MiracleLinux 7 : kernel-3.10.0-1160.42.2.el7 (AXSA:2021-2411:20)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2411:20 advisory. kernel: use-after-free in route4change in net/sched/clsroute.c CVE-2021-3715 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : bash-5.1.8-6.el9 (AXSA:2023-4862:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4862:01 advisory. bash: a heap-buffer-overflow in validparametertransform CVE-2022-3715 Tenable has extracted the preceding description block directly from the MiracleLinux...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2022-3715)

A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parametertransform. This issue may lead to memory problems. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...

EUVD-2007-4272

Malware in sbrugna...

EUVD-2007-3700

Malware in sbrugna...

EUVD-2023-0612

Malicious code in bioql PyPI...

CVE-2020-3715

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure...

CVE-2011-3715

ClanTiger 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/statistics.php and certain other files...

CVE-2025-3715

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-text parameter in all versions up to, and including, 5.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2025-3715 Bold Page Builder <= 5.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'data-text' Parameter

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-text parameter in all versions up to, and including, 5.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2025-3715 Bold Page Builder <= 5.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'data-text' Parameter

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-text parameter in all versions up to, and including, 5.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

Linux Distros Unpatched Vulnerability : CVE-2022-3715

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parametertransform. This issue may lead to memory problems. CVE-2022-3715...

Security Bulletin: Execution Engine for Apache Hadoop is vulnerable to heap-based buffer overflow and remote attacker to bypass security restrictions

Summary bash, curl are used by Execution Engine for Apache Hadoop in all the components. CVE-2022-3715, CVE-2022-32221, CVE-2022-32207, CVE-2023-38545, CVE-2022-22576, CVE-2022-27781, CVE-2021-22926, CVE-2021-22946, CVE-2022-27782, CVE-2023-28319, CVE-2022-32206, CVE-2021-22922, CVE-2023-23916,...

CVE-2022-3715 affecting package bash 4.4.23-1

CVE-2022-3715 affecting package bash 4.4.23-1. This CVE either no longer is or was never applicable...

CentOS 7 : kpatch-patch (RHSA-2021:3441)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3441 advisory. - A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classificatio...

RHEL 6 : bash (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bash: BASHCMD is writable in restricted bash shells CVE-2019-9924 - bash: a heap-buffer-overflow in...

USN-6697-1: Bash vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that Bash incorrectly handled certain memory operations when processing commands. If a user or automated system were tricked into running a specially crafted bash file, a remote attacker...

WordPress Contact Form Entries Plugin <= 1.3.8 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form Entries Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3715 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 05aa510d5273 Credits Tim Coen...

Ubuntu 22.04 LTS : Bash vulnerability (USN-6697-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6697-1 advisory. It was discovered that Bash incorrectly handled certain memory operations when processing commands. If a user or automated system were tricked into running a...

CVE-2022-3715

creationtimestamp| type| source ---|---|--- 2023-11-17 09:53:40+00:00| seen| https://t.me/arpsyndicate/252...