CVE-2026-3390

creationtimestamp| type| source ---|---|--- 2026-03-01 14:09:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfyw42rfa42n...

CVE-2026-3390

A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patchlineend of the file src/lilybuilderror.c of the component Error Reporting. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...

CVE-2026-3390 FascinatedBox lily Error Reporting lily_build_error.c patch_line_end out-of-bounds

A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patchlineend of the file src/lilybuilderror.c of the component Error Reporting. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...

CVE-2026-3390

A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patchlineend of the file src/lilybuilderror.c of the component Error Reporting. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is...

EUVD-2026-3390

A reflected cross-site scripting xss vulnerability exists in the notifynewstudy functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

EUVD-2023-43803

Malicious code in bioql PyPI...

Rejected reason: Duplicate of CVE-2023-3390.

...

Linux Distros Unpatched Vulnerability : CVE-2023-3390

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nftablesapi.c. Mishandled error handling with NFTMSGNEWRULE...

CVE-2013-3390

Memory leak in Cisco Prime Central for Hosted Collaboration Solution HCS Assurance 8.6 and 9.x before 9.21 allows remote attackers to cause a denial of service memory consumption via a flood of TCP packets, aka Bug ID CSCub59158...

Oracle Linux 7 : libreoffice (ELSA-2025-3390)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3390 advisory. 5.3.6.1-26.0.3 - Fix CVE-2025-1080, do not process macros in exotic uri schemes Orabug: 37770225 Tenable has extracted the preceding description block directly...

CVE-2025-3390

A vulnerability, which was classified as problematic, was found in hailey888 oasystem up to 2025.01.01. Affected is the function addandchangeday of the file cn/gson/oass/controller/daymanager/DaymanageController.java of the component Backend. The manipulation of the argument scheduleList leads to...

CVE-2025-3390

creationtimestamp| type| source ---|---|--- 2025-04-08 00:46:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10807 2025-04-08 03:06:56+00:00| seen| https://t.me/cvedetector/22367 2025-04-08 03:17:44+00:00| seen|...

CVE-2025-3390

A vulnerability, which was classified as problematic, was found in hailey888 oasystem up to 2025.01.01. Affected is the function addandchangeday of the file cn/gson/oass/controller/daymanager/DaymanageController.java of the component Backend. The manipulation of the argument scheduleList leads to...

CVE-2025-3390 hailey888 oa_system Backend DaymanageController.java addandchangeday cross site scripting

A vulnerability, which was classified as problematic, was found in hailey888 oasystem up to 2025.01.01. Affected is the function addandchangeday of the file cn/gson/oass/controller/daymanager/DaymanageController.java of the component Backend. The manipulation of the argument scheduleList leads to...

CVE-2025-3390

CVE-2025-3390 affects hailey888 oa_system (Backend) with a flaw in DaymanageController.java:addandchangeday. Manipulation of the argument scheduleList enables cross-site scripting. The vulnerability can be exploited remotely, and the exploit has been disclosed publicly. The product uses a rolling...

CVE-2025-3390 hailey888 oa_system Backend DaymanageController.java addandchangeday cross site scripting

A vulnerability, which was classified as problematic, was found in hailey888 oasystem up to 2025.01.01. Affected is the function addandchangeday of the file cn/gson/oass/controller/daymanager/DaymanageController.java of the component Backend. The manipulation of the argument scheduleList leads to...

Security Bulletin: IBM Security Guardium is affected by multiple OS level vulnerabilities

Summary IBM Security Guardium has fixed this vulnerability Vulnerability Details CVEID:CVE-2022-1941 DESCRIPTION: protobuf is vulnerable to a denial of service, caused by a parsing vulnerability for the MessageSet type in the ProtocolBuffers. By sending a specially crafted message with multiple...

SUSE: Security Advisory (SUSE-SU-2023:3391-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 5.0: Linux PHSA-2023-5.0-0046

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0046. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Security Bulletin: TSSC/IMC is vulnerable to aritrary code execution due to Linux Kernel

Summary TSSC/IMC is vulnerable to arbitrary code execution due to Linux Kernel. A patch that updates the Kernel library has been provided. CVE-2023-2002, CVE-2023-3090, CVE-2023-3390, CVE-2023-3776, CVE-2023-4004, CVE-2023-20593, CVE-2023-35001, CVE-2023-35788. Vulnerability Details...