CVE-2026-39392

creationtimestamp| type| source ---|---|--- 2026-04-07 20:07:13+00:00| published-proof-of-concept| https://github.com/ci4-cms-erp/ci4ms/security/advisories/GHSA-fjpj-6qcq-6pw2 2026-04-08 18:16:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miyvnxbmju27...

EUVD-2023-39392

Malicious code in bioql PyPI...

MAL-2025-39392 Malicious code in wng-fsgo (npm)

The package wng-fsgo was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2022-39392

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the...

CVE-2022-39392

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mappi...

CVE-2025-39392

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mojoomla WPAMS apartment-management allows Reflected XSS.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...

CVE-2025-39392

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mojoomla WPAMS apartment-management allows Reflected XSS.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...

CVE-2025-39392 WordPress WPAMS plugin <= 44.0 (17-08-2023) - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mojoomla WPAMS apartment-management allows Reflected XSS.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...

CVE-2025-39392

CVE-2025-39392 : Reflected XSS in WPAMS (WordPress Apartment Management System) plugin for WordPress, affecting versions up to 44.0 (as of 17-08-2023). Root cause: improper neutralization of input during web page generation. Exploitation details are not provided in the connected documents. Remedi...

CVE-2024-39392

creationtimestamp| type| source ---|---|--- 2024-08-02 09:50:18+00:00| seen| https://t.me/cvedetector/2335...

CVE-2024-39392 Adobe Indesign 2024 EPS File Parsing Heap Memory Corruption Remote Code Execution Vulnerability

InDesign Desktop versions ID18.5.2, ID19.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-39392

Concrete details exist: the CVE-2023-39392 entry concerns insecure signatures in the OsuLogin/osulogin module, enabling possible tampering where an attacker could modify/overwrite OsuLogin. This is echoed across connected records (e.g., Huawei HarmonyOS/CNVD entries) describing a security restric...

CVE-2022-39392

creationtimestamp| type| source ---|---|--- 2022-11-13 05:45:22+00:00| seen| https://t.me/cibsecurity/52892...

CVE-2022-39392

CVE-2022-39392 affects Wasmtime’s pooling instance allocator when InstanceLimits::memory_pages is set to zero. In this configuration, the virtual memory mapping for WebAssembly memories can fail to meet safety requirements, allowing out-of-bounds reads/writes to access memory outside the wasm san...

CVE-2022-39392 Wasmtime vulnerable to out of bounds read/write with zero-memory-pages configuration

Wasmtime is a standalone runtime for WebAssembly. Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. In this configuration, the virtual memory mappi...

auto-wasi (=0.1.0), candid-extractor (>=0.1.0 <=0.1.2) +99 more potentially affected by CVE-2022-39392 via wasmtime (>=0.10.0 <=12.0.2)

wasmtime CARGO version =0.10.0, =0.1.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.5.0, =0.0.1-alpha, =0.40.1, =0.45.0, =0.1.0, =0.3.0 - inkpad-executor =0.1.0 and more Source cves: CVE-2022-39392 Source advisory: OSV:RUSTSEC-2022-0102...

CVE-2021-39392

The management tool in MyLittleBackup up to and including 1.7 allows remote attackers to execute arbitrary code because machineKey is hardcoded the same for all customers' installations in web.config, and can be used to send serialized ASP code...

CVE-2021-39392

CVE-2021-39392 affects MyLittleBackup (up to and including 1.7). The issue is a hardcoded machineKey in web.config, shared across installations, enabling remote attackers to send serialized ASP code and achieve arbitrary code execution. The vulnerability is described as a remote, network-based ri...

VMWare Tools软件包库引用代码执行漏洞

BUGTRAQ ID: 39392 CVE ID: CVE-2010-1141 VMWare是一款虚拟PC软件，允许在一台机器上同时运行两个或多个Windows、DOS、LINUX系统。 VMWare产品中所使用的VMWare Tools软件包没有正确地访问函数库，Windows平台的Guest操作系统用户受骗点击了网络共享上所存储的文件就会导致执行任意代码。 VMWare Workstation 5.5.x VMWare ACE 2.5.x VMWare Player 2.5.x VMWare Server 2.x VMWare Fusion 2.x VMWare ESX 4.0...