Lucene search
K

77 matches found

OSV
OSV
added 2026/06/23 11:16 p.m.4 views

MINI-GM3V-3742-WFR6

Bulletin has no description...

6.1CVSS5.7AI score0.00188EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/08 3:2 p.m.5 views

CVE-2026-3742

A vulnerability was detected in YiFang CMS 2.0.5. The impacted element is the function update of the file app/db/admin/DsinglePage.php. Performing a manipulation of the argument Title results in cross site scripting. It is possible to initiate the attack remotely. The exploit is now public and ma...

5.1CVSS4.3AI score0.00196EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003742 advisory. Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more th...

7.5CVSS6.6AI score0.9166EPSS
Exploits1References31
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2012-3742

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Safari in Apple iOS before 6 does not properly restrict use of an unspecified Unicode character that looks similar to the https lock indicator, which allows...

5CVSS5.6AI score0.01917EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-3742

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - decoder/ih264dprocessintramb.c in mediaserver in Android 6.x before 2016-07-01 mishandles intra mode, which allows remote attackers to execute arbitrary code or...

9.8CVSS8.8AI score0.01075EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:39 p.m.3 views

CVE-2020-3742

Adobe Acrobat and Reader versions, 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution...

10CVSS7.7AI score0.05798EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:17 a.m.9 views

CVE-2013-3742

Cross-site scripting XSS vulnerability in viewcreate.php aka the Create View page in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an invalid SQL CREATE VIEW statement with a crafted name that triggers an error message...

3.5CVSS5.8AI score0.01149EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:26 a.m.5 views

CVE-2011-3742

HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/HelpCenter/index.php and certain other files...

5CVSS6.5AI score0.01335EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/05/15 8:30 a.m.15 views

WordPress Responsive Lightbox & Gallery plugin < 2.5.1 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Pierre Rudloff in WordPress Plugin Responsive Lightbox versions 2.5.1...

6.8CVSS6AI score0.00479EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/05/15 6:15 a.m.16 views

CVE-2025-3742

The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.8CVSS0.00479EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 6:0 a.m.51 views

CVE-2025-3742

CVE-2025-3742 affects the WordPress plugin “Responsive Lightbox & Gallery” (pre-2.5.1). The root cause is unvalidated/escaped attributes being output in pages/posts, enabling Stored Cross-Site Scripting for users with the contributor role and above. Impact is stored XSS in affected content, with ...

6.8CVSS5.7AI score0.00479EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/05/15 6:0 a.m.25 views

CVE-2025-3742 Responsive Lightbox & Gallery < 2.5.1 - Contributor+ Stored XSS

The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

0.00479EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 6:0 a.m.14 views

CVE-2025-3742 Responsive Lightbox & Gallery < 2.5.1 - Contributor+ Stored XSS

The Responsive Lightbox & Gallery WordPress plugin before 2.5.1 does not validate and escape some of its attributes before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

6.1AI score0.00479EPSS
Exploits1References1
Circl
Circl
added 2024/11/15 10:54 a.m.11 views

CVE-2021-3742

creationtimestamp| type| source ---|---|--- 2024-11-15 10:54:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113486597712148555 2024-11-15 13:15:51+00:00| seen| https://t.me/cvedetector/11073 2026-07-03 18:37:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mpr6v46ffi23...

8.8CVSS7.1AI score0.00367EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/15 10:51 a.m.11 views

CVE-2021-3742 Server-Side Request Forgery (SSRF) in chatwoot/chatwoot

A Server-Side Request Forgery SSRF vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.5.0. The vulnerability allows an attacker to upload an SVG file containing a malicious SSRF payload. When the SVG file is used as an avatar and opened in a new tab, it can trigg...

7.9CVSS7.1AI score0.00367EPSS
Exploits0References2
CVE
CVE
added 2024/11/15 10:51 a.m.50 views

CVE-2021-3742

Chatwoot/chatwoot before 2.5.0 is affected by a Server-Side Request Forgery (SSRF) via SVG file uploads used as avatars; opening the SVG can trigger SSRF and host redirection. Root cause: SVG handling allows SSRF payloads in uploaded avatars. Impact: host redirection. Remediation: upgrade to 2.5....

8.8CVSS7.8AI score0.00367EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2024/10/22 12:0 a.m.7 views

SUSE: Security Advisory (SUSE-SU-2024:3742-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.3AI score0.04134EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2024/04/27 12:0 a.m.30 views

RHEL 7 : qemu-kvm-rhev (RHSA-2019:3742)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3742 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...

8.8CVSS7.1AI score0.16658EPSS
Exploits4References6
CVE
CVE
added 2024/04/18 10:15 p.m.87 views

CVE-2024-3742

CVE-2024-3742 affects Electrolink FM/DAB/TV Transmitters. Affected devices store credentials in clear-text (eg, controlloLogin.js/login.htm/mail.htm), enabling an attacker to access credentials and gain system access. Unauthenticated credential disclosure is supported by the NUCLEI template; impa...

8.7CVSS6.7AI score0.0143EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/04/18 10:15 p.m.21 views

CVE-2024-3742 Electrolink FM/DAB/TV Transmitter Cleartext Storage of Sensitive Information

Electrolink transmitters store credentials in clear-text. Use of these credentials could allow an attacker to access the system...

8.7CVSS6.8AI score0.0143EPSS
Exploits2References1
Rows per page
Query Builder