CVE-2026-3768

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit ha...

CVE-2026-3768

Tenda F453 firmware 1.0.0.3 has a stack-based buffer overflow in the formWrlExtraSet function of /goform/WrlExtraSet, triggered by manipulating the GO argument. This allows remote code execution and is supported by publicly disclosed exploits. No additional remediation details are provided in the...

MINI-3768-6MJW-X9H4

Bulletin has no description...

CVE-2025-3768

Improper access control in Tor network blocking feature in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the tor blocking feature when the Devolutions hosted endpoint is not reachable...

CVE-2025-3768

creationtimestamp| type| source ---|---|--- 2025-06-05 13:49:39+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lquhl7kkn3i2...

CVE-2025-3768

CVE-2025-3768 affects Devolutions Server (versions 2025.1.10.0 and earlier) due to improper access control in the Tor network blocking feature. An authenticated user can bypass the Tor blocking when the Devolutions hosted endpoint is unreachable, with a CVSSv3.1 base score of 5.0 (Medium). No exp...

CVE-2025-3768

Improper access control in Tor network blocking feature in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the tor blocking feature when the Devolutions hosted endpoint is not reachable...

CVE-2025-3768

Improper access control in Tor network blocking feature in Devolutions Server 2025.1.10.0 and earlier allows an authenticated user to bypass the tor blocking feature when the Devolutions hosted endpoint is not reachable...

CVE-2023-3768

Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication,...

CVE-2022-3768

The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author...

CVE-2020-3768

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation...

CentOS 7 : kpatch-patch (RHSA-2021:3768)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3768 advisory. - An issue was discovered in Linux: KVM through Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed...

CVE-2024-3768 PHPGurukul/itsourcecode News Portal search.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul/itsourcecode News Portal 4.1. This issue affects some unknown processing of the file search.php. The manipulation of the argument searchtitle leads to sql injection. The attack may be initiated remotely. The exploit h...

CVE-2024-3768

Affected software: PHPGurukul/itsourcecode News Portal 4.1. The vulnerability resides in the search.php file where manipulating the searchtitle parameter leads to SQL injection. The issue is exploitable remotely and has been publicly disclosed. The CVEs collectively describe high-severity impacts...

CVE-2019-3768

creationtimestamp| type| source ---|---|--- 2024-03-19 13:11:05+00:00| seen| https://t.me/ctinow/211424...

CVE-2023-3768

creationtimestamp| type| source ---|---|--- 2023-10-02 14:40:23+00:00| seen| https://t.me/cibsecurity/71397...

CVE-2023-3768 Vulnerability in Ingeteam's INGEPAC EF/DA

Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication,...

CVE-2023-3768

CVE-2023-3768 affects Ingeteam’s INGEPAC EF/DA family (e.g., INGEPAC DA3451 firmware 0.29.2.42 and INGEPAC FC5066 firmware 9.0.22.6+6.1.1.22+5.3.1.1). The root cause is an input validation error that could enable an attacker with network access to perform fuzzing against MMS protocol handling, en...

Security Bulletin: Denial of Service attack affects IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems (CVE-2017-3768)

Summary IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter Systems has addressed the following vulnerability. Vulnerability Details Summary IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter Systems has addressed the following vulnerability...

SUSE CVE-2010-3768

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via...