CVE-2026-3391

creationtimestamp| type| source ---|---|--- 2026-03-01 14:04:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfyvt4e4jq2e...

CVE-2026-3391

CVE-2026-3391 affects FascinatedBox lily up to version 2.3. The vulnerability is in the function clear_storages in src/lily_emitter.c and results in an out-of-bounds read. Exploitation requires local access, and public proof-of-concept/exploit code exists. The issue was disclosed via an issue rep...

EUVD-2026-3391

A reflected cross-site scripting xss vulnerability exists in the modifyCoercion functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

CVE-2025-3391

A vulnerability has been found in hailey888 oasystem up to 2025.01.01 and classified as problematic. Affected by this vulnerability is the function outAddress of the file cn/gson/oass/controller/address/AddrController. java of the component Backend. The manipulation of the argument outtype leads ...

CVE-2025-3391

A vulnerability has been found in hailey888 oasystem up to 2025.01.01 and classified as problematic. Affected by this vulnerability is the function outAddress of the file cn/gson/oass/controller/address/AddrController. java of the component Backend. The manipulation of the argument outtype leads ...

CVE-2025-3391

creationtimestamp| type| source ---|---|--- 2025-04-08 00:46:12+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10805 2025-04-08 05:37:39+00:00| seen| https://t.me/cvedetector/22383...

CVE-2025-3391

The CVE-2025-3391 issue affects hailey888 oa_system (versions up to 2025.01.01). The vulnerable component is AddrController.java, function outAddress; improper handling of the outtype parameter enables cross-site scripting (XSS) and the attack can be launched remotely. Exploit publicized. Public ...

Oracle Linux 8 : libreswan (ELSA-2019-3391)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-3391 advisory. 3.29-6.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 3.29-6 - Resolves: rhbz1714331 support NSS based IKE KDFs require updated nss for rhbz...

CVE-2023-3391

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection. The attack can be initiated remotely. The...

CVE-2023-3391 SourceCodester Human Resource Management System detailview.php sql injection

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection. The attack can be initiated remotely. The...

CVE-2023-3391

The issue is in SourceCodester Human Resource Management System 1.0, specifically in the file detailview.php where the parameter employeeid can be manipulated to perform SQL injection. The vulnerability can be exploited remotely, with exploits disclosed publicly. Root cause: unsafe handling of th...

CVE-2023-3391 SourceCodester Human Resource Management System detailview.php sql injection

A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection. The attack can be initiated remotely. The...

SUSE CVE-2005-3391

Multiple vulnerabilities in PHP before 4.4.1 allow remote attackers to bypass safemode and openbasedir restrictions via unknown attack vectors in 1 ext/curl and 2 ext/gd...

CVE-2022-3391

creationtimestamp| type| source ---|---|--- 2022-10-25 20:27:08+00:00| seen| https://t.me/cibsecurity/52037 2025-05-09 19:26:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15824...

CVE-2022-3391

CVE-2022-3391 affects the Retain Live Chat WordPress plugin up to version 0.1. The issue is a failure to sanitize and escape certain settings, enabling stored cross-site scripting (XSS) by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (including multisite setups). Ro...

openSUSE: Security Advisory for mariadb (SUSE-SU-2022:3391-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2022:3391-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3391-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:3391-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-3391

CVE-2021-3391 affects MobileIron Mobile@Work up to 2021-03-22. The vulnerability enables an attacker to distinguish valid, disabled, and nonexistent user accounts by measuring the number of failed login attempts required to trigger a Lockout message, effectively enabling account enumeration. The ...