98 matches found
CVE-2023-3980 Cross-site Scripting (XSS) - Stored in omeka/omeka-s
Cross-site Scripting XSS - Stored in GitHub repository omeka/omeka-s prior to 4.0.2...
CVE-2022-3980
creationtimestamp| type| source ---|---|--- 2022-11-17 15:52:41+00:00| seen| https://t.me/cibsecurity/53028 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-02-10 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-02-10...
CVE-2022-3980
An XML External Entity XEE vulnerability allows server-side request forgery SSRF and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4...
CVE-2022-3980
An XML External Entity XEE vulnerability allows server-side request forgery SSRF and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4...
CVE-2022-3980
CVE-2022-3980 affects Sophos Mobile on-premises (versions 5.0.0–9.7.4) and is caused by XML External Entity (XXE) processing, enabling SSRF and potential code execution. Exploitation could allow reading arbitrary server files and SSRF attacks; base CVSS v3.1 score is 9.8 (CRITICAL). Affected soft...
CVE-2021-3980
creationtimestamp| type| source ---|---|--- 2021-12-03 18:39:49+00:00| seen| https://t.me/cibsecurity/33317...
CVE-2021-3980
elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor...
CVE-2021-3980
elgg is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor...
CVE-2021-3980
CVE-2021-3980 affects elgg/elgg. The issue is information exposure due to insufficient access control in the view namespace forms/admin for AJAX requests, leading to potential private data leakage. Multiple connected sources (GHSA/HX6G-Q9V2-XH7V2, Veracode, RH Red Hat) describe lack of AdminGatek...
Exploit for Origin Validation Error in Solarwinds Dameware_Mini_Remote_Control
CVE-2019-3980 CVE-2019-3980 exploit written in win32/c++ open...
CVE-2020-3980
Summary: CVE-2020-3980 affects VMware Fusion 11.x. It is a privilege-escalation vulnerability tied to how Fusion configures the system-wide PATH, allowing a normal-privilege user to trick an admin into running malicious code on the host. The vulnerability is documented with a CVSSv3 base score up...
Vulnerabilities fixed in VMware Workstation, Fusion and Horizon
Vulnerabilities have been fixed in VMware Workstation, Fusion and Horizon. The vulnerability with reference CVE-2020-3980 relates to VMware Fusion and allows a malicious party to obtain elevated user privileges. The remaining CVE characteristics enable a malicious person to cause a...
KLA12099 Multiple vulnerabilities in VMware Workstation and Player
Multiple vulnerabilities were found in VMware Workstation and Player. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A out of bounds read vulnerability in Cortado ThinPrin...
Exploit for Origin Validation Error in Solarwinds Dameware_Mini_Remote_Control
CVE-2019-3980 This repo was created to utilize the Nessus POC...
Virtuozzo Linux Errata and Bugfix Advisory 2019:3980
Upstream security update. Follow RHBA-2019:3980 for details...
CVE-2019-3980
CVE-2019-3980 affects SolarWinds DameWare Mini Remote Control (DameWare Mini Remote Client) 12.1.0.89. The issue stems from the SmartCard authentication component, which allows a user to upload an executable to be run on the DWRCS.exe host due to unclear validation/confirmation. An unauthenticate...
Ubuntu: Security Advisory (USN-3980-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-3980
Consolidated details show CVE-2018-3980 affects ACD Systems Canvas Draw 5.0.0 in the TIFF parsing path, causing an exploitable out-of-bounds write that can overwrite memory and enable code execution when processing specially crafted TIFF images. Cisco Talos reports multiple TIFF-related out-of-bo...
Debian DSA-3980-1 : apache2 - security update (Optionsbleed)
Hanno Boeck discovered that incorrect parsing of Limit directives of .htaccess files by the Apache HTTP Server could result in memory disclosure. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisor...
Debian: Security Advisory (DSA-3980-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...