CVE-2026-3433 Mattermost fails to scope role_updated websocket events to authorized team and channel members

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15, 10.11.x = 10.11.16 fail to restrict roleupdated websocket event broadcasts to members of the affected team or channel which allows an authenticated attacker with guest-level access to observe permission scheme change...

MINI-PG4V-5HX8-3433

Bulletin has no description...

EUVD-2026-3433

The NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting via the 'nx-preview' POST parameter in all versions up to, and including, 3.2.0. Thi...

MiracleLinux 3 : postgresql-8.1.22-1.1.0.1.AXS3 (AXSA:2010-459:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-459:02 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and...

CGA-3433-CV65-43CR

Bulletin has no description...

EUVD-2010-3760

Malware in sbrugna...

CVE-2024-3433

A vulnerability classified as problematic has been found in PuneethReddyHC Event Management 1.0. Affected is an unknown function of the file /backend/register.php. The manipulation of the argument eventid/fullname/email/mobile/college/branch leads to cross site scripting. It is possible to launch...

CVE-2008-3433

SpeedBit Download Accelerator Plus DAP before 8.6.3.9 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning...

CVE-2025-3433

creationtimestamp| type| source ---|---|--- 2025-04-08 08:46:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10883 2025-04-08 13:59:49+00:00| seen| https://t.me/cvedetector/22441...

CVE-2025-3433 Advanced Advertising System <= 1.3.1 - Open Redirect

The Advanced Advertising System plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.3.1. This is due to insufficient validation on the redirect url supplied via the 'redir' parameter. This makes it possible for unauthenticated attackers to redirect users to...

CVE-2025-3433 Advanced Advertising System <= 1.3.1 - Open Redirect

The Advanced Advertising System plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 1.3.1. This is due to insufficient validation on the redirect url supplied via the 'redir' parameter. This makes it possible for unauthenticated attackers to redirect users to...

WordPress Advanced Advertising System plugin <= 1.3.1 - Open Redirect vulnerability

Open Redirect vulnerability discovered by Gabriele Zuddas in WordPress Plugin Advanced Advertising System versions = 1.3.1...

Linux Distros Unpatched Vulnerability : CVE-2022-3433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse this flaw to produce a hash collision in the underlying...

SUSE SLES15: libfpm_pb0 / libospf0 / libospfapiclient0 / libquagga_pb0 / etc (SUSE-SU-2024:3433-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3433-1 advisory. - CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. bsc1230866 - CVE-2024-44070: cra...

CGA-3433-JRRM-RH79

Bulletin has no description...

Moderate: Red Hat Security Advisory: protobuf security update

An update for protobuf is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 8 : protobuf (RHSA-2024:3433)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3433 advisory. The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet...

CVE-2024-3433 PuneethReddyHC Event Management register.php cross site scripting

A vulnerability classified as problematic has been found in PuneethReddyHC Event Management 1.0. Affected is an unknown function of the file /backend/register.php. The manipulation of the argument eventid/fullname/email/mobile/college/branch leads to cross site scripting. It is possible to launch...

openSUSE: Security Advisory for indent (SUSE-SU-2023:3433-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : webkit2gtk3 (CESA-2023:3433)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:3433 advisory. - An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and...