CVE-2025-3716 User enumeration in ESET Protect (on-prem)

User enumeration in ESET Protect on-prem via Response Timing...

CVE-2026-3716

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This vulnerability affects the function sub401AD4 of the file /cgi-bin/adm.cgi. Executing a manipulation of the argument Hostname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

CVE-2026-3716

creationtimestamp| type| source ---|---|--- 2026-03-08 07:15:59+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3716...

CVE-2026-3716 Wavlink WL-WN579X3-C adm.cgi sub_401AD4 cross site scripting

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This vulnerability affects the function sub401AD4 of the file /cgi-bin/adm.cgi. Executing a manipulation of the argument Hostname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

EUVD-2026-3716

Malicious code in coolpackage2323 PyPI...

CVE-2024-3716

creationtimestamp| type| source ---|---|--- 2025-10-10 13:13:51+00:00| seen| Telegram/A4EGn-qdnXtWVFewAAJ5OI0dPB75PR9DBOchoGUqQicgVY...

TencentOS Server 3: nbdkit (TSSA-2022:0276)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0276 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2020-3716

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2011-3716

Claroline 1.9.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by work/connector/linker.cnr.php and certain other files...

Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Summary Cloud Pak for Security CP4S v1.8.1.0 and earlier uses packages that are vulnerable to several CVEs. These have been remediated in the latest product release. Please see below for CVE details and the Remediation section for upgrade instructions. Vulnerability Details CVEID:CVE-2015-8985...

Linux Distros Unpatched Vulnerability : CVE-2016-3716

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image. CVE-2016-3716 Note that...

CVE-2021-3716 affecting package nbdkit 1.20.7-5

CVE-2021-3716 affecting package nbdkit 1.20.7-5. This CVE either no longer is or was never applicable...

CVE-2024-3716 Foreman-installer: candlepin database password being leaked to local users via the process list

A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password...

CVE-2024-3716

CVE-2024-3716 affects foreman-installer when puppet-candlepin is invoked with cpdb using the --password parameter. The flaw causes the password to be exposed in the process list, enabling a local attacker with access to the host to obtain the credential. The description does not specify a vendor-...

CVE-2024-3716 Foreman-installer: candlepin database password being leaked to local users via the process list

A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password...

RHEL 8 : 8.3_nbdkit (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nbdkit: NBDOPTSTRUCTUREDREPLY injection on STARTTLS CVE-2021-3716 Note that Nessus has not tested for this issue bu...

CVE-2023-3716

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oduyo Online Collection Software allows SQL Injection. This issue affects Online Collection Software: before 1.0.1...

CVE-2023-3716

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oduyo Online Collection Software allows SQL Injection. This issue affects Online Collection Software: before 1.0.1...

CVE-2023-3716 SQLi in Oduyo Online Collection Software

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Oduyo Online Collection Software allows SQL Injection. This issue affects Online Collection Software: before 1.0.1...

CVE-2023-3716

CVE-2023-3716 describes an SQL injection vulnerability in Oduyo Online Collection Software prior to version 1.0.1. The issue arises from improper neutralization of special elements in SQL commands, allowing an attacker to manipulate queries. Affected component is the Online Collection Software (v...