108 matches found
EUVD-2019-3822
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2010-3822
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses an uninitialized pointer during...
GO-2025-3822 Authentik has insufficient check for account active status when authenticating with OAuth/SAML Sources in goauthentik.io
Authentik has insufficient check for account active status when authenticating with OAuth/SAML Sources in goauthentik.io. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...
CVE-2022-3822
The Donations via PayPal WordPress plugin before 1.9.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2021-3822
jsoneditor is vulnerable to Inefficient Regular Expression Complexity...
CVE-2011-3822
XOOPS 2.5.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/system/xoopsversion.php and certain other files...
Alibaba Cloud Linux 3 : 0078: curl (ALINUX3-SA-2021:0078)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0078 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-3822: libcurl versions from 7.36....
CVE-2025-3822
A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file changepassword.php. The manipulation of the argument txtconfirmpassword/txtnewpassword/txtoldpassword leads to cro...
CVE-2025-3822
creationtimestamp| type| source ---|---|--- 2025-04-20 07:01:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12608 2025-04-20 10:49:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnai2r3yy32u 2025-04-20 10:58:14+00:00| seen|...
CVE-2025-3822 SourceCodester Web-based Pharmacy Product Management System changepassword.php cross site scripting
A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file changepassword.php. The manipulation of the argument txtconfirmpassword/txtnewpassword/txtoldpassword leads to cro...
CVE-2025-3822
CVE-2025-3822 affects SourceCodester Web-based Pharmacy Product Management System 1.0. The issue is a cross-site scripting vulnerability in changepassword.php triggered by manipulating the arguments txtconfirm_password, txtnew_password, and txtold_password. The vulnerability can be exploited remo...
CVE-2024-3822
creationtimestamp| type| source ---|---|--- 2025-03-29 00:28:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9512...
CVE-2024-3822 Base64 Encoder/Decoder <= 0.9.2 - Reflected XSS
The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-3822 Base64 Encoder/Decoder <= 0.9.2 - Reflected XSS
The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-3822
CVE-2024-3822 corresponds to the WordPress plugin Base64 Encoder/Decoder (versions
WordPress Base64 Encoder/Decoder Plugin <= 0.9.2 is vulnerable to Cross Site Scripting (XSS)
Software Base64 Encoder/Decoder Type Plugin Vulnerable versions = 0.9.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3822 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 72ed251444bf Credits Francisco Spínola...
RHEL 5 : kernel (RHSA-2018:3822)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3822 advisory. - kernel: Use-after-free vulnerability in DCCP socket CVE-2017-8824 - kernel: Use-after-free in sysmqnotify CVE-2017-11176 - kernel:...
openSUSE: Security Advisory for supportutils (SUSE-SU-2023:3822-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2023:3822)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:3822 advisory. - A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caus...
BELL-CVE-2019-3822 CVE-2019-3822 does not affect BellSoft software
Bulletin has no description...