MINI-46C3-MVR9-3838

Bulletin has no description...

CVE-2026-3838

creationtimestamp| type| source ---|---|--- 2026-03-17 15:00:13+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhbafueub62m...

CVE-2024-3838

creationtimestamp| type| source ---|---|--- 2026-03-13 02:18:43+00:00| seen| https://bsky.app/profile/undercode.bsky.social/post/3mgvtyi6ljj2z...

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.212.b04-0.AXS4 (AXSA:2019-3838:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3838:02 advisory. Enhancement - Oracle Java SE REIWA Security Fix - CVE-2019-2602, CVE-2019-2684, CVE-2019-2698 CVE CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted t...

Debian dla-4427 : php-dompdf - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4427 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4427-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2016-3838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Android 6.x before 2016-08-01 allows attackers to cause a denial of service loss of locked-screen 911 functionality via a crafted application that uses the...

GO-2025-3838 Hashicorp Vault has Code Execution Vulnerability via Plugin Configuration in github.com/hashicorp/vault

Hashicorp Vault has Code Execution Vulnerability via Plugin Configuration in github.com/hashicorp/vault...

CVE-2020-3838

The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges...

CVE-2025-3838

An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db containing weakly hashed...

CVE-2025-3838

An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db containing weakly hashed...

CVE-2025-3838

creationtimestamp| type| source ---|---|--- 2025-04-21 10:05:25+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12637 2025-04-21 12:54:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnd7jq2pzn2h 2025-04-21 13:58:19+00:00| seen| https://t.me/cvedetector/23434...

CVE-2025-3838 Improper Authorization in the installer for the EOL OVA based connect component

An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db containing weakly hashed...

CVE-2025-3838 Improper Authorization in the installer for the EOL OVA based connect component

An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db containing weakly hashed...

Linux Distros Unpatched Vulnerability : CVE-2021-3838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function...

Linux Distros Unpatched Vulnerability : CVE-2024-3838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform ...

Linux Distros Unpatched Vulnerability : CVE-2019-3838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could...

CVE-2021-3838

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and...

CVE-2021-3838

creationtimestamp| type| source ---|---|--- 2024-11-15 10:54:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113486597726053603 2025-12-30 16:28:13+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mb7rfvcyzk2b...

CVE-2021-3838 PHAR Deserialization in dompdf/dompdf

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and...

CVE-2021-3838

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and...