72 matches found
MINI-3934-3W2W-6CFC
Bulletin has no description...
CVE-2026-3934 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-3934 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-3934
creationtimestamp| type| source ---|---|--- 2026-03-12 01:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260312 2026-03-13 03:54:15+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116219841835730721 2026-03-16 00:00:00+00:00| seen|...
CVE-2010-3934
The browser in Research In Motion RIM BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on the BlackBerry 9700 does not properly restrict cross-domain execution of JavaScript, which allows remote attackers to bypass the Same Origin Policy via vectors related to a window.open call and an...
CVE-2019-3934
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing the access code...
Debian: Security Advisory (DLA-3934-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
WordPress Mercado Pago payments for WooCommerce Plugin 7.3.0 - 7.6.1 is vulnerable to Arbitrary File Download
Software Mercado Pago payments for WooCommerce Type Plugin Vulnerable versions 7.3.0 - 7.6.1 Fixed in 7.6.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Arbitrary File Download CVE CVE-2024-3934 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID e624a5a01127...
CVE-2024-3934
creationtimestamp| type| source ---|---|--- 2024-07-20 07:15:34+00:00| seen| https://t.me/cvedetector/1244...
CVE-2024-3934 Mercado Pago payments for WooCommerce 7.3.0 - 7.6.1 - Authenticated (Subscriber+) Arbitrary File Download
The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to Path Traversal in versions 7.3.0 to 7.5.1 via the mercadopagoDownloadLog function. This makes it possible for authenticated attackers, with subscriber-level access and above, to download and read the contents of...
CVE-2023-3934
creationtimestamp| type| source ---|---|--- 2024-01-31 07:31:25+00:00| seen| https://t.me/ctinow/176516...
SUSE: Security Advisory (SUSE-SU-2023:3934-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2009-3934
The WebFrameLoaderClient::dispatchDidChangeLocationWithinPage function in src/webkit/glue/webframeloaderclientimpl.cc in Google Chrome before 3.0.195.32 allows user-assisted remote attackers to cause a denial of service via a page-local link, related to an "empty redirect chain," as demonstrated ...
CVE-2022-3934
creationtimestamp| type| source ---|---|--- 2022-12-12 20:21:07+00:00| seen| https://t.me/cibsecurity/54343...
CVE-2022-3934
The CVE-2022-3934 issue affects the WordPress FlatPM plugin pre-3.0.13. It is a reflected XSS vulnerability caused by insufficient sanitization/escaping of certain parameters before echoing them in pages, which could be exploited against high-privilege users (e.g., admins). Remediation per the co...
CVE-2022-3934 Flat PM < 3.0.13 - Reflected Cross-Site Scripting
The FlatPM WordPress plugin before 3.0.13 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Ubuntu: Security Advisory (USN-3934-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3934
ohmyzsh is vulnerable to Improper Neutralization of Special Elements used in an OS Command...
CVE-2021-3934
CVE-2021-3934 affects Oh My Zsh (ohmyzsh). The vulnerability stems from omz_urldecode using eval on unsanitized user input within the svn plugin, enabling command injection. Some sources describe a feasible attack path that could yield remote code execution depending on themes/plugins in use. Pub...
CVE-2021-3934 OS Command Injection in ohmyzsh/ohmyzsh
ohmyzsh is vulnerable to Improper Neutralization of Special Elements used in an OS Command...