GHSA-65H7-C7C4-MGHX MLflow Has a Server-Side Request Forgery (SSRF) Vulnerability

A Server-Side Request Forgery SSRF vulnerability exists in MLflow versions prior to 3.9.0. The createwebhook function in mlflow/server/handlers.py accepts a user-controlled url parameter without validation, and the sendwebhookrequest function in mlflow/webhooks/delivery.py sends HTTP POST request...

CVE-2026-22764

Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...

CVE-2026-22764

Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure...

PT-2025-53270

Name of the Vulnerable Software and Affected Versions Funnelforms versions prior to 3.9 Description An authorization issue exists in Funnelforms Free that allows exploitation of incorrectly configured access control security levels. Recommendations Update to version 3.9 or later...

EUVD-2021-11741

Malware in sbrugna...

PT-2024-24389 · Unknown · Gold Plugins

Name of the Vulnerable Software and Affected Versions: Gold Plugins Before And After versions n/a through 3.9 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

CVE-2023-23762

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff. To do so, an attacker would need write access to the repository and be able to correctly guess the target branch before it’s created by the code...

HP Security Manager 安全漏洞

HP Security Manager is an industry-first policy-based solution from Hewlett-Packard HP. It helps improve security, enhance regulatory compliance and reduce risk across imaging and printing teams. A security vulnerability exists in HP Security Manager versions prior to 3.9, which stems from a...

Apple Remote Desktop 加密问题漏洞

Apple Remote Desktop is a remote desktop feature from Apple. A security vulnerability exists in Apple Remote Desktop versions prior to 3.9, which can be exploited by an attacker to capture plaintext passwords...

Mattermost Server Trust Management Issues Vulnerability (CNVD-2020-35447)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 3.9.0 that stems from encryption and signature verification not being mandatory. No details of the vulnerability are provided a...

UBUNTU-CVE-2013-3230

The l2tpip6recvmsg function in net/l2tp/l2tpip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

boost: ordered_malloc() overflow

Integer overflow in the orderedmalloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be allocated than expected...

Integer overflow

Multiple integer overflows in the 1 malloc and 2 calloc functions in Hoard before 3.9 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows on implementing code via a large size value, which causes less memory to be allocated than expected...