78 matches found
CVE-2026-3419
creationtimestamp| type| source ---|---|--- 2026-03-06 17:35:06+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3mgftwl2fd22u 2026-03-06 18:10:05+00:00| seen| https://gist.github.com/alon710/19702ece4abcb34c736232a7be14a18b 2026-03-06 19:47:19+00:00| seen|...
@amedia/brick-mcp (>=0.0.0-vSNAPSHOT-20260217144000 <=1.0.0), @area15/ticket-component (=0.1.0) +73 more potentially affected by CVE-2026-3419 via fastify (>=5.7.2 <=5.7.4)
fastify NPM version =5.7.2, =0.0.0-vSNAPSHOT-20260217144000, =0.5.2, =0.5.2, =0.5.2, =0.5.2, =0.2.11, =2.4.2-next.143, =2.4.2-next.143, =2.4.2-next.143, =2.4.2-next.143, =2.11.6, =5.1.19, =2.21.2, =2.21.2, =2.21.3 and more Source cves: CVE-2026-3419 Source advisory: OSV:GHSA-573F-X89G-HQP9...
@amedia/brick-mcp (>=0.0.0-vSNAPSHOT-20260217144000 <=1.0.0), @area15/ticket-component (=0.1.0) +73 more potentially affected by CVE-2026-3419 via fastify (>=5.7.2 <=5.7.4)
fastify NPM version =5.7.2, =0.0.0-vSNAPSHOT-20260217144000, =0.5.2, =0.5.2, =0.5.2, =0.5.2, =0.2.11, =2.4.2-next.143, =2.4.2-next.143, =2.4.2-next.143, =2.4.2-next.143, =2.11.6, =5.1.19, =2.21.2, =2.21.2, =2.21.3 and more Source cves: CVE-2026-3419 Source advisory: SNYK:JS-FASTIFY-15428269...
EUVD-2026-3419
IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory...
Exploit for External Control of File Name or Path in Themewinter Eventin
CVE-2025-3419 - WordPress Eventin = 4.0.26 - Arbitrary File R...
CVE-2025-3419
creationtimestamp| type| source ---|---|--- 2025-05-08 06:23:08+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15476 2025-05-08 08:30:14+00:00| seen| Telegram/AeGByFiQGAtCKbtKhIFFySTjzGU9I6nn4wPbRxRvXqDYexs 2025-05-08 09:14:16+00:00| seen| https://t.me/cvedetector/24788 2025-06-06...
CVE-2023-3419
The tagDiv Opt-In Builder plugin is vulnerable to Blind SQL Injection via the 'couponId' parameter of the 'recreatestripesubscription' REST API endpoint in versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2023-3419 tagDiv Opt-In Builder <= 1.4.4 - Authenticated (Admin+) SQL Injection
The tagDiv Opt-In Builder plugin is vulnerable to Blind SQL Injection via the 'couponId' parameter of the 'recreatestripesubscription' REST API endpoint in versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2024-3419
CVE-2024-3419 affects SourceCodester Online Courseware 1.0; SQL injection via the id parameter in admin/edit.php is the root cause. The vulnerability is exploitable remotely and exploits have been publicly disclosed. No patch/version fix details are provided in the connected documents. Mitigation...
CVE-2024-3419 SourceCodester Online Courseware edit.php sql injection
A vulnerability has been found in SourceCodester Online Courseware 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file admin/edit.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit ha...
Oracle Linux 8 : libtiff (ELSA-2019-3419)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3419 advisory. - Fix DIVIDEBYZERO in patch for CVE-2018-12900 1595579 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...
Debian dla-3419 : gir1.2-javascriptcoregtk-4.0 - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3419 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3419-1 [email protected]...
SUSE CVE-2012-3419
Performance Co-Pilot PCP before 3.6.5 exports some of the /proc file system, which allows attackers to obtain sensitive information such as proc/pid/maps and command line arguments...
CVE-2022-3419 Automatic User Roles Switcher < 1.1.2 - Subscriber+ Privilege Escalation
The Automatic User Roles Switcher WordPress plugin before 1.1.2 does not have authorisation and proper CSRF checks, allowing any authenticated users like subscriber to add any role to themselves, such as administrator...
CVE-2022-3419 Automatic User Roles Switcher < 1.1.2 - Subscriber+ Privilege Escalation
The Automatic User Roles Switcher WordPress plugin before 1.1.2 does not have authorisation and proper CSRF checks, allowing any authenticated users like subscriber to add any role to themselves, such as administrator...
CVE-2022-3419
CVE-2022-3419 affects the WordPress plugin Automatic User Roles Switcher (versions prior to 1.1.2). The root cause is missing authorization checks and CSRF protections, enabling any authenticated user (e.g., subscriber) to grant themselves higher privileges, including administrator. According to ...
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:1942-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2021:1942-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:1947-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : xen (SUSE-SU-2021:14702-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14702-1 advisory. - REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none. CVE-2021-3419 Note...