CGA-3893-P8H8-XVP4

Bulletin has no description...

CVE-2026-3893

The CVE-2026-3893 affects the Carlson VASCO-B GNSS Receiver. The connected PT-Security entry indicates attackers can exploit the absence of authentication to gain unauthenticated remote access, escalate privileges, and move laterally within manufacturing networks, enabling modification of configu...

CVE-2026-3893

The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing an attacker with network access to directly access and modify its configuration and operational functions without needing credentials...

CVE-2026-3893

creationtimestamp| type| source ---|---|--- 2026-04-23 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-113-02...

EUVD-2026-3893

Missing Authorization vulnerability in Tasos Fel Civic Cookie Control civic-cookie-control-8 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Civic Cookie Control: from n/a through = 1.53...

MiracleLinux 8 : firefox-102.3.0-6.el8.ML.1 (AXSA:2022-3893:24)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3893:24 advisory. Mozilla: Bypassing FeaturePolicy restrictions on transient pages CVE-2022-40959 Mozilla: Data-race when parsing non-UTF-8 URLs in threads...

MiracleLinux 7 : libvirt-4.5.0-10.el7.10 (AXSA:2019-3893:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3893:07 advisory. Security Fix - libvirt systemd Unit SocketMode virtlockd-admin-sock virtlogd-admin-sock CVE-2019-10132 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the...

Linux Distros Unpatched Vulnerability : CVE-2016-3893

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The wcdcalhwdepioctlshared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not...

CVE-2025-3893

creationtimestamp| type| source ---|---|--- 2025-05-23 10:48:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17379 2025-05-23 16:10:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lptzfcsolr2s...

CVE-2025-3893

CVE-2025-3893 affects MegaBIP; a high-privilege user can trigger an SQL Injection due to unsanitized input when asked to justify editing actions. Root cause: user-provided input is not sanitized, enabling injection into the database. Reported impacts in the CVSS metrics indicate high confidential...

CVE-2008-3893

Microsoft Bitlocker in Windows Vista before SP1 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer during boot, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer...

Oracle Linux 8 : kernel (ELSA-2025-3893)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3893 advisory. - ALSA: usb-audio: Fix out of bounds reads when finding clock sources Jarod Wilson RHEL-86737 CVE-2024-53150 - x86/xen: remove hypercall page Vitaly...

CVE-2024-3893 Classified Listing – Classified ads & Business Directory Plugin <= 3.0.10.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Deletion

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the rtclfbgalleryimagedelete AJAX action in all versions up to, and including, 3.0.10.3. This makes it possible for authenticate...

CVE-2024-3893

CVE-2024-3893 affects the Classified Listing – Classified ads & Business Directory Plugin for WordPress. A missing capability check in the rtcl_fb_gallery_image_delete AJAX action allows authenticated users with subscriber-level access and above to delete arbitrary attachments on all versions up ...

CVE-2024-3893 Classified Listing – Classified ads & Business Directory Plugin <= 3.0.10.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attachment Deletion

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the rtclfbgalleryimagedelete AJAX action in all versions up to, and including, 3.0.10.3. This makes it possible for authenticate...

WordPress Classified Listing Plugin <= 3.0.10.3 is vulnerable to Broken Access Control

Software Classified Listing Type Plugin Vulnerable versions = 3.0.10.3 Fixed in 3.0.11 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3893 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 79fa3de2925e Credits Lucio Sá Required...

CVE-2011-3893

creationtimestamp| type| source ---|---|--- 2024-03-25 11:49:23+00:00| seen| https://t.me/ETHICALHACKERSCOMMUNITY2/3889 2024-03-25 14:38:09+00:00| seen| Telegram/HKj6TR4hMohrGsEUcNFDijNGdim3MCZhggfzha3EYtXw 2024-03-25 14:38:09+00:00| seen| https://t.me/tengkorakcybercrewz/4400 2024-03-25...

CVE-2023-3893

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy...

CVE-2023-3893

CVE-2023-3893 describes a Kubernetes vulnerability where a user that can create pods on Windows nodes running kubernetes-csi-proxy may escalate to admin privileges on those nodes. The entry applies only to clusters that include Windows nodes with kubernetes-csi-proxy and indicates an impairment r...

CVE-2023-3893 Kubernetes - csi-proxy - Insufficient input sanitization leads to privilege escalation

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy...