CLSA-2026-1777944852 vim: Fix of 2 CVEs

CVE-2021-3984: in findstartbrace misc1.c, when a found '' lies inside a comment, restore the full cursor position line and column instead of only the line so subsequent C-indent lookups stay within the line bounds. - CVE-2022-2571: in inscomplgetexp edit.c, when CONTADDING is active, only advance...

MINI-3984-HJQP-3X26

Bulletin has no description...

CVE-2026-3984

creationtimestamp| type| source ---|---|--- 2026-03-12 08:58:02+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgtztmbqpu2o...

EUVD-2026-3984

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Frank Corso Quote Master quote-master allows Reflected XSS.This issue affects Quote Master: from n/a through = 7.1.1...

EUVD-2011-4115

Malware in sbrugna...

MINI-536M-8MP7-3984

Bulletin has no description...

ECHO-D252-3984-4CF6

Bulletin has no description...

CVE-2023-3984

A vulnerability, which was classified as critical, was found in phpscriptpoint RecipePoint 1.9. This affects an unknown part of the file /recipe-result. The manipulation of the argument text/category/type/difficulty/cuisine/cookingmethod leads to sql injection. It is possible to initiate the atta...

CVE-2020-3984

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthorized data acce...

CVE-2019-3984

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when the device retrieves updates scripts from the internet...

CVE-2025-3984

A vulnerability was found in Apereo CAS 5.2.6 and classified as critical. Affected by this issue is the function saveService of the file cas-5.2.6\webapp-mgmt\cas-management-webapp-support\src\main\java\org\apereo\cas\mgmt\services\web\RegisteredServiceSimpleFormController.java of the component...

org.apereo.cas:cas-management-webapp (>=5.0.0 <=5.0.10) potentially affected by CVE-2025-3984 via org.apereo.cas:cas-management-webapp-support (>=5.0.0 <=5.0.9)

org.apereo.cas:cas-management-webapp-support MAVEN version =5.0.0, =5.0.0, =5.0.10 Source cves: CVE-2025-3984 Source advisory: OSV:GHSA-37PQ-893F-G7Q5...

org.apereo.cas:cas-management-webapp (>=5.0.0 <=5.0.10) potentially affected by CVE-2025-3984 via org.apereo.cas:cas-management-webapp-support (>=5.0.0 <=5.0.9)

org.apereo.cas:cas-management-webapp-support MAVEN version =5.0.0, =5.0.0, =5.0.10 Source cves: CVE-2025-3984 Source advisory: SNYK:JAVA-ORGAPEREOCAS-9893219...

CVE-2025-3984

creationtimestamp| type| source ---|---|--- 2025-04-27 20:09:39+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13632 2025-04-27 21:40:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnt7owv5fv2d 2025-04-27 23:00:34+00:00| seen|...

CVE-2025-3984

CVE-2025-3984 affects Apereo CAS 5.2.6. The vulnerability targets the saveService function in cas-5.2.6/webapp-mgmt/cas-management-webapp-support/src/main/java/org/apereo/cas/mgmt/services/web/RegisteredServiceSimpleFormController.java (Groovy Code Handler), enabling code injection. Reported as n...

Linux Distros Unpatched Vulnerability : CVE-2021-3984

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3984 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL...

openSUSE Security Advisory (SUSE-SU-2024:3984-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle DB SQL Injection Via SYS.LT.REMOVEWORKSPACE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.REMOVEWORKSPACE', 'Description' = %q This module exploits a sql injection flaw in the REMOVEWORKSPACE procedur...

CVE-2024-3984 EmbedSocial – Social Media Feeds, Reviews and Galleries <= 1.1.29 - Authenticated (Contributor+) Stored Cross-Site Scripting

The EmbedSocial – Social Media Feeds, Reviews and Galleries plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'embedsocialreviews' shortcode in all versions up to, and including, 1.1.29 due to insufficient input sanitization and output escaping on user supplied...

WordPress EmbedSocial Plugin <= 1.1.29 is vulnerable to Cross Site Scripting (XSS)

Software EmbedSocial Type Plugin Vulnerable versions = 1.1.29 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3984 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9b4cd9d91bb7 Credits Krzysztof Zając Required...