RLSA-2023:6980 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

An update is available for seabios, swtpm, perl-Sys-Virt, module.supermin, module.libiscsi, module.libvirt-dbus, libvirt-dbus, module.swtpm, module.virt-v2v, module.sgabios, module.perl-Sys-Virt, libvirt-python, module.libvirt-python, netcf, module.netcf, module.seabios, module.libguestfs, hivex,...

CVE-2026-3750

creationtimestamp| type| source ---|---|--- 2026-03-08 16:16:08+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3750...

MiracleLinux 9 : libvirt-9.5.0-7.el9.ML.1 (AXSA:2023-7009:11)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7009:11 advisory. libvirt: improper locking in virStoragePoolObjListSearch may lead to denial of service CVE-2023-3750 Tenable has extracted the preceding description block...

SUSE CVE-2018-3750

The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all object...

EUVD-2017-12865

Malware in sbrugna...

EUVD-2023-34144

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2015-3750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not enforce the HTTP Strict...

Linux Distros Unpatched Vulnerability : CVE-2016-3750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libs/binder/Parcel.cpp in the Parcels Framework APIs in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not...

TencentOS Server 4: libvirt (TSSA-2024:0363)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0363 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-3750

The Network Posts Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘postheight’ parameter in all versions up to, and including, 7.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2020-3750

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2010-3750

rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 does not properly validate file contents that are used during interaction with a heap buffer, which allows remote attackers to execute arbitrary code via crafted Name Value...

CVE-2011-3750

kPlaylist 1.8.502 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by getid3/getid3/write.id3v1.php and certain other files...

CVE-2025-3750

The Network Posts Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘postheight’ parameter in all versions up to, and including, 7.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-3750

The CVE CVE-2025-3750 affects the WordPress plugin Network Posts Extended (versions up to and including 7.7.1). It describes a Stored Cross-Site Scripting (Stored XSS) via the post_height parameter caused by insufficient input sanitization and output escaping. Exploitation requires authentication...

CVE-2025-3750 Network Posts Extended <= 7.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via post_height Parameter

The Network Posts Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘postheight’ parameter in all versions up to, and including, 7.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-3750 Network Posts Extended <= 7.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via post_height Parameter

The Network Posts Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘postheight’ parameter in all versions up to, and including, 7.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Network Posts Extended plugin <= 7.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via post_height Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via postheight Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Posts Extended versions = 7.7.1...

Alibaba Cloud Linux 3 : 0021: virt:rhel and virt-devel:rhel (ALINUX3-SA-2024:0021)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0021 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3750: A DMA reentrancy issue was...