CVE-2020-3970

VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.5, and Fusion 11.x before 11.5.5 contain an out-of-bounds read vulnerability in the Shader functionality. A malicious actor with non-administrative loc...

CVE-2013-3970

Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS 7.0r2 through 7.0r8 and 7.1r1 through 7.1r5 and Junos Pulse Access Control Service aka UAC with UAC OS 4.1r1 through 4.1r5 include a test Certification Authority CA certificate in the Trusted Server CAs list, which makes it easier...

CVE-2025-3970

A vulnerability classified as problematic has been found in baseweb JSite up to 1.0. Affected is an unknown function of the file /sys/office/save. The manipulation of the argument Remarks leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed t...

CVE-2025-3970

creationtimestamp| type| source ---|---|--- 2025-04-27 13:09:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13617 2025-04-27 15:35:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnslbq6qmf2s 2025-04-27 17:09:28+00:00| seen|...

CVE-2025-3970 baseweb JSite save cross site scripting

A vulnerability classified as problematic has been found in baseweb JSite up to 1.0. Affected is an unknown function of the file /sys/office/save. The manipulation of the argument Remarks leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed t...

RHSA-2025:3970

creationtimestamp| type| source ---|---|--- 2025-04-17 00:59:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12175...

Linux Distros Unpatched Vulnerability : CVE-2014-3970

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The partprecv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2011-3970

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...

CVE-2018-3970

creationtimestamp| type| source ---|---|--- 2024-10-08 14:32:29+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/109...

RHEL 9 : flatpak (RHSA-2024:3970)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3970 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: sandbox escape via...

RHEL 7 : pulseaudio (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - pulseaudio: denial of service in module-rtp-recv CVE-2014-3970 Note that Nessus has not tested for this issue but h...

CVE-2024-3970

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal...

CVE-2024-3970 Server-Side Request Forgery vulnerability in iManager

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal...

CVE-2024-3970

OpenText iManager 3.2.6.0200 is affected by a Server-Side Request Forgery vulnerability that could lead to sensitive information disclosure via directory traversal. The CVE-2024-3970 entry notes an exploitable condition with impact on confidentiality and requires no user interaction (CVSS v3.1: b...

CVE-2024-3970 Server-Side Request Forgery vulnerability in iManager

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal...

CVE-2011-3970

creationtimestamp| type| source ---|---|--- 2024-03-25 11:49:23+00:00| seen| https://t.me/ETHICALHACKERSCOMMUNITY2/3889 2024-03-25 14:38:09+00:00| seen| Telegram/HKj6TR4hMohrGsEUcNFDijNGdim3MCZhggfzha3EYtXw 2024-03-25 14:38:09+00:00| seen| https://t.me/tengkorakcybercrewz/810...

Janitza UMG Power Quality Measuring Improper Neutralization of Input During Web Page Generation (CVE-2015-3970)

Multiple cross-site scripting XSS vulnerabilities in the web interface on Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. This plugin only works with Tenable.ot. Please visit...

CVE-2023-3970

creationtimestamp| type| source ---|---|--- 2023-07-27 16:28:32+00:00| seen| https://t.me/cibsecurity/67316...

CVE-2023-3970

A vulnerability, which was classified as problematic, was found in GZ Scripts Availability Booking Calendar PHP 1.0. This affects an unknown part of the file /index.php?controller=GzUser&action=edit&id=1 of the component Image Handler. The manipulation of the argument img leads to cross site...

CVE-2023-3970

CVE-2023-3970 concerns the GZ Scripts Availability Booking Calendar PHP 1.0, specifically the Image Handler component. The vulnerability affects the file /index.php?controller=GzUser&action=edit&id=1 and arises from manipulation of the img argument, leading to cross-site scripting. Exploitation i...