62 matches found
MINI-3394-GHQ2-FWMW
Bulletin has no description...
CVE-2026-3394
A vulnerability was detected in jarikomppa soloud up to 20200207. This affects the function SoLoud::Wav::loadwav of the file src/audiosource/wav/soloudwav.cpp of the component WAV File Parser. Performing a manipulation results in memory corruption. The attack must be initiated from a local...
CVE-2026-3394
creationtimestamp| type| source ---|---|--- 2026-03-01 13:59:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfyvk5vy3a2u...
CVE-2026-3394 jarikomppa soloud WAV File soloud_wav.cpp loadwav memory corruption
A vulnerability was detected in jarikomppa soloud up to 20200207. This affects the function SoLoud::Wav::loadwav of the file src/audiosource/wav/soloudwav.cpp of the component WAV File Parser. Performing a manipulation results in memory corruption. The attack must be initiated from a local...
CVE-2026-3394
A vulnerability was detected in jarikomppa soloud up to 20200207. This affects the function SoLoud::Wav::loadwav of the file src/audiosource/wav/soloudwav.cpp of the component WAV File Parser. Performing a manipulation results in memory corruption. The attack must be initiated from a local...
CVE-2023-3394
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1...
CVE-2022-3394
The WP All Export Pro WordPress plugin before 1.7.9 does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can...
CVE-2021-3394
Millennium Millewin also known as "Cartella clinica" 13.39.028, 13.39.28.3342, and 13.39.146.1 has insecure folder permissions allowing a malicious user for a local privilege escalation...
CVE-2025-3394
Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0...
CVE-2025-3394
creationtimestamp| type| source ---|---|--- 2025-04-30 13:00:03+00:00| seen| https://bsky.app/profile/potato.software/post/3lnztzbfdhz2z 2025-04-30 13:13:40+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14027 2025-04-30 15:31:40+00:00| seen|...
CVE-2025-3394 Vulnerability in user management of Automation Builder
Incorrect Permission Assignment for Critical Resource vulnerability in ABB Automation Builder.This issue affects Automation Builder: through 2.8.0...
CVE-2025-3394
The CVE-2025-3394 entry affects ABB’s Automation Builder up to version 2.8.0 . The issue is described as an Incorrect Permission Assignment for a Critical Resource in the user management component, enabling modification of project/user data and overruling of user management. The vulnerability is ...
CVE-2023-3394
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1...
CVE-2023-3394 Session Fixation in fossbilling/fossbilling
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1...
CVE-2023-3394 Session Fixation in fossbilling/fossbilling
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1...
CVE-2023-3394
The CVE-2023-3394 entry describes a Session Fixation flaw in FossBilling (fossbilling/fossbilling) prior to version 0.5.1. The root cause is failing to regenerate the session identifier (PHPSESSID) after user authentication, allowing an attacker to fix a session before login and potentially acces...
RHEL 8 : pki-core:10.6 (RHSA-2023:3394)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3394 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: pki-core: acces...
CVE-2022-3394 WP All Export Pro < 1.7.9 - Authenticated Code Injection
The WP All Export Pro WordPress plugin before 1.7.9 does not limit some functionality during exports only to users with the Administrator role, allowing any logged in user which has been given privileges to perform exports to execute arbitrary code on the site. By default only administrators can...
CVE-2022-3394
Summary: CVE-2022-3394 affects the WP All Export Pro WordPress plugin. The vulnerability exists in versions before 1.7.9 and stems from insufficient access control during exports, where non-admin users with export privileges can trigger arbitrary code execution on the site. The issue is triggered...
openSUSE: Security Advisory for permissions (SUSE-SU-2022:3394-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...