CVE-2026-3870

A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...

@antv/dipper (>=0.0.3 <=0.0.4), @antv/dipper-widgets (>=0.0.2 <=0.0.4) potentially affected by unknown CVE via @antv/dipper-component (>=0.0.2 <=0.0.4)

@antv/dipper-component NPM version =0.0.2, =0.0.3, =0.0.2, =0.0.4 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3870...

EUVD-2018-15657

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-3870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - omx/SimpleSoftOMXComponent.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and...

CVE-2020-3870

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. Processing a maliciously crafted image may lead to arbitrary code execution...

CVE-2014-3870

Cross-site scripting XSS vulnerability in the bib2html plugin 0.9.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the styleShortName parameter in an adminStyleAdd action to OSBiB/create/index.php...

CVE-2025-3870

creationtimestamp| type| source ---|---|--- 2025-04-25 09:07:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13394 2025-04-25 10:44:56+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnmxljsersj2 2025-04-25 13:19:31+00:00| seen|...

WordPress 1 Decembrie 1918 plugin <= 1.dec.2012 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin 1 Decembrie 1918 versions = 1.dec.2012...

Linux Distros Unpatched Vulnerability : CVE-2010-3870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The utf8decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it...

CVE-2019-3870 affecting package samba for versions less than 4.18.3-1

CVE-2019-3870 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...

Synology DiskStation Manager Samba Incorrect Default Permissions (CVE-2019-3870)

A vulnerability was found in Samba from version including 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner root only access. However in some...

CVE-2024-3870 Contact Form 7 Database Addon – CFDB7 <= 1.2.6.8 - Unauthenticated Sensitive Information Exposure

The Contact Form 7 Database Addon – CFDB7 plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.6.8 via the cfdb7beforesendmail function. This can allow unauthenticated attackers to extract sensitive data, such as Personally Identifiable...

WordPress Contact Form 7 Database Addon – CFDB7 Plugin <= 1.2.6.8 is vulnerable to Sensitive Data Exposure

Software Contact Form 7 Database Addon – CFDB7 Type Plugin Vulnerable versions = 1.2.6.8 Fixed in 1.2.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-3870 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b218289620d7 Credits Ti...

GitLab 10.0 < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-3870)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. GitL...

CVE-2023-3870

...

CVE-2023-3870

CVE-2023-3870 entry is rejected/not used per initial description.

K20804356: Samba vulnerabilities CVE-2019-3870 and CVE-2019-3880

Security Advisory Description CVE-2019-3870 A vulnerability was found in Samba from version including 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that...

GitLab < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-3870)

The version of GitLab installed on the remote host is prior to 15.5.7, 15.6.4, 15.7.2. It is, therefore, affected by an information disclosure vulnerability as referenced in the SECURITY-RELEASE-GITLAB-15-7-2-RELEASED advisory. - An issue has been discovered in GitLab CE/EE affecting all versions...

CVE-2022-3870

creationtimestamp| type| source ---|---|--- 2023-01-12 07:29:57+00:00| seen| https://t.me/cibsecurity/56407...

CVE-2022-3870

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. GitLab allows unauthenticated users to download user avatars using the victim's user ID, on private...