CVE-2022-3159

CVE-2022-48919 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago

CVE-2022-3159 - The APDFL.dll contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. ...
2 years ago

CVE-2008-5335 - SQL injection vulnerability in messages.php in PHP-Fusion 6.01.15 and 7.00.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the subject and msg_send parameters, a different vector than CVE-2005-3157, ...
7 years ago

Google patches third exploited Chrome zero-day in a week - Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. The company fixed the zero-day flaw with the release of 125.0.6422.60/.61 for Mac/Windows and 125.0.6422.60. ...
9 months ago Bleepingcomputer.com CVE-2024-4947 CVE-2024-0519 CVE-2024-2887 CVE-2024-3159 CVE-2024-4671 CVE-2024-4761

CVE-2005-3157 - SQL injection vulnerability in messages.php in PHP-Fusion 6.00.109 allows remote attackers to execute arbitrary SQL commands via the msg_send parameter, a different vulnerability than CVE-2005-3158 and CVE-2005-3159. ...
8 years ago

CVE-2005-3158 - SQL injection vulnerability in messages.php in PHP-Fusion 6.00.106 and 6.00.107 allows remote attackers to execute arbitrary SQL commands via the (1) pm_email_notify and (2) pm_save_sent parameters, a different vulnerability than CVE-2005-3157 and ...
8 years ago

CVE-2005-3159 - SQL injection vulnerability in messages.php in PHP-Fusion allows remote attackers to execute arbitrary SQL commands via the msg_view parameter, a different vulnerability than CVE-2005-3157 and CVE-2005-3158. ...
8 years ago

CVE-2016-3159 - The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest ...
6 years ago

CVE-2012-1533 - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors ...
2 years ago

CVE-2012-3159 - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors ...
2 years ago

CVE-2009-3159 - Unspecified vulnerability in the rriDecompress function in IBM WebSphere MQ 7.0.0.0, 7.0.0.1, and 7.0.0.2 allows remote attackers to cause a denial of service via unknown vectors. ...
15 years ago

CVE-2014-3159 - The WebContentsDelegateAndroid::OpenURLFromTab function in components/web_contents_delegate_android/web_contents_delegate_android.cc in Google Chrome before 36.0.1985.122 on Android does not properly restrict URL loading, which allows remote ...
10 years ago

CVE-2011-3159 - Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1227. ...
8 years ago

CVE-2006-3159 - pipe_master in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003) allows local users to read portions of restricted files via a symlink attack on msg.conf in a directory identified by the CONFIGROOT environment variable, which ...
7 years ago

CVE-2008-3159 - Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related ...
7 years ago

CVE-2007-3159 - http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service (application crash) via a negative value in the Content-Length HTTP header. ...
1 year ago

CVE-2008-1797 - Unspecified vulnerability in Secure Computing Webwasher 5.30 before build 3159 and 6.3.0 before build 3150 allows remote attackers to cause a denial of service (freeze) via a crafted URL. ...
6 years ago

CVE-2013-3159 - Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compatibility Pack SP3 allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an ...
6 years ago

CVE-2017-3159 - Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws. ...
5 years ago

CVE-2018-3159 - Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Sender and Receiver). The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged ...
5 years ago

CVE-2020-3159 - A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The ...
5 years ago

CVE-2010-3159 - Untrusted search path vulnerability in Explzh 5.67 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory. ...
4 years ago

CVE-2021-3159 - A stored cross site scripting (XSS) vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG, SHTML, or MHT file. ...
3 years ago

CVE-2015-3159 - The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges. ...
2 years ago

CVE-2023-3159 - A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails. ...
1 year ago