CVE-2026-3815

creationtimestamp| type| source ---|---|--- 2026-03-17 06:33:03+00:00| seen| https://bsky.app/profile/secqube.com/post/3mhae2xml5s2b...

CVE-2026-3815

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been made available to the public and could be us...

PT-2026-23980

Name of the Vulnerable Software and Affected Versions UTT HiPER 810G versions up to 1.7.7-1711 Description A flaw exists in UTT HiPER 810G that could allow for a buffer overflow. This is due to the strcpy function within the /goform/formApMail file. The issue is remotely exploitable, and a public...

RHEL 8 : grafana-pcp (RHSA-2026:3815)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3815 advisory. The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and...

EUVD-2026-3815

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins B Slider b-slider allows DOM-Based XSS.This issue affects B Slider: from n/a through = 2.0.6...

MiracleLinux 8 : kernel-4.18.0-372.16.1.el8_6 (AXSA:2022-3815:13)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3815:13 advisory. kernel: race condition in perfeventopen leads to privilege escalation CVE-2022-1729 Tenable has extracted the preceding description block directly from the...

CVE-2022-3815

A vulnerability, which was classified as problematic, has been found in Axiomatic Bento4. This issue affects some unknown processing of the component mp4decrypt. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2011-3815

WeBid 1.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by js/calendar.php and certain other files...

CVE-2025-3815

creationtimestamp| type| source ---|---|--- 2025-05-03 08:16:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14690 2025-05-03 10:05:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lob3ol5a3z2e 2025-05-03 12:01:32+00:00| seen|...

CVE-2025-3815 SurveyJS <= 1.12.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter

The SurveyJS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.12.32 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

WordPress SurveyJS plugin <= 1.12.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin SurveyJS versions = 1.12.32...

CVE-2024-3815 Newspaper <= 12.6.5 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Meta

The Newspaper theme for WordPress is vulnerable to Stored Cross-Site Scripting via attachment meta in the archive page in all versions up to, and including, 12.6.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2010-3815

Rejected reason: This candidate is unused by its CNA...

CVE-2023-3815

CVE-2023-3815 affects y_project RuoYi (up to 4.7.7). The vulnerability is in the File Upload component, specifically the function uploadFilesPath where manipulation of the originalFilenames argument leads to cross-site scripting. The issue can be exploited remotely and does not require authentica...

CVE-2023-3815 y_project RuoYi File Upload uploadFilesPath cross site scripting

A vulnerability, which was classified as problematic, has been found in yproject RuoYi up to 4.7.7. Affected by this issue is the function uploadFilesPath of the component File Upload. The manipulation of the argument originalFilenames leads to cross site scripting. The attack may be launched...

K22040951: systemd-journald vulnerability CVE-2019-3815

Security Advisory Description A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatchmessagereal in journald-server.c does not free the memory allocated by setiovecfieldfree to store the CMDLINE= entry. A local attacker may use this...

SUSE CVE-2015-3815

The detectversion function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a packet with a crafted payload, as...

CVE-2022-3815

creationtimestamp| type| source ---|---|--- 2022-11-02 01:19:30+00:00| seen| https://t.me/cibsecurity/52454...

CVE-2022-3815

A vulnerability, which was classified as problematic, has been found in Axiomatic Bento4. This issue affects some unknown processing of the component mp4decrypt. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...

CVE-2022-3815 Axiomatic Bento4 mp4decrypt memory leak

A vulnerability, which was classified as problematic, has been found in Axiomatic Bento4. This issue affects some unknown processing of the component mp4decrypt. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...