Lucene search
K

104 matches found

GithubExploit
GithubExploit
added 2026/03/11 1:12 p.m.143 views

Exploit for SQL Injection in Easycms

NVD-CVE-2026-...

8.8CVSS5.8AI score0.00276EPSS
Exploits2
Circl
Circl
added 2026/03/08 10:15 p.m.5 views

CVE-2026-3786

creationtimestamp| type| source ---|---|--- 2026-03-08 22:15:50+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3786...

8.8CVSS5.7AI score0.00276EPSS
Exploits2References1
EUVD
EUVD
added 2026/01/22 7:11 p.m.4 views

EUVD-2026-3786

Dell PowerScale OneFS, versions 9.5.0.0 through 9.5.1.5, versions 9.6.0.0 through 9.7.1.10, versions 9.8.0.0 through 9.10.1.3, versions starting from 9.11.0.0 and prior to 9.13.0.0, contains a Time-of-check Time-of-use TOCTOU race condition vulnerability. A low privileged attacker with adjacent...

3.5CVSS5.5AI score0.00162EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : openssl-3.0.1-43.el9 (AXSA:2022-3967:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3967:08 advisory. OpenSSL: X.509 Email Address Buffer Overflow CVE-2022-3602 OpenSSL: X.509 Email Address Variable Length Buffer Overflow CVE-2022-3786 Tenable has...

7.5CVSS8AI score0.92488EPSS
Exploits6References3
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.6 views

Siemens OpenSSL 3.0 Buffer Overflow (CVE-2022-3786)

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate...

7.5CVSS8.2AI score0.92488EPSS
Exploits2References7
RedhatCVE
RedhatCVE
added 2025/05/22 8:7 p.m.13 views

CVE-2021-3786

A potential vulnerability in the SMI callback function used in CSME configuration of some Lenovo Notebook and ThinkPad systems could be used to leak out data out of the SMRAM range...

5.5CVSS6.8AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:36 p.m.8 views

CVE-2020-3786

Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution...

9.8CVSS7.4AI score0.0394EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:57 a.m.11 views

CVE-2011-3786

PHProjekt 6.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Setup/Controllers/IndexController.php...

5CVSS6.5AI score0.01229EPSS
Exploits0References1
Circl
Circl
added 2025/04/18 9:59 a.m.10 views

CVE-2025-3786

creationtimestamp| type| source ---|---|--- 2025-04-18 09:59:00+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12413 2025-04-18 11:15:19+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln3ikuqwlji2 2025-04-18...

9CVSS7.6AI score0.00939EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/04/18 9:0 a.m.30 views

CVE-2025-3786 Tenda AC15 WifiExtraSet fromSetWirelessRepeat buffer overflow

A vulnerability was found in Tenda AC15 up to 15.03.05.19 and classified as critical. This issue affects the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument mac leads to buffer overflow. The attack may be initiated remotely. The exploit has been...

9CVSS0.00939EPSS
Exploits1References5
OPENSUSE Linux
OPENSUSE Linux
added 2025/02/07 12:0 a.m.7 views

python311-cryptography-vectors-44.0.0-1.1 on GA media (moderate)

python311-cryptography-vectors-44.0.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14740-1 Rating: moderate Cross-References: CVE-2022-3602 CVE-2022-3786 CVSS scores: CVE-2022-3602 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-3786 SUSE : 5.9...

8.1CVSS8.7AI score0.92488EPSS
Exploits6
Oracle linux
Oracle linux
added 2024/11/22 12:0 a.m.55 views

edk2 security update

Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...

7.5CVSS7.4AI score0.96275EPSS
Exploits28
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.18 views

Fedora 37 : openssl (2022-0f1d2e0537)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-0f1d2e0537 advisory. Security fix for CVE-2022-3602 and CVE-2022-3786 Tenable has extracted the preceding description block directly from the Fedora security advisory...

7.5CVSS8AI score0.92488EPSS
Exploits6References3
NVD
NVD
added 2024/04/15 2:15 p.m.13 views

CVE-2024-3786

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes SSI, through Device Synchronizations /admin/DeviceReplication. Exploitation of this vulnerability could allow a remote user to execute arbitrary code...

6.6CVSS6.7AI score0.00652EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 2:7 p.m.14 views

CVE-2024-3786 Improper Neutralization of Server-Side Includes (SSI) vulnerability in WBSAirback

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes SSI, through Device Synchronizations /admin/DeviceReplication. Exploitation of this vulnerability could allow a remote user to execute arbitrary code...

6.6CVSS6.9AI score0.00652EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/15 2:7 p.m.15 views

CVE-2024-3786 Improper Neutralization of Server-Side Includes (SSI) vulnerability in WBSAirback

Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes SSI, through Device Synchronizations /admin/DeviceReplication. Exploitation of this vulnerability could allow a remote user to execute arbitrary code...

6.6CVSS7.6AI score0.00652EPSS
Exploits0References1
CVE
CVE
added 2023/07/20 1:0 p.m.51 views

CVE-2023-3786

CVE-2023-3786 affects Aures Komet up to 20230509, specifically component area related to Kiosk Mode. The root cause described across connected documents is improper access controls, enabling an attack on the physical device. The vulnerability allows an attacker to exploit the control path due to ...

6.8CVSS5.4AI score0.00258EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2023/07/20 1:0 p.m.22 views

CVE-2023-3786 Aures Komet Kiosk Mode access control

A vulnerability classified as problematic has been found in Aures Komet up to 20230509. This affects an unknown part of the component Kiosk Mode. The manipulation leads to improper access controls. It is possible to launch the attack on the physical device. The exploit has been disclosed to the...

4.6CVSS6.8AI score0.00258EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/04/04 12:0 a.m.25 views

Juniper Junos OS Multiple Vulnerabilities (JSA69999)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA69999 advisory. - A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain...

7.5CVSS8.8AI score0.92488EPSS
Exploits6References6
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/07 9:44 a.m.65 views

Security Bulletin: IBM Observability with Instana (OnPrem) affected by OpenSSL vulnerabilities.

Summary IBM Observability with Instana OnPrem has addressed the following OpenSSL vulnerabilities in it's self-hosted Docker-based installer: CVE-2022-3602 and CVE-2022-3786. Vulnerability Details CVEID:CVE-2022-3602 DESCRIPTION: OpenSSL is vulnerable to a stack-based buffer overflow, caused by...

7.5CVSS8.5AI score0.92488EPSS
Exploits6Affected Software1
Rows per page
Query Builder