MINI-2XVV-3953-PXR5

Bulletin has no description...

CVE-2026-3953

creationtimestamp| type| source ---|---|--- 2026-05-07 14:22:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlbg3n7zhr2c 2026-05-07 21:07:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlc4ouq2po2z...

EUVD-2026-3953

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech MaxShop swmaxshop allows PHP Local File Inclusion.This issue affects MaxShop: from n/a through = 3.6.20...

CVE-2019-3953

Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated attacker to execute arbitrary code by sending a crafted IOCTL 10012 RPC call...

CVE-2025-3953

The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'optionUpdater' function in all versions up to, and including, 14.13.3. This makes it possible for authenticated...

CVE-2025-3953

The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'optionUpdater' function in all versions up to, and including, 14.13.3. This makes it possible for authenticated...

CVE-2025-3953

creationtimestamp| type| source ---|---|--- 2025-04-30 06:14:20+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13986 2025-04-30 09:33:17+00:00| seen| https://t.me/cvedetector/24072 2025-04-30 10:00:15+00:00| seen|...

CVE-2025-3953 WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin <= 14.13.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Update

The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'optionUpdater' function in all versions up to, and including, 14.13.3. This makes it possible for authenticated...

CVE-2025-3953 WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin <= 14.13.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Settings Update

The WP Statistics – The Most Popular Privacy-Friendly Analytics Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'optionUpdater' function in all versions up to, and including, 14.13.3. This makes it possible for authenticated...

WordPress WP Statistics plugin <= 14.13.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary plugin Settings Update vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary plugin Settings Update vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin WP Statistics versions = 14.13.3...

openSUSE: Security Advisory for mdadm (SUSE-SU-2023:3953-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-3953 affecting package exiv2 for versions less than 0.28.0-1

CVE-2022-3953 affecting package exiv2 for versions less than 0.28.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-3953

creationtimestamp| type| source ---|---|--- 2023-08-09 18:15:02+00:00| seen| https://t.me/cibsecurity/68099...

CVE-2023-3953

The CVE-2023-3953 entry concerns Schneider Electric Pro-face GP-Pro EX. A memory buffer overflow due to improper manipulation of memory buffer bounds can cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX. Connected sources (CNVD-2023-64088 and PT-2023-419...

CVE-2022-3953

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

Ubuntu: Security Advisory (USN-3953-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-3953

CVE-2020-3953 (and CVE-2020-3954) affect VMware vRealize Log Insight prior to 8.1.0 (and 4.x) due to improper input validation. Root cause: input validation failure enabling Cross Site Scripting (XSS) in the UI. Impact described as stored XSS potentially allowing payloads to execute in other user...

Ubuntu: Security Advisory (USN-4030-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-3953

Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows a remote, unauthenticated attacker to execute arbitrary code by sending a crafted IOCTL 10012 RPC call...

CVE-2019-3953

CVE-2019-3953 affects Advantech WebAccess/SCADA 8.4.0. A stack-based buffer overflow exists when handling IOCTL 10012 RPC calls, allowing a remote, unauthenticated attacker to execute arbitrary code. The entry is corroborated by multiple sources (NVD and national/national vulnerability databases)...