172 matches found
CVE-2026-3872 vulnerabilities
Vulnerabilities for packages: keycloak...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +191 more potentially affected by CVE-2026-3872 via org.keycloak:keycloak-services (>=10.0.0 <=26.5.6)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...
CVE-2026-3872
creationtimestamp| type| source ---|---|--- 2026-04-02 14:55:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mijhluvetx27 2026-04-02 15:20:57+00:00| seen| Telegram/1FZmwvj65iY9NiI7VGWCBujhZKTilfhPPvdqi0EqVANQnis 2026-04-02 15:59:10+00:00| seen|...
Important: Red Hat Security Advisory: Red Hat build of Keycloak 26.2.15 Images Update
New images are available for Red Hat build of Keycloak 26.2.15 and Red Hat build of Keycloak 26.2.15 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Ha...
CGA-3872-6R6F-253C
Bulletin has no description...
CVE-2024-3872
Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks, which allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link...
CVE-2025-3872
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon centreon-web User configuration form modules allows SQL Injection. A user with high privileges is able to become administrator by intercepting the contact form request and altering its...
CVE-2025-3872
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon centreon-web User configuration form modules allows SQL Injection. A user with high privileges is able to become administrator by intercepting the contact form request and altering its...
CVE-2025-3872
creationtimestamp| type| source ---|---|--- 2025-04-24 10:08:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13214 2025-04-24 13:03:34+00:00| seen| https://t.me/cvedetector/23651 2025-04-24 13:11:24+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114393106631815821 2025-04-24...
CVE-2025-3872 Privilege escalation by altering payload in contact form
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon centreon-web User configuration form modules allows SQL Injection. A user with high privileges is able to become administrator by intercepting the contact form request and altering its...
CVE-2025-3872 Privilege escalation by altering payload in contact form
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon centreon-web User configuration form modules allows SQL Injection. A user with high privileges is able to become administrator by intercepting the contact form request and altering its...
Linux Distros Unpatched Vulnerability : CVE-2022-3872
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and...
Linux Distros Unpatched Vulnerability : CVE-2021-3872
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3872 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL...
Azure Linux 3.0 Security Update: qemu / qemu-kvm (CVE-2022-3872)
The version of qemu / qemu-kvm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3872 advisory. - An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing...
CVE-2024-3872
Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks, which allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link...
CVE-2024-3872
Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks, which allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link...
CVE-2024-3872
Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks, which allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link...
turramurra.century21.com.au Cross Site Scripting vulnerability OBB-3895269
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Rocky Linux 8 : vim (RLSA-2022:0366)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0366 advisory. - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3872, CVE-2021-3984, CVE-2021-4019 - vim is vulnerable to Use After Free CVE-2021-4192 - vim ...
Advisory ROSA-SA-2023-2214
Software: vim 8.0.1763 OS: ROSA Virtualization 2.1 packageevrstring: vim-8.0.1763-19.rv3.4.src.rpm CVE-ID: CVE-2021-3796 BDU-ID: 2021-05417 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the nvreplace function of the VIM text editor is related to memory usage after it has been freed. Exploitation o...