GHSA-3645-FXCV-HQR4

creationtimestamp| type| source ---|---|--- 2026-02-27 04:00:18+00:00| seen| https://gist.github.com/alon710/bbb2b9f63be691f9cd5588ec4822d51e...

Linux Distros Unpatched Vulnerability : CVE-2025-3645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle. Insufficient capability checks in a messaging web service allowed users to view other users' names and online statuses. CVE-2025-364...

Linux Distros Unpatched Vulnerability : CVE-2017-3645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.18 and earlier. Easily...

CVE-2021-3645

merge is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

CVE-2020-3645

Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

CVE-2025-3645

A flaw was found in Moodle. Insufficient capability checks in a messaging web service allowed users to view other users' names and online statuses...

Linux Distros Unpatched Vulnerability : CVE-2014-3645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to...

WordPress Essential Addons for Elementor Pro Plugin <= 5.8.11 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Pro Type Plugin Vulnerable versions = 5.8.11 Fixed in 5.8.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3645 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID eab61f9d0ab1 Credits Ngô...

CVE-2007-3645

creationtimestamp| type| source ---|---|--- 2024-03-25 11:49:23+00:00| seen| https://t.me/ETHICALHACKERSCOMMUNITY2/3889 2024-03-25 14:38:09+00:00| seen| Telegram/HKj6TR4hMohrGsEUcNFDijNGdim3MCZhggfzha3EYtXw 2024-03-25 14:38:09+00:00| seen| https://t.me/tengkorakcybercrewz/4400 2024-03-25...

CVE-2023-3645 Contact Form Builder by Bit Form < 2.2.0 - Admin+ Stored XSS

The Contact Form Builder by Bit Form WordPress plugin before 2.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

CVE-2023-3645

CVE-2023-3645 affects the WordPress plugin Contact Form Builder by Bit Form (pre-2.2.0). Vulnerability: Stored XSS due to insufficient sanitization/escaping of settings, enabling admin+ attackers to inject scripts even when unfiltered_html is disallowed (e.g., multisite). Affected product/version...

WordPress Bit Form – Contact Form Plugin Plugin < 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software Bit Form – Contact Form Plugin Type Plugin Vulnerable versions 2.2.0 Fixed in 2.2.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3645 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b2583fb097cb Credits Dipak Panch...

K15912: Linux kernel driver vulnerabilities CVE-2014-3185, CVE-2014-3611, CVE-2014-3645, and CVE-2014-3646

Security Advisory Description CVE-2014-3185 Multiple buffer overflows in the commandportreadcallback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of...

K14713331: MySQL Optimizer vulnerabilities CVE-2017-3638, CVE-2017-3642, and CVE-2017-3645

Security Advisory Description CVE-2017-3638 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

SUSE CVE-2010-3645

Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service memory corruption via unknown vectors, a different vulnerability...

Ubuntu: Security Advisory (USN-2417-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2418-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-3645

merge is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...

CVE-2021-3645

CVE-2021-3645 concerns the npm package viking04/merge , described across connected documents as vulnerable to Prototype Pollution : Improperly Controlled Modification of Object Prototype Attributes. The Red Hat, Veracode, and OSV entries all reiterate the same issue, highlighting that an attacker...

CVE-2021-3645 Prototype Pollution in viking04/merge

merge is vulnerable to Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution'...