EUVD-2026-3907

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes uReach ureach allows PHP Local File Inclusion.This issue affects uReach: from n/a through = 1.3.3...

Linux Distros Unpatched Vulnerability : CVE-2021-3907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OctoRPKI does not escape a URI with a filename containing .., this allows a repository to create a file, ex...

CVE-2020-3907

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory...

CVE-2025-3907

creationtimestamp| type| source ---|---|--- 2025-04-23 21:10:15+00:00| seen| https://t.me/cvedetector/23598 2025-04-23 21:14:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnj4fbng762b...

CVE-2025-3907

Cross-Site Request Forgery CSRF vulnerability in Drupal Search API Solr allows Cross Site Request Forgery.This issue affects Search API Solr: from 0.0.0 before 4.3.9...

CVE-2025-3907

CVE-2025-3907 is a CSRF vulnerability in the Drupal Search API Solr module. The issue affects the module’s Solr integration for Drupal versions from 0.0.0 up to 4.3.8. The root cause is a CSRF flaw in routes handling within the Search API Solr integration, enabling unauthorized actions to be perf...

CentOS 7 : qemu-kvm-ma (RHSA-2020:3907)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3907 advisory. - qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for...

Debian: Security Advisory (DLA-3907-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3907

A vulnerability was found in Tenda AC500 2.0.1.91307. It has been rated as critical. This issue affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

CVE-2024-3907

CVE-2024-3907 affects Tenda AC500 2.0.1.9(1307). The vulnerability is in the formSetCfm function of /goform/setcfm, where manipulating the funcpara1 argument triggers a stack-based buffer overflow. It is a network‑bound issue with remote potential; the exploit has been disclosed publicly. Public ...

MAL-2024-528 Malicious code in wlwz-2312-3907 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 056c724b78daaf5a26109729864395a205dc27dedfc3b2ef5c10788eadd70701 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

UBUNTU-CVE-2023-3907

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner...

CVE-2023-3907 Improper User Management in GitLab

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner...

CVE-2023-3907

CVE-2023-3907 describes a privilege escalation in GitLab Enterprise Edition where a project Maintainer can use a Project Access Token to elevate their role to Owner. Affected versions are GitLab EE 16.0 up to but not including 16.4.4, 16.5 up to but not including 16.5.4, and 16.6 up to but not in...

CVE-2023-3907 Improper User Management in GitLab

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner...

FreeBSD : Gitlab -- vulnerabilities (e2fb85ce-9a3c-11ee-af26-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e2fb85ce-9a3c-11ee-af26-001b217b3468 advisory. - Gitlab reports: Smartcard authentication allows impersonation of arbitrary user using user's...

GitLab 16.0 < 16.4.4 / 16.5 < 16.5.4 / 16.6 < 16.6.2 (CVE-2023-3907)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access...

SUSE CVE-2011-3907

The view-source feature in Google Chrome before 16.0.912.63 allows remote attackers to spoof the URL bar via unspecified vectors...

CVE-2022-3907 Clerk < 4.0.0 - Authentication Bypass and API Keys Disclosure

The Clerk WordPress plugin before 4.0.0 is affected by time-based attacks in the validation function for all API requests due to the usage of comparison operators to verify API keys against the ones stored in the site options...

CVE-2022-3907 Clerk < 4.0.0 - Authentication Bypass and API Keys Disclosure

The Clerk WordPress plugin before 4.0.0 is affected by time-based attacks in the validation function for all API requests due to the usage of comparison operators to verify API keys against the ones stored in the site options...