimestamp| type| source ---|---|--- 2026-03-03 00:35:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mg4jlehr2u2e 2026-03-03 18:47:59+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mg6gmajx7a2w 2026-03-05 20:43:45+00:00| seen|...

CVE-2026-3337

Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVPaes128ccm, EVPaes192ccm, and EVPaes256ccm. Customers of AWS servic...

CVE-2026-3337

Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVPaes128ccm, EVPaes192ccm, and EVPaes256ccm. Customers of AWS servic...

jsonwebtoken-aws-lc (=9.3.0), jwts (>=0.5.0 <=0.5.1) +2 more potentially affected by CVE-2026-3337 via aws-lc-sys (>=0.14.1 <=0.21.0)

aws-lc-sys CARGO version =0.14.1, =0.5.0, =0.102.2, =0.20.0, =0.31.0 Source cves: CVE-2026-3337 Source advisory: OSV:RUSTSEC-2026-0045...

Oracle Linux 9 : podman (ELSA-2026-3337)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3337 advisory. - Rebuild for new golang to address CVE-2025-61726 Tenable has extracted the preceding description block directly from the Oracle Linux security...

EUVD-2026-3337

NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...

CVE-2011-3337

eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/...

CVE-2025-3337

A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/memberupdate.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-3337

creationtimestamp| type| source ---|---|--- 2025-04-07 05:45:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10676 2025-04-07 07:17:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lm7g652qc22f 2025-04-07 07:31:10+00:00| published-proof-of-concept|...

CVE-2025-3337 codeprojects Online Restaurant Management System member_update.php sql injection

A vulnerability was found in codeprojects Online Restaurant Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/memberupdate.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-3337

CVE-2025-3337 affects codeprojects Online Restaurant Management System 1.0. The vulnerability stems from improper handling of the ID parameter in /admin/member_update.php, enabling SQL injection and remote exploitation. Multiple sources describe it as critical/high risk with network access and lo...

CVE-2013-3337

creationtimestamp| type| source ---|---|--- 2025-02-14 21:08:31+00:00| seen| Telegram/1NSIX1wu2gyUOfYjusC-VT-KGW0oSSja3s2e2DaPm70aZ1Y9...

CVE-2024-3337 Colibri Page Builder <= 1.0.272 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'colibri_breadcrumb_element' Shortcode

The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibribreadcrumbelement' shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2024-3337 Colibri Page Builder <= 1.0.272 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'colibri_breadcrumb_element' Shortcode

The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'colibribreadcrumbelement' shortcode in all versions up to, and including, 1.0.272 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2015-3337

creationtimestamp| type| source ---|---|--- 2023-12-06 13:16:12+00:00| seen| https://t.me/arpsyndicate/1488...