104 matches found
CVE-2022-3983
creationtimestamp| type| source ---|---|--- 2022-12-19 16:10:31+00:00| seen| https://t.me/cibsecurity/54858 2025-04-17 13:57:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12220...
CVE-2022-3983 Checkout for PayPal < 1.0.14 - Contributor+ Stored XSS
The Checkout for PayPal WordPress plugin before 1.0.14 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2022-3983
CVE-2022-3983 affects the WordPress plugin “Checkout for PayPal” prior to version 1.0.14. The vulnerability arises because the plugin does not validate and escape some shortcode attributes before outputting them, which can enable stored Cross-Site Scripting by a user with as little as a Contribut...
Ubuntu: Security Advisory (USN-3983-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3983
creationtimestamp| type| source ---|---|--- 2021-12-01 14:35:42+00:00| seen| https://t.me/cibsecurity/33183...
CVE-2021-3983
kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2021-3983
CVE-2021-3983 affects kimai2 and is documented as an Improper Neutralization of Input During Web Page Generation (XSS). Root cause identified across sources as inadequate input neutralization in web page generation. Reported as a Cross-site Scripting vulnerability with MEDIUM impact categories; e...
CVE-2019-3983
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code and commands on the device due to insufficient UART protections...
CVE-2019-3983
Blink XT2 Sync Module firmware prior to 2.13.11 is affected by a vulnerability due to insufficient UART protections, allowing remote attackers to execute arbitrary code and commands on the device. The issue is documented as CVE-2019-3983 with the affected product being the Blink XT2 Sync Module a...
CVE-2018-3983
Summary: CVE-2018-3983 affects Atlantis Word Processor’s Word Document parser. An exploitable uninitialized pointer in the parsing pipeline can occur when handling the WordDocument structure (notably involving TTableRow/TField lists). A crafted .doc can cause an array fetch to return an uninitial...
Ubuntu 14.04 LTS : linux vulnerabilities (USN-3983-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...
CVE-2017-3983
CVE-2017-3983 is rejected/not used and does not represent an active vulnerability entry.
CVE-2017-3983
...
Debian DSA-3983-1 : samba - security update
Multiple security issues have been discoverd in Samba, a SMB/CIFS file, print, and login server for Unix : - CVE-2017-12150 Stefan Metzmacher discovered multiple code paths where SMB signing was not enforced. - CVE-2017-12151 Stefan Metzmacher discovered that tools using libsmbclient did not...
CVE-2016-3983
McAfee Advanced Threat Defense ATD before 3.4.8.178 might allow remote attackers to bypass malware detection by leveraging information about the parent process...
CVE-2016-3983
McAfee Advanced Threat Defense (ATD) before version 3.4.8.178 may allow remote attackers to bypass malware detection by leveraging information about the parent process. The connected sources confirm this is a vulnerability in ATD with no public exploit details provided in the documents. No remedi...
CVE-2016-3983
McAfee Advanced Threat Defense ATD before 3.4.8.178 might allow remote attackers to bypass malware detection by leveraging information about the parent process...
Fedora Update for pcs FEDORA-2015-8765
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PCS Daemon (pcsd) Cookie Signing Multiple Vulnerabilities
The remote host is affected by multiple vulnerabilities due to a failure by the PCS daemon pcsd to properly set flags in the 'Set-Cookie' header : - A security bypass vulnerability exists due to a failure to set the 'secure' flag. A remote attacker can exploit this to spoof cookies and bypass...
Fedora 21 : pcs-0.9.137-4.fc21 (2015-8788)
Fix for CVE-2015-1848, CVE-2015-3983 sessions not signed Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issue...