150 matches found
Azure Linux 3.0 Security Update: edk2 (CVE-2022-3996)
The version of edk2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3996 advisory. - If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write...
CVE-2023-3996
The ARMember Lite - Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 4.0.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2012-3996
TikiWiki CMS/Groupware 8.3 and earlier allows remote attackers to obtain the installation path via a direct request to 1 admin/includecalendar.php, 2 tiki-rsserror.php, or 3 tiki-watershedservice.php...
WordPress Post Grid, Post Carousel, & List Category Posts plugin < 2.4.28 - Editor+ Stored XSS vulnerability
Editor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Post Grid, Post Carousel, & List Category Posts – by Smart Post Show versions 2.4.28...
CVE-2024-3996
creationtimestamp| type| source ---|---|--- 2025-05-15 20:33:43+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16561...
CVE-2024-3996
The Smart Post Show WordPress plugin before 2.4.28 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-3996 Post Grid, Post Carousel, & List Category Posts < 2.4.28 - Editor+ Stored XSS
The Smart Post Show WordPress plugin before 2.4.28 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-3996 Post Grid, Post Carousel, & List Category Posts < 2.4.28 - Editor+ Stored XSS
The Smart Post Show WordPress plugin before 2.4.28 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2025-3996
A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /home.htm of the component MAC Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be...
CVE-2025-3996
creationtimestamp| type| source ---|---|--- 2025-04-28 03:45:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lntu45ij662b 2025-04-28 07:22:21+00:00| seen| https://t.me/cvedetector/23881...
CVE-2025-3996 TOTOLINK N150RT MAC Filtering Page home.htm cross site scripting
A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /home.htm of the component MAC Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be...
CVE-2025-3996 TOTOLINK N150RT MAC Filtering Page home.htm cross site scripting
A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /home.htm of the component MAC Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be...
CVE-2021-3996 affecting package util-linux 2.32.1-7
CVE-2021-3996 affecting package util-linux 2.32.1-7. This CVE either no longer is or was never applicable...
edk2 security update
Mon Sep 09 2024 Aaron Young - Create new 20240909 release for OL9 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access Orabug: 36990130 CVE-2024-1298 - EDK...
CVE-2022-3996 affecting package edk2 for versions less than 20240223gitedc6681206c1-2
CVE-2022-3996 affecting package edk2 for versions less than 20240223gitedc6681206c1-2. A patched version of the package is available...
CVE-2019-3996
creationtimestamp| type| source ---|---|--- 2024-03-15 07:06:48+00:00| seen| https://t.me/ctinow/208442...
CVE-2023-3996
creationtimestamp| type| source ---|---|--- 2023-10-20 12:41:29+00:00| seen| https://t.me/cibsecurity/72685...
CVE-2023-3996
CVE-2023-3996 affects the WordPress plugin “ARMember Lite – Membership”. The vulnerability is a Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in admin settings. It requires authenticated attackers with administrator-level permissions (and above) to inject ...
Oracle Linux 7 : libxml2 (ELSA-2020-3996)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3996 advisory. - Fix CVE-2019-19956 1793000 - Fix CVE-2019-20388 1810057 - Fix CVE-2020-7595 1810073 Tenable has extracted the preceding description block directly fr...
BELL-CVE-2022-3996 CVE-2022-3996 does not affect BellSoft software
Bulletin has no description...