CVE-2026-3732 Tenda F453 exeCommand strcpy stack-based overflow

A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicl...

CVE-2026-3732

creationtimestamp| type| source ---|---|--- 2026-03-08 10:15:50+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3732 2026-03-08 11:32:32+00:00| seen| https://infosec.exchange/users/offseq/statuses/116193332515592155 2026-03-08 19:38:43+00:00|...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003732)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003732 advisory. In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of...

Linux Distros Unpatched Vulnerability : CVE-2015-3732

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or...

CVE-2011-3732

eggBlog 4.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/fckeditor/editor/dialog/fckspellerpages/spellerpages/server-scripts/spellchecker.php and certain other files...

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0193-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3732-1] sudo security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3732-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès February 03, 2024 https://wiki.debian.org/LTS -...

Rocky Linux 8 : mysql:8.0 (RLSA-2020:3732)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:3732 advisory. mysql: Server: Security: Privileges multiple unspecified vulnerabilities CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774,...

Amazon Linux 2 : microvm-kernel (ALASMICROVM-KERNEL-4.14-2023-002)

The version of microvm-kernel installed on the remote host is prior to 4.14.246-199.474. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2MICROVM-KERNEL-4.14-2023-002 advisory. A flaw was found in the Linux kernel's implementation of wireless drivers using the...

SUSE SLES12 Security Update : postfix (SUSE-SU-2023:3732-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3732-1 advisory. - A Improper Link Resolution Before File Access 'Link Following' vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SU...

FreeBSD : electron{22,23,24,25} -- multiple vulnerabilities (f3a35fb8-2d70-47c9-a516-6aad7eb222b1)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f3a35fb8-2d70-47c9-a516-6aad7eb222b1 advisory. - Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allowed a remote attacker t...

electron{22,23,24,25} -- multiple vulnerabilities

Electron developers report: This update fixes the following vulnerabilities: Security: backported fix for CVE-2023-3732. Security: backported fix for CVE-2023-3728. Security: backported fix for CVE-2023-3730...

CVE-2023-3732

CVE-2023-3732: Out of bounds memory access in Mojo within Google Chrome before 115.0.5790.98 allows a remote attacker who has compromised the renderer process to potentially cause heap corruption via a crafted HTML page. Connected sources confirm this is a Chromium/Chrome vulnerability affecting ...

Chromium: CVE-2023-3732 Out of bounds memory access in Mojo

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Microsoft Edge (Chromium) < 114.0.1901.183 / 115.0.1901.183 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 114.0.1901.183 / 115.0.1901.183. It is, therefore, affected by multiple vulnerabilities as referenced in the July 21, 2023 advisory. - Microsoft Edge Chromium-based Spoofing Vulnerability CVE-2023-35392 - Microsoft Edg...

KLA51267 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface, gain privileges. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Web API Permission...

[SECURITY] [DSA 5456-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5456-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 20, 2023 https://www.debian.org/security/faq -...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-6014-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6014-1 advisory. Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A...

SUSE CVE-2016-3732

The capability check to access other badges in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to read the badges of other users...

CVE-2022-3732

seccome Ehoney contains a SQL injection vulnerability in /api/v1/bait/set triggered by manipulating the Payload argument. The issue affects an unknown functionality and can be exploited remotely. CVSS data indicates high/severe impact across confidentiality, integrity, and availability (up to 9.8...