104 matches found
Exploit for SQL Injection in Easycms
NVD-CVE-2026-...
CVE-2026-3786
creationtimestamp| type| source ---|---|--- 2026-03-08 22:15:50+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3786...
EUVD-2026-3786
Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains a Time-of-check Time-of-use TOCTOU race condition vulnerability. A low privileged attacker with adjacent...
MiracleLinux 9 : openssl-3.0.1-43.el9 (AXSA:2022-3967:08)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3967:08 advisory. OpenSSL: X.509 Email Address Buffer Overflow CVE-2022-3602 OpenSSL: X.509 Email Address Variable Length Buffer Overflow CVE-2022-3786 Tenable has...
Siemens OpenSSL 3.0 Buffer Overflow (CVE-2022-3786)
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate...
CVE-2021-3786
A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range...
CVE-2020-3786
Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution...
CVE-2011-3786
PHProjekt 6.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Setup/Controllers/IndexController.php...
CVE-2025-3786
creationtimestamp| type| source ---|---|--- 2025-04-18 09:59:00+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12413 2025-04-18 11:15:19+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln3ikuqwlji2 2025-04-18...
CVE-2025-3786 Tenda AC15 WifiExtraSet fromSetWirelessRepeat buffer overflow
A vulnerability was found in Tenda AC15 up to 15.03.05.19 and classified as critical. This issue affects the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument mac leads to buffer overflow. The attack may be initiated remotely. The exploit has been...
python311-cryptography-vectors-44.0.0-1.1 on GA media (moderate)
python311-cryptography-vectors-44.0.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14740-1 Rating: moderate Cross-References: CVE-2022-3602 CVE-2022-3786 CVSS scores: CVE-2022-3602 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-3786 SUSE : 5.9...
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
Fedora 37 : openssl (2022-0f1d2e0537)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-0f1d2e0537 advisory. Security fix for CVE-2022-3602 and CVE-2022-3786 Tenable has extracted the preceding description block directly from the Fedora security advisory...
CVE-2024-3786
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes SSI, through Device Synchronizations /admin/DeviceReplication. Exploitation of this vulnerability could allow a remote user to execute arbitrary code...
CVE-2024-3786 Improper Neutralization of Server-Side Includes (SSI) vulnerability in WBSAirback
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes SSI, through Device Synchronizations /admin/DeviceReplication. Exploitation of this vulnerability could allow a remote user to execute arbitrary code...
CVE-2024-3786 Improper Neutralization of Server-Side Includes (SSI) vulnerability in WBSAirback
Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes SSI, through Device Synchronizations /admin/DeviceReplication. Exploitation of this vulnerability could allow a remote user to execute arbitrary code...
CVE-2023-3786
CVE-2023-3786 affects Aures Komet up to 20230509, specifically component area related to Kiosk Mode. The root cause described across connected documents is improper access controls, enabling an attack on the physical device. The vulnerability allows an attacker to exploit the control path due to ...
CVE-2023-3786 Aures Komet Kiosk Mode access control
A vulnerability classified as problematic has been found in Aures Komet up to 20230509. This affects an unknown part of the component Kiosk Mode. The manipulation leads to improper access controls. It is possible to launch the attack on the physical device. The exploit has been disclosed to the...
Juniper Junos OS Multiple Vulnerabilities (JSA69999)
The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA69999 advisory. - A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain...
Security Bulletin: IBM Observability with Instana (OnPrem) affected by OpenSSL vulnerabilities.
Summary IBM Observability with Instana OnPrem has addressed the following OpenSSL vulnerabilities in it's self-hosted Docker-based installer: CVE-2022-3602 and CVE-2022-3786. Vulnerability Details CVEID:CVE-2022-3602 DESCRIPTION: OpenSSL is vulnerable to a stack-based buffer overflow, caused by...