Lucene search
+L

112 matches found

attackerkb
attackerkb
added 2026/04/01 1:40 a.m.3 views

CVE-2026-3778

The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...

6.2CVSS5.9AI score0.00103EPSS
Exploits0References2Affected Software2
nessus
nessus
added 2026/03/31 12:0 a.m.2 views

Foxit PDF Editor < 13.2.3 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 13.2.3. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead relied only on the...

7.8CVSS6AI score0.00309EPSS
Exploits1References5
circl
circl
added 2026/03/30 5:0 p.m.3 views

CVE-2026-3778

creationtimestamp| type| source ---|---|--- 2026-03-30 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0382/ 2026-03-31 14:45:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mieg3rhqh224...

6.2CVSS5.8AI score0.00103EPSS
Exploits0References2
circl
circl
added 2026/02/26 1:40 a.m.4 views

GHSA-X288-3778-4HHX

creationtimestamp| type| source ---|---|--- 2026-02-26 01:40:19+00:00| seen| https://gist.github.com/alon710/53d0a446648e9dbad6bc94a3baf5290b...

4.8AI score
Exploits0References1
osv
osv
added 2024/06/06 12:21 p.m.13 views

CGA-3778-G26C-46XX

Bulletin has no description...

6.5CVSS6.6AI score0.01165EPSS
Exploits0
cve
cve
added 2024/04/15 3:41 a.m.55 views

CVE-2024-3778

CVE-2024-3778 affects Ai3 QbiBot due to an unrestricted file upload weakness. The issue allows remote attackers with administrator privileges to upload files of dangerous types containing malicious code through the file upload functionality. Affected release range is before 8.0.4; upgrading to 8....

7.2CVSS7AI score0.00641EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2024/04/15 3:41 a.m.20 views

CVE-2024-3778 Ai3 QbiBot - Unrestricted File Upload

The file upload functionality of Ai3 QbiBot does not properly restrict types of uploaded files, allowing remote attackers with administrator privilege to upload files with dangerous type containing malicious code...

7.2CVSS7.3AI score0.00641EPSS
Exploits0References1
nvd
nvd
added 2023/09/14 7:15 p.m.13 views

CVE-2012-3778

Rejected reason: This candidate is unused by its CNA...

6.6AI score
Exploits0
osv
osv
added 2023/08/31 12:13 p.m.1 views

BELL-CVE-2021-3778 CVE-2021-3778 does not affect BellSoft software

Bulletin has no description...

7.8CVSS5.8AI score0.01736EPSS
Exploits1References1
rosalinux
rosalinux
added 2023/08/15 9:10 a.m.50 views

Advisory ROSA-SA-2023-2214

Software: vim 8.0.1763 OS: ROSA Virtualization 2.1 packageevrstring: vim-8.0.1763-19.rv3.4.src.rpm CVE-ID: CVE-2021-3796 BDU-ID: 2021-05417 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the nvreplace function of the VIM text editor is related to memory usage after it has been freed. Exploitation o...

9.8CVSS8.4AI score0.02086EPSS
Exploits10
susecve
susecve
added 2023/02/15 6:11 a.m.5 views

SUSE CVE-2007-3778

The G/PGP GPG Plugin 2.0, and 2.1dev before 20060912, for Squirrelmail allows remote attackers to execute arbitrary commands via shell metacharacters in the messageSignedText parameter to the gpgchecksignpgpmime function in gpghookfunctions.php. NOTE: a parameter value can be set in the contents ...

7.5CVSS7.8AI score0.02667EPSS
Exploits0References3
nvd
nvd
added 2022/12/30 10:15 p.m.8 views

CVE-2022-3778

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

Exploits0
circl
circl
added 2022/06/29 6:43 p.m.8 views

CVE-2019-3778

creationtimestamp| type| source ---|---|--- 2022-06-29 18:43:49+00:00| seen| https://t.me/cibsecurity/45366...

6.5CVSS6AI score0.15621EPSS
Exploits4References1
osv
osv
added 2022/06/29 2:15 p.m.29 views

CVE-2020-26877

ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack. Specifically, it directly sends an authorization code to the redirect URI submitted with the authorization request, without checking whether the redirect...

6.1CVSS6.7AI score
Exploits0References3
prion
prion
added 2022/06/29 2:15 p.m.25 views

Authorization

ApiFest OAuth 2.0 Server 0.3.1 does not validate the redirect URI in accordance with RFC 6749 and is susceptible to an open redirector attack. Specifically, it directly sends an authorization code to the redirect URI submitted with the authorization request, without checking whether the redirect...

5.8CVSS6.4AI score0.15621EPSS
Exploits4References3Affected Software1
nessus
nessus
added 2022/04/18 12:0 a.m.41 views

EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2022-1415)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927,...

9.3CVSS7.1AI score0.01792EPSS
Exploits12References13
nessus
nessus
added 2022/04/18 12:0 a.m.58 views

EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-1389)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3778, CVE-2021-3872, CVE-2021-3875, CVE-2021-3903, CVE-2021-3927,...

9.3CVSS7.1AI score0.01792EPSS
Exploits12References13
nessus
nessus
added 2022/03/05 12:0 a.m.35 views

SUSE SLED15 / SLES15 Security Update : vim (SUSE-SU-2022:0736-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0736-1 advisory. - CVE-2022-0318: Fixed heap-based buffer overflow bsc1195004. - CVE-2021-3796: Fixed use-after-free in nvrepla...

9.8CVSS7.5AI score0.02086EPSS
Exploits13References41
openvas
openvas
added 2022/03/05 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2022:0736-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.7AI score0.02086EPSS
Exploits13References17
openvas
openvas
added 2022/03/05 12:0 a.m.37 views

openSUSE: Security Advisory for vim (openSUSE-SU-2022:0736-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.5AI score0.02086EPSS
Exploits13References2
Rows per page
Query Builder