@antv/gpt-vis-ssr (>=0.1.9 <=0.3.7), @jsr2npm/yao__gpt-vis-mcp (>=0.1.0 <=0.1.2-beta.1) +5 more potentially affected by unknown CVE via @antv/g-plugin-rough-canvas-renderer (=2.1.1)

@antv/g-plugin-rough-canvas-renderer NPM version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/g-plugin-rough-canvas-renderer and may be impacted: - @antv/gpt-vis-ssr =0.1.9, =0.1.0, =0.0.1, =0.2.1, =1.0.0, =1.0.0, =1.0.2 Source cves:...

CVE-2026-3951

creationtimestamp| type| source ---|---|--- 2026-03-11 19:16:23+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3951...

EUVD-2026-3951

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Töbel tobel allows PHP Local File Inclusion.This issue affects Töbel: from n/a through = 1.6...

WordPress WP-Optimize plugin < 4.2.0 - Admin+ SQLi vulnerability

Admin+ SQLi vulnerability discovered by Francisco Alisson in WordPress Plugin WP-Optimize versions 4.2.0...

CVE-2025-3951

The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations...

CVE-2025-3951 WP-Optimize < 4.2.0 - Admin+ SQLi

The WP-Optimize WordPress plugin before 4.2.0 does not properly escape user input when checking image compression statuses, which could allow users with the administrator role to conduct SQL Injection attacks in the context of Multi-Site WordPress configurations...

CVE-2025-3951

CVE-2025-3951 affects the WP-Optimize WordPress plugin prior to version 4.2.0. The issue is improper escaping of user input when checking image compression statuses, which could enable users with the administrator role in Multi-Site WordPress configurations to perform SQL Injection attacks. Publi...

CVE-2011-3951

The dpcmdecodeframe function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted stere...

Linux Distros Unpatched Vulnerability : CVE-2016-3951

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Double free vulnerability in drivers/net/usb/cdcncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service system...

CentOS 7 : firefox (RHSA-2024:3951)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:3951 advisory. - If a garbage collection was triggered at the right time, a use-after-free could have occurred during object transplant. This vulnerability affects...

Oracle Linux 7 : firefox (ELSA-2024-3951)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-3951 advisory. 115.12.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add...

CVE-2024-3951 Cross-site Scripting in PTC Codebeamer

PTC Codebeamer is vulnerable to a cross site scripting vulnerability that could allow an attacker to inject and execute malicious code...

CVE-2024-3951 Cross-site Scripting in PTC Codebeamer

PTC Codebeamer is vulnerable to a cross site scripting vulnerability that could allow an attacker to inject and execute malicious code...

PTC Codebeamer

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : PTC Equipment : Codebeamer Vulnerability : Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to inject malicious code in the...

CVE-2019-3951

creationtimestamp| type| source ---|---|--- 2024-03-11 15:16:45+00:00| seen| https://t.me/ctinow/204772...

VMware Workstation 15.0.x < 15.5.2 Cortado Thinprint DoS (VMSA-2020-0005)

The version of VMware Workstation installed on the remote Windows host is 15.0.x prior to 15.5.2. It is, therefore, affected by a flaw related to Cortado Thinprint and virtual printing that allows an attacker to overflow the heap leading to denial of service conditions. Note that Nessus has not...

CVE-2020-3951

CVE-2020-3951 describes a heap-overflow DoS in Cortado Thinprint affecting VMware Workstation 15.x (prior to 15.5.2) and Horizon Client for Windows 5.x (prior to 5.4.0). Exploitation requires non-administrative access to a guest VM with virtual printing enabled and targets the Thinprint service o...

KLA12095 DoS vulnerability in VMWare Workstation and Player

A denial of service vulnerability was found in VMWare Workstation and Player. Malicious users can exploit this vulnerability to cause denial of service. Original advisories VMSA-2020-0005 Related products VMware-Workstation VMware-Player CVE list CVE-2020-3951 warning Solution Update to the lates...

VMSA-2020-0005:VMware Workstation, Fusion, VMware Remote Console and Horizon Client updates address privilege escalation and denial-of-service vulnerabilities

Advisory ID: VMSA-2020-0005.2 CVSSv3 Range: 3.2-7.3 Issue Date:2020-03-17 Updated On: 2020-03-24 CVEs: CVE-2020-3950, CVE-2020-3951 Synopsis: VMware Workstation, Fusion, VMware Remote Console and Horizon Client updates address privilege escalation and denial-of-service vulnerabilities...

Advantech WebAccess SCADA Stack-based Buffer Overflow (CVE-2019-3975; CVE-2019-3951)

A stack-based buffer overflow vulnerability exists in the webvrpcs service of Advantech WebAccess. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...