EUVD-2026-3971

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AivahThemes Anona anona allows Path Traversal.This issue affects Anona: from n/a through = 8.0...

CVE-2022-3971

A vulnerability was found in matrix-appservice-irc up to 0.35.1. It has been declared as critical. This vulnerability affects unknown code of the file src/datastore/postgres/PgDataStore.ts. The manipulation of the argument roomIds leads to sql injection. Upgrading to version 0.36.0 is able to...

CVE-2020-3971

VMware ESXi 6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG, Workstation 15.x before 15.0.2, and Fusion 11.x before 11.0.2 contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3...

CVE-2019-3971

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPCDATAGRAM, which triggers an Access Violation due to hardcoded NULLs used fo...

CVE-2025-3971

creationtimestamp| type| source ---|---|--- 2025-04-27 14:09:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13620 2025-04-27 15:35:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnslbq3rqg2v 2025-04-27 16:00:33+00:00| published-proof-of-concept|...

CVE-2025-3971

Affected software: PHPGurukul COVID19 Testing Management System 1.0. The vulnerability is in an unknown functionality of the file /add-phlebotomist.php, where manipulating the empid parameter leads to SQL injection. The issue is exploitable remotely and has been publicly disclosed. Impact is desc...

Debian: Security Advisory (DLA-3971-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3971

The Similarity WordPress plugin through 3.0 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

CVE-2024-3971

The CVE CVE-2024-3971 concerns the Similarity WordPress plugin (

CVE-2024-3971 Similarity <= 3.0 - Plugin Reset via CSRF

The Similarity WordPress plugin through 3.0 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

WordPress Similarity Plugin <= 3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Similarity Type Plugin Vulnerable versions = 3.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3971 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9a13b3ce24a3 Credits Bob Matyas Required privilege...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update (Moderate) (RHSA-2023:4590)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4590 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...

CVE-2023-3971

creationtimestamp| type| source ---|---|--- 2023-10-04 18:12:25+00:00| seen| https://t.me/cibsecurity/71590...

CVE-2023-3971 Controller: html injection in custom login info

An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise...

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.3 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.3 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:4340)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4340 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...

SUSE CVE-2012-3971

Summer Institute of Linguistics SIL Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via vectors related to the 1 Silf::readClassMap and 2...

CVE-2022-3971

creationtimestamp| type| source ---|---|--- 2022-11-16 07:54:48+00:00| seen| https://t.me/cibsecurity/52994...

SUSE: Security Advisory (SUSE-SU-2022:3971-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-3971

A vulnerability was found in matrix-appservice-irc up to 0.35.1. It has been declared as critical. This vulnerability affects unknown code of the file src/datastore/postgres/PgDataStore.ts. The manipulation of the argument roomIds leads to sql injection. Upgrading to version 0.36.0 is able to...