CVE-2026-3609

creationtimestamp| type| source ---|---|--- 2026-05-12 09:00:05+00:00| seen| https://t.me/GithubRedTeam/83906 2026-05-12 15:00:07+00:00| seen| Telegram/88YkBdmMMIAUjkN-cy3WAm2Yboedxaf0GfTYOA3KafU0qTc...

MiracleLinux 4 : squid-3.1.10-22.AXS4 (AXSA:2014-517:03)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-517:03 advisory. Description : Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional...

MiracleLinux 3 : cups-1.3.7-11.3.1AXS3 (AXSA:2009-414:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-414:03 advisory. The Common UNIX Printing System provides a portable printing layer for UNIX operating systems. It has been developed by Easy Software Products to...

MiracleLinux 3 : poppler-0.5.4-4.4.11.1AXS3 (AXSA:2009-413:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-413:02 advisory. Poppler, a PDF rendering library, it's a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC. Security bugs fixed with this...

Siemens SIMATIC Devices Use After Free (CVE-2023-3609)

A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails, u32setparms will immediately return an error after incrementing or decrementing the reference counter in tcfbindfilter. If an attacker...

Linux Distros Unpatched Vulnerability : CVE-2021-3609

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash...

CVE-2022-3609

The GetYourGuide Ticketing WordPress plugin before 1.0.4 does not sanitise and escape some parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-3609

The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'realesusersignupform' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for...

CVE-2025-3609

The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'realesusersignupform' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for...

CVE-2025-3609

creationtimestamp| type| source ---|---|--- 2025-05-06 02:21:54+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15025 2025-05-06 02:21:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15026 2025-05-06 06:06:37+00:00| seen| https://t.me/cvedetector/24534 2025-05-06 06:06:38+00:00| seen|...

CVE-2025-3609 Reales WP STPT <= 2.1.2 - Unauthorized User Registration

The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'realesusersignupform' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for...

CVE-2025-3609 Reales WP STPT <= 2.1.2 - Unauthorized User Registration

The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'realesusersignupform' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for...

WordPress Reales WP STPT plugin <= 2.1.2 - Unauthorized User Registration vulnerability

Unauthorized User Registration vulnerability discovered by Foxyyy in WordPress Plugin Reales WP STPT versions = 2.1.2...

Linux Distros Unpatched Vulnerability : CVE-2023-3609

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability in the Linux kernel's net/sched: clsu32 component can be exploited to achieve local privilege escalation. If tcfchangeindev fails...

Linux Distros Unpatched Vulnerability : CVE-2014-3609

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to cause a denial of service crash via a request with crafted Range...

SUSE: Security Advisory (SUSE-SU-2023:3391-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CBL Mariner 2.0 Security Update: libdb (CVE-2017-3609)

The version of libdb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-3609 advisory. - Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Pri...

CVE-2024-3609

The ReviewX – Multi-criteria Rating & Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized deletion of data due to a missing capability check on the reviewxremoveguestimage function in all versions up to, and including, 1.6.27. This makes it possible for authenticated...

CVE-2024-3609 ReviewX – Multi-criteria Rating & Reviews for WooCommerce <= 1.6.27 - Missing Authorization

The ReviewX – Multi-criteria Rating & Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized deletion of data due to a missing capability check on the reviewxremoveguestimage function in all versions up to, and including, 1.6.27. This makes it possible for authenticated...

WordPress ReviewX Plugin <= 1.6.27 is vulnerable to Broken Access Control

Software ReviewX Type Plugin Vulnerable versions = 1.6.27 Fixed in 1.6.28 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3609 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ba8ab4855491 Credits Lucio Sá Required privilege Subscrib...