MINI-XGMR-777H-3894

Bulletin has no description...

EUVD-2026-3894

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in winkm89 teachPress teachpress allows Stored XSS.This issue affects teachPress: from n/a through = 9.0.12...

MiracleLinux 7 : java-11-openjdk-11.0.3.7-0.el7 (AXSA:2019-3894:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3894:02 advisory. OpenJDK: Slow conversion of BigDecimal to long Libraries, 8211936 CVE-2019-2602 OpenJDK: Incorrect skeleton selection in RMI registry server-side...

EUVD-2009-4052

Malware in sbrugna...

CVE-2025-3894 Stored XSS in MegaBIP

Text editor embedded into MegaBIP software does not neutralize user input allowing Stored XSS attacks on other users. In order to use the editor high privileges are required. Version 5.20 of MegaBIP fixes this issue...

Linux Distros Unpatched Vulnerability : CVE-2021-3894

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was n...

CVE-2024-3894 Photo Gallery, Images, Slider in Rbs Image Gallery <= 3.2.19 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title

The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an Image Title in all versions up to, and including, 3.2.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

WordPress Robo Gallery Plugin <= 3.2.19 is vulnerable to Cross Site Scripting (XSS)

Software Robo Gallery Type Plugin Vulnerable versions = 3.2.19 Fixed in 3.2.20 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3894 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a3d2a09e0eba Credits Tim Coen Required privile...

Security Bulletin: Content Manager Enterprise Edition for March 2024 - CVE-2023-3894

Summary Content Manager Enterprise Edition is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-389...

SUSE: Security Advisory (SUSE-SU-2023:3894-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2023-3894

Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

com.arassec.igor:igor-spring-boot-starter (>=0.6.7 <=0.6.8), com.arassec.igor:igor-standalone (>=0.6.7 <=0.6.8) +211 more potentially affected by CVE-2023-3894 via com.fasterxml.jackson.dataformat:jackson-dataformat-toml (>=2.12.3 <=2.14.2)

com.fasterxml.jackson.dataformat:jackson-dataformat-toml MAVEN version =2.12.3, =0.6.7, =0.6.7, =0.6.7, =0.0.1, =0.18.3, =0.18.3, =0.18.3, =0.18.3, =0.18.3, =0.18.3, =2023.2, =1.1.6, =3.0.0-snapshot.20240126.12648.0.va9dc2d63, =3.0.0-snapshot.20240126.12648.0.va9dc2d63,...

CVE-2023-3894

Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

CVE-2023-3894 DOS in jackson-dataformats-text

Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

CVE-2023-3894

CVE-2023-3894 affects FasterXML jackson-dataformats-text when parsing TOML, enabling potential DoS via stack overflow. IBM Cloud Pak System products list this CVE among vulnerabilities and recommend upgrading to Cloud Pak System 2.3.3.7 (Interim Fix 1) for general 2.3.x, or to Cloud Pak System 2....

CVE-2023-3894 DOS in jackson-dataformats-text

Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack...

CVE-2022-3894

creationtimestamp| type| source ---|---|--- 2023-03-20 21:04:17+00:00| seen| https://t.me/cibsecurity/60330 2025-02-26 19:24:09+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5579...

SUSE CVE-2009-3894

Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in 1 the current working directory or 2 a certain subdirectory of the current working directory...

SUSE CVE-2021-3894

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2020-3894

creationtimestamp| type| source ---|---|--- 2022-07-04 19:19:27+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1029...