MINI-3743-W76P-VC95

Bulletin has no description...

CVE-2026-3743

A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...

CVE-2026-3743

YiFang CMS 2.0.5 contains an XSS flaw in the update path for file app/db/admin/D_singlePageGroup.php. Manipulating the Name argument enables cross-site scripting, and the attack can be launched remotely. Public exploit and details exist; vendor was contacted but did not respond. No remediation de...

CGA-95P5-5MPQ-3743

Bulletin has no description...

EUVD-2026-3743

Malicious code in hw-app-eth npm...

MiracleLinux 3 : drupal-6.4-1AXS3 (AXSA:2008-285:02)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2008-285:02 advisory. Drupal is a free CMS Content Management System software package that allows an individual or a community of users to easily publish, manage and...

MiracleLinux 4 : ghostscript-8.70-11.AXS4.6 (AXSA:2012-100:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-100:01 advisory. Ghostscript is a set of software that provides a PostScript interpreter, a set of C procedures the Ghostscript library, which implements the graphics...

SUSE SLES15 / openSUSE 15 Security Update : libxslt (SUSE-SU-2025:3743-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3743-1 advisory. - CVE-2025-11731: fixed a type confusion in exsltFuncResultComp function that could cause a denial of service bsc1251979 Tenab...

Linux Distros Unpatched Vulnerability : CVE-2016-3743

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-07-01 does not initialize certain data structures, which allows remote attackers to execute...

CVE-2020-3743

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2011-3743

Hesk 2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/footer.inc.php and certain other files...

CVE-2025-3743

The Upsell Funnel Builder for WooCommerce plugin for WordPress is vulnerable to order manipulation in all versions up to, and including, 3.0.0. This is due to the plugin allowing the additional product ID and discount field to be manipulated prior to processing via the 'addofferincart' function...

CVE-2025-3743 Upsell Funnel Builder for WooCommerce <= 3.0.0 - Unauthenticated Order Manipulation

The Upsell Funnel Builder for WooCommerce plugin for WordPress is vulnerable to order manipulation in all versions up to, and including, 3.0.0. This is due to the plugin allowing the additional product ID and discount field to be manipulated prior to processing via the 'addofferincart' function...

CVE-2025-3743

The Upsell Funnel Builder for WooCommerce plugin for WordPress (versions

WordPress Upsell Funnel Builder for WooCommerce plugin <= 3.0.0 - Unauthenticated Order Manipulation vulnerability

Unauthenticated Order Manipulation vulnerability discovered by p4 in WordPress Plugin Upsell Order Bump Offer for WooCommerce versions = 3.0.0...

CVE-2024-3743

CVE-2024-3743 affects the Elementor Addon Elements plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) in the Image Stack Group, Shape Separator, Content Switcher, Info Circle and Timeline widgets caused by insufficient input sanitization and output escaping. It affects...

RHEL 7 : openstack-octavia (RHSA-2019:3743)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:3743 advisory. The OpenStack Load Balancing service openstack-octavia provides a Load Balancing-as-a-Service LBaaS version 2 implementation for Red Hat OpenStack...

CVE-2022-3743

creationtimestamp| type| source ---|---|--- 2023-08-24 00:14:15+00:00| seen| https://t.me/cibsecurity/69093...

CVE-2022-3743

The CVE-2022-3743 entry concerns Lenovo consumer notebooks with LCFC BIOS. A local attacker with elevated privileges could enumerate Embedded Controller (EC) commands under certain conditions, enabling information disclosure (confidentiality impact). Affected component: LCFC BIOS on Lenovo consum...

CVE-2023-3743

creationtimestamp| type| source ---|---|--- 2023-07-18 16:30:56+00:00| seen| https://t.me/cibsecurity/66887...