MINI-XRF6-MCP2-3368

Bulletin has no description...

CVE-2026-3368

creationtimestamp| type| source ---|---|--- 2026-03-20 23:16:28+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3368...

EUVD-2026-3368

IBM Application Gateway 23.10 through 25.09 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003368)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003368 advisory. The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service syste...

CVE-2024-3368

The All in One SEO WordPress plugin before 4.6.1.1 does not validate and escape some of its Post fields before outputting them back, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-3368

Command injection in /main/webservices/additionalwebservices.php in Chamilo LMS = v1.11.20 allows unauthenticated attackers to obtain remote code execution via improper neutralisation of special characters. This is a bypass of CVE-2023-34960...

CVE-2013-3368

bin/rt in Request Tracker RT 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with predictable name...

Linux Distros Unpatched Vulnerability : CVE-2012-3368

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstance...

Apache Reverse Proxy Bypass Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Reverse Proxy Bypass Vulnerability Scanner', 'Description' = %q Scan for poorly configured reverse proxy servers. By default, this module...

RHEL 5 : dtach (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - dtach: Memory portion random stack data disclosure to the client by unclean client disconnect CVE-2012-3368 Note th...

RHEL 6 : dtach (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - dtach: Memory portion random stack data disclosure to the client by unclean client disconnect CVE-2012-3368 Note th...

CVE-2024-3368

creationtimestamp| type| source ---|---|--- 2024-05-21 15:29:59+00:00| seen| https://t.me/HackingInsights/723 2024-05-22 09:27:19+00:00| published-proof-of-concept| https://t.me/openSource3/129 2024-05-22 09:32:11+00:00| published-proof-of-concept|...

CVE-2024-3368 All in One SEO < 4.6.1.1 - Contributor+ Stored XSS

The All in One SEO WordPress plugin before 4.6.1.1 does not validate and escape some of its Post fields before outputting them back, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2024-3368 All in One SEO < 4.6.1.1 - Contributor+ Stored XSS

The All in One SEO WordPress plugin before 4.6.1.1 does not validate and escape some of its Post fields before outputting them back, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

EulerOS Virtualization 2.11.1 : shim (EulerOS-SA-2023-3368)

According to the versions of the shim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the function...

CVE-2023-3368

creationtimestamp| type| source ---|---|--- 2023-12-17 14:43:02+00:00| seen| https://t.me/ctinow/155616...

CVE-2023-3368

Command injection in /main/webservices/additionalwebservices.php in Chamilo LMS = v1.11.20 allows unauthenticated attackers to obtain remote code execution via improper neutralisation of special characters. This is a bypass of CVE-2023-34960...

CVE-2023-3368

Command injection in /main/webservices/additionalwebservices.php in Chamilo LMS = v1.11.20 allows unauthenticated attackers to obtain remote code execution via improper neutralisation of special characters. This is a bypass of CVE-2023-34960...

CVE-2023-3368

CVE-2023-3368 corresponds to an unauthenticated command injection in Chamilo LMS, exploited via the endpoint /main/webservices/additional_webservices.php. The public details state that Chamilo LMS

CVE-2023-3368 Chamilo LMS Unauthenticated Command Injection

Command injection in /main/webservices/additionalwebservices.php in Chamilo LMS = v1.11.20 allows unauthenticated attackers to obtain remote code execution via improper neutralisation of special characters. This is a bypass of CVE-2023-34960...