134 matches found
MINI-3978-4FXH-VGQW
Bulletin has no description...
USN-8089-3 adsys, juju-core, lxd vulnerabilities
USN-8089-1 fixed vulnerabilities in Go Networking. This update provides the corresponding update to code vendored in LXD, ADSys, and Juju Core. Original advisory details: Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher, and Kaan Onarlioglu discovered that servers using Go...
CVE-2026-3978
creationtimestamp| type| source ---|---|--- 2026-03-11 23:37:11+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116213168958136766 2026-03-12 03:16:40+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3978 2026-03-12 16:17:58+00:00| seen|...
RHEL 9 : thunderbird (RHSA-2026:3978)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3978 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox:...
EUVD-2026-3978
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in temash Barberry barberry allows PHP Local File Inclusion.This issue affects Barberry: from n/a through = 2.9.9.87...
MiracleLinux 8 : container-tools:rhel8 (AXSA:2023-7318:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7318:02 advisory. go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper...
CVE-2023-3978 affecting package podman for versions less than 5.6.1-2
CVE-2023-3978 affecting package podman for versions less than 5.6.1-2. An upgraded version of the package is available that resolves this issue...
Security Bulletin: IBM Storage Fusion is affected by exposure of information through cross-site scripting or data queries (CVE-2023-45288, CVE-2023-3978)
Summary IBM Storage Fusion Data Foundation uses HTTP to communicate. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2023-45288, CVE-2023-3978. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: An attacker may cause an HTTP/...
CVE-2021-3978
When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service this could allow for a vector, when...
CVE-2019-3978
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially resulting in cache poisoning...
CVE-2025-3978 dazhouda lecms user_set.htm information disclosure
A vulnerability was found in dazhouda lecms 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/view/default/userset.htm. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclos...
CVE-2025-3978
CVE-2025-3978 affects dazhouda lecms 3.0.3. The vulnerability is in the file admin/view/default/user_set.htm, whose manipulation leads to information disclosure. Exploitation may be remote and some sources indicate the exploit is publicly disclosed. Multiple connected documents corroborate an acc...
CVE-2025-3978 dazhouda lecms user_set.htm information disclosure
A vulnerability was found in dazhouda lecms 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/view/default/userset.htm. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclos...
CVE-2023-3978 affecting package containerized-data-importer for versions less than 1.57.0-12
CVE-2023-3978 affecting package containerized-data-importer for versions less than 1.57.0-12. A patched version of the package is available...
Linux Distros Unpatched Vulnerability : CVE-2023-3978
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack...
CVE-2023-3978 affecting package kubevirt for versions less than 0.59.0-24
CVE-2023-3978 affecting package kubevirt for versions less than 0.59.0-24. A patched version of the package is available...
CVE-2023-3978 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-1
CVE-2023-3978 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-1. An upgraded version of the package is available that resolves this issue...
Azure Linux 3.0 Security Update: cert-manager / cni-plugins / kubevirt / multus / packer / prometheus-adapter (CVE-2023-3978)
The version of cert-manager / cni-plugins / kubevirt / multus / packer / prometheus-adapter installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3978 advisory. - Text nodes not in the HTML namespace ar...
DEBIAN-CVE-2021-3978
When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service this could allow for a vector, when...
CVE-2021-3978
When copying files with rsync, octorpki uses the "-a" flag 0, which forces rsync to copy binaries with the suid bit set as root. Since the provided service definition defaults to root https://github.com/cloudflare/cfrpki/blob/master/package/octorpki.service this could allow for a vector, when...