CVE-2026-3515

A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...

CVE-2026-3515 Argument Injection in prefecthq/prefect

A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...

CVE-2026-3515

CVE-2026-3515 affects Prefect 3.6.18, specifically the GitHubRepository block of the prefect-github integration. The vulnerability lies in how the reference field is concatenated into a git clone command and then parsed with shlex.split(), allowing an attacker to inject arbitrary git options (e.g...

MiracleLinux 7 : libksba-1.3.0-6.el7 (AXSA:2022-3916:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3916:02 advisory. libksba: integer overflow may lead to remote code execution CVE-2022-3515 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 8 : libksba-1.3.5-8.el8 (AXSA:2022-3913:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3913:01 advisory. libksba: integer overflow may lead to remote code execution CVE-2022-3515 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 9 : libksba-1.5.1-5.el9 (AXSA:2022-4086:03)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4086:03 advisory. libksba: integer overflow may lead to remote code execution CVE-2022-3515 Tenable has extracted the preceding description block directly from the MiracleLinu...

MiracleLinux 3 : kvm-83-266.0.1.AXS3.1 (AXSA:2014-242:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-242:01 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.295.AXS4.2 (AXSA:2012-912:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-912:03 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

TencentOS Server 4: libksba (TSSA-2024:0359)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0359 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-20710

CVE-2025-20710 affects the wlan AP driver in MediaTek chipsets, with an out-of-bounds write caused by an integer overflow. This could enable remote (proximal/adjacent) privilege escalation without user interaction. A patch is referenced (Patch ID: WCNCR00418785; Issue ID: MSV-3515). The public do...

Security Bulletin: Multiple Vulnerabilities in IBM Edge Application Manager

Summary Multiple vulnerabilities were addressed in IBM Edge Application Manager 5.0.1 Vulnerability Details CVEID:CVE-2023-0286 DESCRIPTION: There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but t...

EUVD-2006-3661

Malware in sbrugna...

Exploit for Unrestricted Upload of File with Dangerous Type in Codedropz Drag_And_Drop_Multiple_File_Upload_-_Contact_Form_7

CVE-2025-3515 WordPress Lab Drag and Drop Multiple File Uploa...

CVE-2025-3515

creationtimestamp| type| source ---|---|--- 2025-06-17 09:41:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18573 2025-06-17 10:01:14+00:00| published-proof-of-concept| Telegram/ONimq940-aml-ziaQNnPitR2a4dvARau7ekaKGXqYn5E4A 2025-06-17 11:03:08+00:00| seen|...

CVE-2025-3515 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and...

CVE-2025-3515 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and...

CVE-2025-3515

CVE-2025-3515 affects the WordPress plugin “Drag and Drop Multiple File Upload for Contact Form 7” (versions ≤ 1.3.8.9). Affected component: inc/dnd-upload-cf7.php (function dnd_upload_cf7_upload). Root cause: insufficient file-type validation enabled by a blacklist bypass, allowing unauthenticat...

WordPress Drag and Drop Multiple File Upload for Contact Form 7 plugin <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks vulnerability

Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks vulnerability discovered by mikemyers in WordPress Plugin Drag and Drop Multiple File Upload – Contact Form 7 versions = 1.3.8.9...

Alibaba Cloud Linux 3 : 0174: libksba (ALINUX3-SA-2022:0174)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0174 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-3515: RESERVED This candidate has been...

Photon OS 5.0: Libksba PHSA-2024-5.0-0424

An update of the libksba package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0424. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...