CVE-2026-3828

Some Hikvision switch products discontinued since December 2023 are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leadi...

CVE-2026-3828

creationtimestamp| type| source ---|---|--- 2026-05-09 10:01:57+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mlfyhby4gg2x 2026-05-09 12:40:02+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlgbby5j6r2p...

MINI-VW2Q-3828-269C

Bulletin has no description...

EUVD-2026-3828

VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively, as well as VB-Audio Matrix and Matrix Coconut versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively, contain a vulnerability in their virtual aud...

MiracleLinux 4 : openssh-5.3p1-124.AXS4 (AXSA:2019-3828:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3828:01 advisory. Security Fix - OpenSSH CVE-2018-15473 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the MiracleLinux securit...

CVE-2023-3828

A vulnerability was found in Bug Finder Listplace Directory Listing Platform 3.0. It has been classified as problematic. This affects an unknown part of the file /listplace/user/coverPhotoUpdate of the component Photo Handler. The manipulation of the argument usercoverphoto leads to cross site...

CVE-2022-3828

The Video Thumbnails WordPress plugin through 2.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

python311-nltk-3.9.1-2.4 on GA media (moderate)

python311-nltk-3.9.1-2.4 on GA media Announcement ID: openSUSE-SU-2025:15099-1 Rating: moderate Cross-References: CVE-2021-3828 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

GHSA-WH6W-3828-G9QF

creationtimestamp| type| source ---|---|--- 2025-05-02 13:15:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14474...

CVE-2025-3828

creationtimestamp| type| source ---|---|--- 2025-04-20 15:54:06+00:00| seen| https://bsky.app/profile/potato.software/post/3lnaz3ettzn2b 2025-04-20 16:01:34+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12615 2025-04-20 18:00:36+00:00| published-proof-of-concept|...

CVE-2025-3828 PHPGurukul Men Salon Management System view-appointment.php sql injection

A vulnerability was found in PHPGurukul Men Salon Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/view-appointment.php?viewid=11. The manipulation of the argument remark leads to sql injection. The attack may be initiated remotely. T...

Oracle Linux 8 : glibc (ELSA-2025-3828)

"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3828 advisory. 2.28-251.0.3.16 - Forward port of Oracle patches Reviewed-by: Elena Zannoni Oracle history: March-26-2025 Cupertino Miranda - 2.28-251.0.3.14 - OraBug: 3662568...

Linux Distros Unpatched Vulnerability : CVE-2021-3828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nltk is vulnerable to Inefficient Regular Expression Complexity CVE-2021-3828 Note that Nessus relies on the presence of the package as reported by the vendor...

Debian: Security Advisory (DLA-3828-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3828 Spectra Pro <= 1.1.5 - Authenticated (Author+) Privilege Escalation

The Spectra Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.5. This is due to the plugin allowing lower-privileged users to create registration forms and set the default role to administrator This makes it possible for authenticated...

CVE-2024-3828 Spectra Pro <= 1.1.5 - Authenticated (Author+) Privilege Escalation

The Spectra Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.5. This is due to the plugin allowing lower-privileged users to create registration forms and set the default role to administrator This makes it possible for authenticated...

WordPress Spectra Pro Plugin <= 1.1.5 is vulnerable to Privilege Escalation

Software Spectra Pro Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.1.6 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-3828 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID e9883ee7b5f9 Credits Ngô Thiên An...

RHEL 7 : ansible (RHSA-2019:3789)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3789 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH a...

RHEL 7 : ansible (RHSA-2019:3744)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:3744 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH a...

openSUSE: Security Advisory for python3 (SUSE-SU-2023:3828-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...