83 matches found
CVE-2026-3994
A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X8664::initializesections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a...
CVE-2026-3994
creationtimestamp| type| source ---|---|--- 2026-03-12 09:29:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgu3lrusb624...
CVE-2026-3994
A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X8664::initializesections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a...
CVE-2026-3994
This CVE affects rui314 mold up to 2.40.4, specifically mold::ObjectFilemold::X86_64::initialize_sections in src/input-files.cc. Local manipulation can trigger a heap-based buffer overflow. An exploit is public and information indicates non-responsiveness from the project after disclosure. No rem...
CVE-2026-3994 rui314 mold Object File input-files.cc initialize_sections heap-based overflow
A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X8664::initializesections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a...
CVE-2026-3994
A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X8664::initializesections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a...
Linux Distros Unpatched Vulnerability : CVE-2019-3994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG serv...
Linux Distros Unpatched Vulnerability : CVE-2023-3994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions...
CVE-2025-3994
A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been classified as problematic. Affected is an unknown function of the file /home.htm of the component IP Port Filtering. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attac...
CVE-2025-3994
A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been classified as problematic. Affected is an unknown function of the file /home.htm of the component IP Port Filtering. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attac...
CVE-2025-3994
creationtimestamp| type| source ---|---|--- 2025-04-28 01:10:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13649 2025-04-28 03:45:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lntu45vpx42t 2025-04-28 05:41:58+00:00| seen|...
CVE-2025-3994 TOTOLINK N150RT IP Port Filtering home.htm cross site scripting
A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been classified as problematic. Affected is an unknown function of the file /home.htm of the component IP Port Filtering. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attac...
CVE-2025-3994 TOTOLINK N150RT IP Port Filtering home.htm cross site scripting
A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been classified as problematic. Affected is an unknown function of the file /home.htm of the component IP Port Filtering. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attac...
CVE-2025-3994
The CVE-2025-3994 entry affects TOTOLINK N150RT (version 3.4.0-B20190525). The vulnerability is in the IP Port Filtering component, specifically the /home.htm function, where untrusted input in the Comment parameter enables cross-site scripting. It is exploitable remotely, and the exploit has bee...
CVE-2023-3994
An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A Regular Expression Denial of Service was possible via sending crafted payloads which use...
CVE-2023-3994
creationtimestamp| type| source ---|---|--- 2023-08-02 07:38:57+00:00| seen| https://t.me/cibsecurity/67548...
CVE-2023-3994
GitLab CVE-2023-3994 affects GitLab CE/EE versions 9.3–16.0.7, 16.1.0–16.1.2, and 16.2.0–16.2.1, with a Regular Expression Denial of Service via crafted payloads targeting the preview_markdown endpoint (ProjectReferenceFilter). Root cause: inefficient regex processing leading to DoS. Impact: high...
CVE-2023-3994 Inefficient Regular Expression Complexity in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A Regular Expression Denial of Service was possible via sending crafted payloads which use...
CVE-2023-3994
Removed by vendor...
GitLab 9.3 < 16.0.8 / 16.1 < 16.1.3 / 16.2 < 16.2.2 (CVE-2023-3994)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A...