CyberSecurityBoard
Sponsor Register Login

CVE-2025-3463

"This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation vulnerability in ASUS DriverHub may allow untrusted sources to affect system behavior via crafted HTTP requests. Refer to the 'Security Update for ASUS DriverHub' section on the ASUS Security Advisory for more information.

Publication date: Fri, 09 May 2025 05:37:00 +0000


Cyber News related to CVE-2025-3463

CVE-2009-2458 - Unspecified vulnerability in Sun Fire V215 Server, when using XVR-100 graphic cards on system boards with part number 375-3463 and a hardware dash level -04 or later, allows remote attackers to cause a denial of service (panic) via unknown vectors. ...
7 years ago
CVE-2025-22028 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago
CVE-2025-3463 - "This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation vulnerability in ASUS DriverHub may allow untrusted sources to affect system behavior via crafted HTTP ...
3 months ago
CVE-2015-82000 - The HP Client Automation / Accelerite Endpoint Management 9.00 core server is a central management server that sends user credentials in cleartext during agent deployment, to remote agents listening via the HPCA Management Agent (nvdkit.exe), running ...
55 years ago Tenable.com
CVE-2011-3463 - WebDAV Sharing in Apple Mac OS X 10.7.x before 10.7.3 does not properly perform authentication, which allows local users to gain privileges by leveraging access to (1) the server or (2) a bound directory. Per: http://support.apple.com/kb/HT5130 ...
13 years ago
CVE-2005-3463 - Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46.03 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE03. ...
9 years ago
CVE-2016-3463 - Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 12.0.3 allows remote attackers to affect confidentiality and integrity via vectors related to Pre-Login. ...
8 years ago
CVE-2009-3463 - Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site. NOTE: some of these details are obtained from third party information. ...
7 years ago
CVE-2006-3463 - The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, ...
1 year ago
CVE-2010-3463 - Cross-site scripting (XSS) vulnerability in modules/search/search.class.php in SantaFox 2.02, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the search parameter to search.html. ...
6 years ago
CVE-2007-3463 - ** DISPUTED ** Microsoft Windows XP SP2 allows local users, who have sessions created by another user's RunAs (run as) command, to kill arbitrary processes of this other user, as demonstrated by the taskkill program. NOTE: the researcher claims ...
6 years ago
CVE-2012-3463 - Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the ...
6 years ago
CVE-2017-3463 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" ...
5 years ago
CVE-2017-16772 - Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter. ...
5 years ago
CVE-2017-16771 - Cross-site scripting (XSS) vulnerability in Log Viewer in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote attackers to inject arbitrary web script or HTML via the username parameter. ...
5 years ago
CVE-2020-3463 - A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service. ...
4 years ago
CVE-2021-3463 - A null pointer dereference vulnerability in Lenovo Power Management Driver for Windows 10, prior to version 1.67.17.54, that could cause systems to experience a blue screen error. ...
4 years ago
CVE-2019-3463 - Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. ...
4 years ago
CVE-2022-3463 - The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection ...
2 years ago
CVE-2023-3463 - ...
2 years ago
CVE-2013-3463 - The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use ...
1 year ago
CVE-2008-3463 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none ...
55 years ago Tenable.com
CVE-2014-3463 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a unique security issue. Notes: none ...
55 years ago Tenable.com
CVE-2024-3463 - A vulnerability has been found in SourceCodester Laundry Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /karyawan/edit. The manipulation of the argument karyawan leads to cross site scripting. ...
1 year ago Tenable.com
CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits - An improper output neutralization for logs vulnerability CVE-2024-5594 in Siemens SINEMA Remote Connect Server.  It allows a malicious OpenVPN peer to send garbage to the OpenVPN log or cause high CPU load. The advisory includes missing ...
4 months ago Cybersecuritynews.com CVE-2024-5594

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)