EUVD-2026-3851

Server-Side Request Forgery SSRF vulnerability in wbolt.com IMGspider imgspider allows Server Side Request Forgery.This issue affects IMGspider: from n/a through = 2.3.12...

CVE-2020-3851

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application...

CVE-2025-3851 Download Manager and Payment Form WordPress Plugin – WP SmartPay 1.1.0 - 2.7.13 - Authenticated (Subscriber+) Information Exposure

The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 1.1.0 to 2.7.13 via the show function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, wit...

CVE-2025-3851 Download Manager and Payment Form WordPress Plugin – WP SmartPay 1.1.0 - 2.7.13 - Authenticated (Subscriber+) Information Exposure

The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 1.1.0 to 2.7.13 via the show function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, wit...

WordPress WP SmartPay plugin 1.1.0-2.7.13 - Authenticated (Subscriber+) Information Exposure vulnerability

Authenticated Subscriber+ Information Exposure vulnerability discovered by kr0d in WordPress Plugin WP SmartPay versions 1.1.0-2.7.13...

openSUSE: Security Advisory for the Linux Kernel (Live Patch 25 for SLE 15 SP4) (SUSE-SU-2024:3851-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3851

A stored Cross-Site Scripting XSS vulnerability exists in the 'imartinez/privategpt' repository due to improper validation of file uploads. Attackers can exploit this vulnerability by uploading malicious HTML files, such as those containing JavaScript payloads, which are then executed in the...

CVE-2024-3851 Unrestricted File Upload Leading to XSS in imartinez/privategpt

A stored Cross-Site Scripting XSS vulnerability exists in the 'imartinez/privategpt' repository due to improper validation of file uploads. Attackers can exploit this vulnerability by uploading malicious HTML files, such as those containing JavaScript payloads, which are then executed in the...

CVE-2024-3851 Unrestricted File Upload Leading to XSS in imartinez/privategpt

A stored Cross-Site Scripting XSS vulnerability exists in the 'imartinez/privategpt' repository due to improper validation of file uploads. Attackers can exploit this vulnerability by uploading malicious HTML files, such as those containing JavaScript payloads, which are then executed in the...

K8918: Linux kernel vulnerability CVE-2007-3851

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

SUSE: Security Advisory (SUSE-SU-2021:3851-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : xen (SUSE-SU-2021:3851-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3851-1 advisory. - PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which...

CVE-2021-3851

firefly-iii is vulnerable to URL Redirection to Untrusted Site...

CVE-2021-3851

firefly-iii is vulnerable to URL Redirection to Untrusted Site...

CVE-2021-3851 Open Redirect in firefly-iii/firefly-iii

firefly-iii is vulnerable to URL Redirection to Untrusted Site...

CVE-2021-3851

CVE-2021-3851 affects firefly-iii (open-source personal finance app). Connected sources describe an Open Redirect vulnerability in the web application, enabling redirection to untrusted sites during a user flow (notably the bills/store flow where aReferer-based redirect can be manipulated to forw...

CVE-2020-3851

CVE-2020-3851 describes a use-after-free vulnerability in the IOThunderboltFamily in macOS, enabling a local attacker to gain elevated privileges due to memory management issues. Apple and Red Hat entries confirm that the flaw could allow privilege escalation and that patches exist: macOS Catalin...

CVE-2020-3851

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application...

macOS 10.15.x < 10.15.4 / 10.14.x < 10.14.6 Security Update 2020-002 / 10.13.x < 10.13.6 Security Update 2020-002

The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.6 Security Update 2020-002, 10.14.x prior to 10.14.6 Security Update 2020-002, or 10.15.x prior to 10.15.4. It is, therefore, affected by multiple vulnerabilities : - Insufficient control flow in certain data...

CVE-2019-3851

CVE-2019-3851 affects Moodle prior to 3.6.3 and 3.5.5, where the Boost theme’s secure layout contains a link to the site home that allows users (e.g., students) to navigate out of the current page. The available connected documents consistently describe this as an unauthorized navigation issue, e...