@tanstack/react-start (>=1.142.11 <=1.161.3), @tanstack/react-start-client (>=1.142.11 <=1.161.3) +11 more potentially affected by unknown CVE via @tanstack/start-fn-stubs (>=1.142.9 <=1.154.7)

@tanstack/start-fn-stubs NPM version =1.142.9, =1.142.11, =1.142.11, =1.142.11, =1.142.11, =1.142.9, =1.142.11, =1.142.9, =1.142.11, =1.142.11, =1.142.10, =1.142.11, =1.142.9, =1.142.11, =1.161.3 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3488...

CVE-2026-3488

creationtimestamp| type| source ---|---|--- 2026-04-17 06:40:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjocvxxt7e2r 2026-04-17 09:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mjomjoorfa2h...

Security Bulletin: Due to use of Netty, IBM Operations Analytics - Log Analysis is affected by denial of service, information disclosure, and HTTP request smuggling

Summary Netty in Apache ZooKeeper and Logstash is used by IBM Operations Analytics - Log Analysis as part of the client/server network transport layer, and network-related plugins for protocol and event transport. CVE-2014-0193, CVE-2014-3488, CVE-2015-2156, CVE-2019-20444, CVE-2024-47535,...

MINI-3488-9P3M-VPJV

Bulletin has no description...

EUVD-2026-3488

A weakness has been identified in MineAdmin 1.x/2.x. This impacts the function refresh of the file /system/refresh of the component JWT Token Handler. This manipulation causes insufficient verification of data authenticity. It is possible to initiate the attack remotely. The attack is considered ...

MiracleLinux 3 : postgresql-8.1.23-6.0.1.AXS3 (AXSA:2012-1005:03)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-1005:03 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and...

CVE-2024-3488

File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication...

CVE-2006-3488

Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in the Pasta parameter when link=util, acao=ftp, and acaba=sim...

CVE-2025-3488

creationtimestamp| type| source ---|---|--- 2025-05-02 06:15:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14446 2025-05-02 08:00:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo6e7pxorw2h 2025-05-02 09:15:15+00:00| seen| https://t.me/cvedetector/24334...

CVE-2025-3488

The CVE-2025-3488 entry concerns the WPML Multilingual CMS WordPress plugin. It describes a Stored Cross-Site Scripting (XSS) vulnerability in the wpml_language_switcher shortcode for plugin versions 3.6.0 through 4.7.3, caused by insufficient input sanitization and output escaping on user-suppli...

CVE-2025-3488 WPML Multilingual CMS 3.6.0 - 4.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpml_language_switcher Shortcode

The WPML plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmllanguageswitcher shortcode in versions 3.6.0 - 4.7.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

Sony Network Cameras Heap-based Buffer Overflow (CVE-2007-3488)

Heap-based buffer overflow in the viewer ActiveX control in Sony Network Camera SNC-RZ25N before 1.30; SNC-P1 and SNC-P5 before 1.29; SNC-CS10 and SNC-CS11 before 1.06; SNC-DF40N and SNC-DF70N before 1.18; SNC-RZ50N and SNC-CS50N before 2.22; SNC-DF85N, SNC-DF80N, and SNC-DF50N before 1.12; and...

CVE-2024-3488

File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication...

CVE-2024-3488 File Upload vulnerability in unauthenticated session found in iManager.

File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication...

CVE-2024-3488

CVE-2024-3488 concerns OpenText iManager 3.2.6.0200 with a file-upload vulnerability in an unauthenticated session. Multiple connected sources confirm that an attacker could upload a file without authentication, potentially affecting confidentiality, integrity, and availability of the system as r...

CVE-2024-3488 File Upload vulnerability in unauthenticated session found in iManager.

File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication...

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2023-3488)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Spectrum Conductor with ISC BIND is vulnerable to a denial of service

Summary IBM Spectrum Conductor with ISC BIND is vulnerable to a denial of service Vulnerability Details CVEID:CVE-2022-3488 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an error related to the processing of repeated responses to the same query, where both responses contai...

CVE-2023-3488

creationtimestamp| type| source ---|---|--- 2023-07-28 20:29:33+00:00| seen| https://t.me/cibsecurity/67393...

CVE-2023-3488 Uninitialized variable in Gecko Bootloader can leak secure stack

Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file...