116 matches found
CVE-2026-3881
creationtimestamp| type| source ---|---|--- 2026-03-31 09:55:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3midvvg7m372j...
Linux Distros Unpatched Vulnerability : CVE-2016-3881
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The decoderpeeksiinternal function in vp9/vp9dxiface.c in libvpx in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before...
CVE-2022-3881
The WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log WordPress plugin before 3.43 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and...
CVE-2025-3881
eCharge Hardy Barth cPH2 checkreq.php ntp Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this...
CVE-2025-3881 eCharge Hardy Barth cPH2 check_req.php ntp Command Injection Remote Code Execution Vulnerability
eCharge Hardy Barth cPH2 checkreq.php ntp Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this...
CVE-2025-3881 eCharge Hardy Barth cPH2 check_req.php ntp Command Injection Remote Code Execution Vulnerability
eCharge Hardy Barth cPH2 checkreq.php ntp Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of eCharge Hardy Barth cPH2 charging stations. Authentication is not required to exploit this...
CVE-2025-3881
The CVE-2025-3881 entry concerns the eCharge Hardy Barth cPH2 charging stations. A vulnerability in the ntp parameter handling of the /check_req.php endpoint allows command injection, due to insufficient validation of a user-supplied string used in a system call. This can enable remote code execu...
CVE-2025-3881
creationtimestamp| type| source ---|---|--- 2025-04-23 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-247/ 2025-05-22 01:43:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17226 2025-05-22 05:15:26+00:00| seen|...
Linux Distros Unpatched Vulnerability : CVE-2019-3881
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home...
Linux Distros Unpatched Vulnerability : CVE-2010-3881
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive...
Cisco IOS Telnet Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOS Telnet Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the Cisco IOS telnet service...
RHEL 8 : 2.5_rubygem-bundler (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code CVE-2019-3881 No...
RHEL 8 : rubygem-bundler (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - rubygem-bundler: Insecure permissions on directory in /tmp/ allows for execution of malicious code CVE-2019-3881 No...
Ubuntu 18.04 ESM : Bundler vulnerability (USN-4870-1)
The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4870-1 advisory. It was discovered that Bundler incorrectly created directories with insecure permissions in /tmp. An attacker could write malicious libraries to this location for...
CVE-2023-3881
creationtimestamp| type| source ---|---|--- 2023-07-25 12:28:10+00:00| seen| Telegram/Dk4dFMrUKFmfUV1xi8ulv3GlXwjB55Of05lsTPgDhS5OcF0...
CVE-2023-3881
A vulnerability classified as critical was found in Campcodes Beauty Salon Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument contactno leads to sql injection. The attack can be launched...
CVE-2023-3881
Campcodes Beauty Salon Management System 1.0 is affected in the /admin/forgot-password.php function. The vulnerability arises from unsafely handling the contactno parameter, enabling remote SQL injection. Exploitation has been disclosed publicly. Remediation/mitigation notes from connected source...
CVE-2022-3881
CVE-2022-3881 concerns the WordPress WPTools plugin, affected versions before 3.43. The issue is improper authorization and CSRF in an AJAX action, allowing any authenticated user (e.g., a subscriber) to install and activate arbitrary plugins from wordpress.org. Root cause: missing CSRF/authoriza...
CVE-2022-3881 WPTools < 3.43 - Subscriber+ Arbitrary Plugin Installation
The WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log WordPress plugin before 3.43 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and...
CVE-2022-3881 WPTools < 3.43 - Subscriber+ Arbitrary Plugin Installation
The WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log WordPress plugin before 3.43 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and...