CVE-2026-3664

creationtimestamp| type| source ---|---|--- 2026-03-07 17:24:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgidrycgsk2n...

CVE-2026-3664

Affected product: xlnt-community xlnt (up to 1.6.1). Vulnerable component: xlnt::detail::compound_document::read_directory in source/detail/cryptography/compound_document.cpp of the Encrypted XLSX File Parser. Issue type: out-of-bounds read caused by manipulation, with local execution requirement...

EUVD-2026-9070

pypdf: Manipulated RunLengthDecode streams can exhaust RAM...

Linux Distros Unpatched Vulnerability : CVE-2022-3664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as critical has been found in Axiomatic Bento4. Affected is the function AP4BitStream::WriteBytes of the file Ap4BitStream.cpp of the...

CVE-2020-3664

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructu...

CVE-2025-3664

creationtimestamp| type| source ---|---|--- 2025-04-16 03:55:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11987 2025-04-16 06:48:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmvyq7sjai2z 2025-04-16 07:40:07+00:00| seen|...

CVE-2025-3664 TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg access control

A vulnerability, which was classified as critical, was found in TOTOLINK A3700R 9.1.2u.5822B20200513. Affected is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has be...

CVE-2025-3664

TOTOLINK A3700R firmware 9.1.2u.5822_B20200513 is affected by a vulnerability in the /cgi-bin/cstecgi.cgi setWiFiEasyGuestCfg function, enabling improper access controls and remote exploitation. Public exploit details have been disclosed; vendor response is absent in the sources. A patch/version ...

CVE-2025-3664 TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg access control

A vulnerability, which was classified as critical, was found in TOTOLINK A3700R 9.1.2u.5822B20200513. Affected is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has be...

WordPress Quick Featured Images Plugin <= 13.7.0 is vulnerable to Broken Access Control

Software Quick Featured Images Type Plugin Vulnerable versions = 13.7.0 Fixed in 13.7.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3664 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 955c9c9acc5c Credits Lucio Sá Required...

openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2023:3664-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-3664-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-3664

The FileOrganizer WordPress plugin through 1.0.2 does not restrict functionality on multisite instances, allowing site admins to gain full control over the server...

CVE-2023-3664

The CVE-2023-3664 entry concerns the FileOrganizer WordPress plugin. Affected versions are 1.0.2 and earlier, where multisite installations are not restricted, allowing site administrators to gain full control over the server. The underlying issue is improper restriction of functionality on multi...

CVE-2023-3664 FileOrganizer <= 1.0.2 - Admin+ Arbitrary File Access

The FileOrganizer WordPress plugin through 1.0.2 does not restrict functionality on multisite instances, allowing site admins to gain full control over the server...

CVE-2023-3664 FileOrganizer <= 1.0.2 - Admin+ Arbitrary File Access

The FileOrganizer WordPress plugin through 1.0.2 does not restrict functionality on multisite instances, allowing site admins to gain full control over the server...

WordPress FileOrganizer Plugin <= 1.0.2 is vulnerable to Arbitrary File Download

Software FileOrganizer Type Plugin Vulnerable versions = 1.0.2 Fixed in 1.0.3 OWASP Top 10 A5: Security Misconfiguration Classification Arbitrary File Download CVE CVE-2023-3664 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 1dc652566f23 Credits Dmitrii Required privilege...

[SECURITY] [DLA 3336-1] node-url-parse security update

Debian LTS Advisory DLA-3336-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin February 23, 2023 https://wiki.debian.org/LTS Package : node-url-parse Version : 1.2.0-2+deb10u2 CVE ID : CVE-2021-3664 CVE-2021-27515 CVE-2022-0512 CVE-2022-0639 CVE-2022-0686...

Debian: Security Advisory (DLA-3336-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2022-3664

A vulnerability classified as critical has been found in Axiomatic Bento4. Affected is the function AP4BitStream::WriteBytes of the file Ap4BitStream.cpp of the component avcinfo. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has...