MiracleLinux 4 : libxml2-2.7.6-4.1.0.1.AXS4 (AXSA:2012-62:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-62:01 advisory. This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes...

CVE-2025-3905

CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists impacting PLC system variables that could cause an unvalidated data injected by authenticated malicious user leading to modify or read data in a victim’s browser...

CVE-2025-3905

creationtimestamp| type| source ---|---|--- 2025-06-10 09:33:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17854 2025-06-24 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-03 2025-06-25 10:49:24+00:00| published-proof-of-concept| https://t.me/icscert/1198...

CVE-2025-3905

CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists impacting PLC system variables that could cause an unvalidated data injected by authenticated malicious user leading to modify or read data in a victim’s browser...

CVE-2025-3905

CVE-2025-3905 is a cross-site scripting (CWE-79) vulnerability affecting Schneider Electric Modicon Controllers (notably M241/M251/M258/LMC058/M262). The issue arises from improper input neutralization during web page generation, allowing an authenticated malicious user to inject unvalidated data...

CVE-2025-3905

CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists impacting PLC system variables that could cause an unvalidated data injected by authenticated malicious user leading to modify or read data in a victim’s browser...

CVE-2020-3905

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges...

Linux Distros Unpatched Vulnerability : CVE-2021-3905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memor...

Linux Distros Unpatched Vulnerability : CVE-2015-3905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the setcsstart function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service crash and possibly execute...

openSUSE Security Advisory (SUSE-SU-2024:3905-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : openvswitch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openvswitch: limitation in the OVS packet parsing in userspace leads to DoS CVE-2020-35498 - openvswitch:...

CVE-2024-3905 Tenda AC500 execCommand R7WebsSecurityHandler stack-based overflow

A vulnerability was found in Tenda AC500 2.0.1.91307. It has been classified as critical. This affects the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to initiate the attack remotely...

Cisco Unified SIP Phone 3905 Permissions, Privileges, and Access Controls (CVE-2014-0721)

The Cisco Unified SIP Phone 3905 with firmware before 9.41 allows remote attackers to obtain root access via a session on the test interface on TCP port 7870, aka Bug ID CSCuh75574. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Cisco SIP Phone 3905 Resource Limitation Denial of Service (CVE-2015-6391)

Cisco Unified SIP 3905 phones allow remote attackers to cause a denial of service resource consumption and functionality loss via a large amount of network traffic, aka Bug ID CSCuh51331. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

Malicious code in wlwz-2312-3905 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 85d95981fea3ccb3d5c3180f7b33ec927c5738d26968302a7a2e0cb87e903950 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2021-3905

creationtimestamp| type| source ---|---|--- 2023-12-01 09:08:00+00:00| seen| https://t.me/arpsyndicate/850...

CVE-2022-3905

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

CVE-2021-3905 affecting package openvswitch 2.15.7-1

CVE-2021-3905 affecting package openvswitch 2.15.7-1. A patched version of the package is available...

CVE-2021-3905

A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...

CVE-2021-3905

Open vSwitch (OVS) is affected by CVE-2021-3905: a memory leak in userspace IP fragmentation processing could allow an attacker to exhaust memory by continuously sending packet fragments. The issue is in OVS, and exploitation would target memory consumption, with an impact on availability. Remedi...