Exploit for CVE-2026-3844

No d...

Exploit for CVE-2026-3844

CVE-2026-3844 — Breeze Cache move $tempgrava...

CVE-2026-3844

creationtimestamp| type| source ---|---|--- 2026-04-23 03:00:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116451785443473415 2026-04-23 03:00:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mk4zgzcg3k2g 2026-04-23 05:19:00+00:00| seen|...

EUVD-2026-3844

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in mwtemplates DeepDigital deepdigital allows Code Injection.This issue affects DeepDigital: from n/a through = 1.0.2...

CVE-2022-3844

A vulnerability, which was classified as problematic, was found in Webmin 2.001. Affected is an unknown function of the file xterm/index.cgi. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.003 is able to address this issu...

CVE-2020-3844

This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Users removed from an iMessage conversation may still be able to alter state...

CVE-2014-3844

The TinyMCE Color Picker plugin before 1.2 for WordPress does not properly check permissions, which allows remote attackers to modify plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information...

media-downloader-ez (=2.1.1) potentially affected by unknown CVE via nayan-videos-downloader (=0.0.1-security)

nayan-videos-downloader NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on nayan-videos-downloader and may be impacted: - media-downloader-ez =2.1.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-3844...

CVE-2025-3844 PeproDev Ultimate Profile Solutions 1.9.1 - 7.5.2 - Authentication Bypass to Account Takeover

The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2. This is due to handelajaxreq function not having proper restrictions on the changeusermeta functionality that makes it possible to set a OTP code and subsequently log in...

CVE-2025-3844 PeproDev Ultimate Profile Solutions 1.9.1 - 7.5.2 - Authentication Bypass to Account Takeover

The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to Authentication Bypass in versions 1.9.1 to 7.5.2. This is due to handelajaxreq function not having proper restrictions on the changeusermeta functionality that makes it possible to set a OTP code and subsequently log in...

WordPress PeproDev Ultimate Profile Solutions 1.9.1-7.5.2 plugin - Authentication Bypass to Account Takeover

Authentication Bypass to Account Takeover vulnerability discovered by kr0d in WordPress Plugin PeproDev Ultimate Profile Solutions versions 1.9.1-7.5.2...

Linux Distros Unpatched Vulnerability : CVE-2024-3844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome...

Advisory ROSA-SA-2025-2696

Software: systemd 239 OS: ROSA Virtualization 3.0 packageevrstring: systemd-239-78.0.1 CVE-ID: CVE-2019-3843 BDU-ID: 2022-00318 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the systemd service initialization and management subsystem is related to improper privilege assignment. Exploitation of...

Advisory ROSA-SA-2025-2650

Software: webmin 2.105 WASP: ROSA-CHROME packageevrstring: webmin-2.105-1 CVE-ID: CVE-2022-3844 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in Webmin allows basic client-side scripting to be run via the xterm/index.cgi function. CVE-STATUS: The vulnerability has been resolved CVE-REV...

openSUSE: Security Advisory for 389 (SUSE-SU-2024:3844-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2008-3844

creationtimestamp| type| source ---|---|--- 2024-07-01 14:30:24+00:00| seen| Telegram/2G0LL9YDDO0dQKSo5p4zQWAL-pbipATIxiBPSKqKsYKP6RG0 2024-07-01 14:33:02+00:00| seen| Telegram/w0w9iKcyXi70OnNrtP96yLy6sw-7f3qLcDmBnN0l3DtxqHg 2024-07-01 14:34:42+00:00| seen|...

openSUSE 15 Security Update : opera (openSUSE-SU-2024:0156-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0156-1 advisory. Update to 110.0.5130.64 CHR-9748 Update Chromium on desktop-stable-124-5130 to 124.0.6367.243 DNA-116317 Create outline or shadow around emojis o...

openSUSE Security Advisory (openSUSE-SU-2024:0128-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2024-0150)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Chromium: CVE-2024-3844 Inappropriate implementation in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...