ROOT-OS-DEBIAN-12-CVE-2025-38393 CVE-2025-38393 in rootio-linux - Patched by Root

Root has patched CVE-2025-38393 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2025-38393 CVE-2025-38393 in rootio-linux - Patched by Root

Root has patched CVE-2025-38393 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

EUVD-2025-38393

Malicious code in study-lab-e52 npm...

MAL-2025-38393 Malicious code in vine-nectar-uxy225-project (npm)

The package vine-nectar-uxy225-project was found to contain malicious code...

CVE-2025-38393

CVE-2025-38393 affects the Linux kernel (NFSv4/pNFS) where a race to wake on NFS_LAYOUT_DRAIN could occur. The issue occurs when multiple tasks wait for a page lock during writeback and a waiter/waker race with pnfs_update_layout() occurs while pnfs_layout_hdr’s plh_outstanding count is zero. The...

Foxit PhantomPDF Multiple Vulnerabilities (Aug 2024) - Windows

Foxit PhantomPDF is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:phantompdf";...

Foxit Reader Multiple Vulnerabilities (Oct 2024) - Windows

Foxit Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:foxitsoftware:reader";...

KLA73578 Multiple vulnerabilities in Foxit Reader

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in FoxitPDFReaderUpdater.exe can be exploited to...

CVE-2023-38393

CVE-2023-38393 is a vulnerability in WordPress Ninja Forms plugin versions ≤ 3.6.25, described as Missing Authorization / Broken Access Control. The issue permits a user with Subscriber/Contributor roles to perform an unauthorized action (export of all Ninja Forms submissions) due to a broken acc...

CVE-2023-38393

creationtimestamp| type| source ---|---|--- 2023-07-31 09:13:42+00:00| seen| https://t.me/thehackernews/3671 2023-07-31 10:36:25+00:00| seen| Telegram/TVzNbCj39jddHJ0wyoRxjoN5ENQMo13tFhhm0Se71sQw 2023-07-31 10:49:30+00:00| seen| https://t.me/KomunitiSiber/572...

Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable

Multiple security vulnerabilities have been disclosed in the Ninja Forms plugin for WordPress that could be exploited by threat actors to escalate privileges and steal sensitive data. The flaws, tracked as CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393, impact versions 3.6.25 and below,...

WordPress Ninja Forms Contact Form Plugin < 3.6.26 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ninjaforms:contactform"; ifdescription...

WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Broken Access Control

Software Ninja Forms Type Plugin Vulnerable versions = 3.6.25 Fixed in 3.6.26 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-38393 Patch priority High CVSS severity High 7.6 Developer Claim ownership PSID 44e08fdf7aed Credits Rafie Muhammad Patchstack...

Update now! ASUS fixes nine security flaws

ASUS has released firmware updates for several router models fixing two critical and several other security issues. The new firmware with accumulated security updates is available for the models GT6, GT-AXE16000, GT-AX11000 PRO, GT-AXE11000, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8,...

CVE-2022-38393

creationtimestamp| type| source ---|---|--- 2023-01-11 00:44:50+00:00| seen| https://t.me/cibsecurity/56317 2023-01-13 13:43:21+00:00| seen| https://t.me/truesecator/3935 2023-06-19 19:55:30+00:00| seen| https://t.me/RussianOSINT/2677 2023-06-20 09:57:08+00:00| seen| https://t.me/kasperskyb2b/705...

CVE-2022-38393

The CVE CVE-2022-38393 affects Asus RT-AX82U (firmware 3.0.0.4.386_49674-ge182230). TALOS documents a denial-of-service in the cfg_server cm_processConnDiagPktList opcode, caused by missing validation for UDP/TCP input length which allows an underflow of the datalen field, leading to a potential ...

Asus RT-AX82U cfg_server cm_processConnDiagPktList denial of service vulnerability

Talos Vulnerability Report TALOS-2022-1592 Asus RT-AX82U cfgserver cmprocessConnDiagPktList denial of service vulnerability January 10, 2023 CVE Number CVE-2022-38393 SUMMARY A denial of service vulnerability exists in the cfgserver cmprocessConnDiagPktList opcode of Asus RT-AX82U...

CVE-2021-38393

creationtimestamp| type| source ---|---|--- 2021-08-30 22:32:34+00:00| seen| https://t.me/cibsecurity/28022...

CVE-2021-38393

Delta Electronics DIAEnergie (all versions before 1.9) contains a Blind SQL injection in /DataHandler/HandlerAlarmGroup.ashx via the agid parameter, enabling remote, unauthenticated code execution in NT SERVICES\MSSQLSERVER. This is tied to CVE-2021-38393. Impact is high (CVE has CVSS v3.1 base s...