MINI-3638-P33P-666C

Bulletin has no description...

MINI-3638-Q844-WCF4

Bulletin has no description...

MINI-3638-7J8F-8QGC

Bulletin has no description...

CVE-2026-3638

creationtimestamp| type| source ---|---|--- 2026-03-09 19:30:13+00:00| seen| https://infosec.exchange/users/offseq/statuses/116200873186129950...

CVE-2026-3638

CVE-2026-3638 : Multiple sources (NVD, Red Hat, ENISA, CVE List) describe an improper access control flaw in Devolutions Server up to version 2025.3.11.0. A low-privileged, authenticated user can restore deleted users and roles via crafted API requests on the user/role restore endpoints. Document...

Linux Distros Unpatched Vulnerability : CVE-2025-3638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery CSRF...

CGA-3638-3329-35V8

Bulletin has no description...

CVE-2025-3638

creationtimestamp| type| source ---|---|--- 2025-04-25 17:19:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnnq75awk32r 2025-04-25 19:48:21+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114400329815274389 2025-04-26 03:42:03+00:00| seen|...

CVE-2025-3638

A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery CSRF risk...

CVE-2025-3638 Moodle: csrf risk in brickfield tool's analysis request action

A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request forgery CSRF risk...

Linux Distros Unpatched Vulnerability : CVE-2022-3638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was n...

Linux Distros Unpatched Vulnerability : CVE-2014-3638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The busconnectionscheckreply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service CPU...

CVE-2019-3638

Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway MWG 7.8.x prior to 7.8.2.13 allows remote attackers to collect sensitive information or execute commands with the MWG administrator's credentials via tricking the administrator to click on a carefully...

GeoVision GV-ADR2701 Improper Authentication (CVE-2023-3638)

In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web application. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

SUSE SLES15 Security Update : kernel RT (Live Patch 6 for SLE 15 SP5) (SUSE-SU-2024:3638-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3638-1 advisory. This update for the Linux Kernel 5.14.21-1505001321 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed...

CVE-2024-3638 Elementor Addons by Livemesh <= 8.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Marquee Text Widget, Testimonials Widget, and Testimonial Slider Widgets

The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Marquee Text Widget, Testimonials Widget, and Testimonial Slider widgets in all versions up to, and including, 8.4.1 due to insufficient input sanitization and output escaping on us...

CVE-2024-3638

CVE-2024-3638 affects Elementor Addons by Livemesh (WordPress). Stored XSS via Marquee Text, Testimonials, and Testimonial Slider widgets in all versions

WordPress Livemesh Addons for Elementor Plugin <= 8.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Livemesh Addons for Elementor Type Plugin Vulnerable versions = 8.4.1 Fixed in 8.4.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3638 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8c5eeeb75963 Credits Webbernaut...

Ubuntu: Security Advisory (USN-6567-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6567-2: QEMU regression

USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in certain environments. This update fixes the problem. Original advisory details: Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the...