CVE-2026-3814

creationtimestamp| type| source ---|---|--- 2026-03-09 10:32:40+00:00| seen| https://infosec.exchange/users/offseq/statuses/116198759465088172 2026-03-23 05:40:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhpdvvbv252h...

CVE-2026-3814

CVE-2026-3814 affects UTT HiPER 810G up to version 1.7.7-1711. The vulnerability lies in the strcpy usage in /goform/getOneApConfTempEntry, enabling a remote attacker to trigger a buffer overflow. Public exploits exist. Retail evidence from multiple sources confirms the affected component and rem...

MiracleLinux 7 : dovecot-2.2.36-6.el7 (AXSA:2020-4708:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4708:01 advisory. dovecot: Improper certificate validation CVE-2019-3814 dovecot: Buffer overflow in indexer-worker process results in privilege escalation...

ECHO-7C0B-A720-3814

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2022-3814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic was found in Axiomatic Bento4. This vulnerability affects unknown code of the component mp4decrypt. The manipulation...

CVE-2023-3814

The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server...

CVE-2022-3814

A vulnerability classified as problematic was found in Axiomatic Bento4. This vulnerability affects unknown code of the component mp4decrypt. The manipulation leads to memory leak. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier o...

CVE-2025-3814

The Tax Switch for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class-name’ parameter in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-3814 Tax Switch for WooCommerce <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via class-name Parameter

The Tax Switch for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class-name’ parameter in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-3814 Tax Switch for WooCommerce <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via class-name Parameter

The Tax Switch for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class-name’ parameter in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Tax Switch for WooCommerce plugin <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Tax Switch for WooCommerce versions = 1.4.2...

Linux Distros Unpatched Vulnerability : CVE-2019-3814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid...

CVE-2024-3814 tagDiv Composer <= 4.8 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Meta

The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'single' module in all versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

RHEL 6 : dovecot (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dovecot: Buffer overflow in indexer-worker process results in privilege escalation CVE-2019-7524 - A...

WordPress tagDiv Composer Plugin <= 4.8 is vulnerable to Cross Site Scripting (XSS)

Software tagDiv Composer Type Plugin Vulnerable versions = 4.8 Fixed in 4.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3814 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID aede7898e0d1 Credits István Márton Required...

Oracle Linux 8 : dovecot (ELSA-2019-3467)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3467 advisory. - fix CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes...

CVE-2023-3814

creationtimestamp| type| source ---|---|--- 2023-09-04 16:16:25+00:00| seen| https://t.me/cibsecurity/69783...

CVE-2023-3814 Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access

The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server...

CVE-2023-3814 Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access

The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server...

CVE-2023-3814

CVE-2023-3814 affects the WordPress Advanced File Manager plugin prior to 5.1.1. The issue is an access control flaw on multisite setups that allows site administrators to enumerate and read arbitrary files and folders on the server due to inadequate authorization checks. Affected software: Advan...