7 matches found
CVE-2026-48613
SQL injection vulnerability in phpBB profile field migration due to improper handling of user-supplied profile field data during migration, allowing execution of arbitrary SQL queries. Only applies to phpBB forums that had been updated from versions prior to phpBB 3.3.8 and have not been updated ...
CVE-2026-41429
arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remotely reachable memory corruption issue in the NBNS packet handling path. When NetBIOS is enabled by calling NBNS.begin..., the device listens on UDP...
SUSE CVE-2020-15112
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime...
CVE-2018-18364
Symantec Ghost Solution Suite GSS versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file DLL that the attacker...
UBUNTU-CVE-2017-11610
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups...
PT-2017-2348 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.3 Description: The issue is related to the mm subsystem in the Linux kernel, which does not properly enforce the CONFIG STRICT DEVMEM protection mechanism. This allows local users to read or write to kernel...
PT-2014-2216 · Iproute2 · Iproute2
Name of the Vulnerable Software and Affected Versions: iproute2 versions prior to 3.3.0 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by certain scripts. This can be exploited through the configure script or the...