CVE-2026-3672

creationtimestamp| type| source ---|---|--- 2026-03-07 21:15:50+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3672...

MiracleLinux 8 : c-ares-1.13.0-6.el8.ML.1 (AXSA:2022-3337:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3337:02 advisory. c-ares: Missing input validation of host names may lead to domain hijacking CVE-2021-3672 Tenable has extracted the preceding description block directly from...

Linux Distros Unpatched Vulnerability : CVE-2012-3672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application...

SUSE-SU-2025:01653-1 Security update for govulncheck-vulndb

This update for govulncheck-vulndb fixes the following issues: - Update to version 0.0.20250515T200012 2025-05-15T20:00:12Z jscPED-11136 GO-2025-3657 GO-2025-3670 GO-2025-3671 GO-2025-3672 GO-2025-3678 GO-2025-3679 GO-2025-3680 GO-2025-3682 GO-2025-3683 GO-2025-3684 GO-2025-3686 GO-2025-3687...

Linux Distros Unpatched Vulnerability : CVE-2016-3672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easi...

Linux Distros Unpatched Vulnerability : CVE-2014-3672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service host disk consumption by writing to stdout or...

CVE-2021-3672 affecting package ceph for versions less than 18.2.2-1

CVE-2021-3672 affecting package ceph for versions less than 18.2.2-1. A patched version of the package is available...

CVE-2021-3672 affecting package pgbouncer for versions less than 1.24.1-1

CVE-2021-3672 affecting package pgbouncer for versions less than 1.24.1-1. This CVE either no longer is or was never applicable...

CVE-2021-3672 affecting package pgbouncer 1.16.1-1

CVE-2021-3672 affecting package pgbouncer 1.16.1-1. This CVE either no longer is or was never applicable...

openSUSE: Security Advisory for the Linux Kernel (Live Patch 27 for SLE 15 SP4) (SUSE-SU-2024:3672-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 6.02 : c-ares Multiple Vulnerabilities (NS-SA-2024-0066)

The remote NewStart CGSL host, running version MAIN 6.02, has c-ares packages installed that are affected by multiple vulnerabilities: - A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnam...

RHEL 5 : xen (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xsa224 xen: grant table operations mishandle reference counts XSA-224 CVE-2017-10921 - The qemu...

CVE-2024-3672

The BA Book Everything plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'all-items' shortcode in all versions up to, and including, 1.6.8 due to insufficient input sanitization and output escaping on user supplied attributes such as 'classes'. This makes it...

CVE-2024-3672

CVE-2024-3672 affects BA Book Everything, a WordPress plugin. It describes Stored Cross‑Site Scripting via the plugin’s all-items shortcode in all versions up to and including 1.6.8, caused by insufficient input sanitization and output escaping for user-supplied attributes (e.g., classes). The vu...

Amazon Linux 2 : c-ares (ALAS-2024-2399)

The version of c-ares installed on the remote host is prior to 1.10.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2399 advisory. A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Serve...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Liblouis vulnerabilities (USN-3672-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3672-1 advisory. Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this to execute arbitrary...

BELL-CVE-2021-3672 CVE-2021-3672 does not affect BellSoft software

Bulletin has no description...

CVE-2023-3672

creationtimestamp| type| source ---|---|--- 2023-07-14 14:17:11+00:00| seen| https://t.me/cibsecurity/66723...

CVE-2023-3672

Cross-site Scripting XSS - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5...

CVE-2023-3672 Cross-site Scripting (XSS) - DOM in plaidweb/webmention.js

Cross-site Scripting XSS - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5...