CVE-2026-1087

creationtimestamp| type| source ---|---|--- 2026-03-07 09:22:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mghiuijmnm2o...

RockyLinux 9 : python-urllib3 (RLSA-2026:1087)

The remote RockyLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RLSA-2026:1087 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

EUVD-2026-1087

The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'deletesingleticketcallback' and 'changeticketstatuscallback' functions in all versions up to, and including, 1.2.6. This makes it...

EUVD-2011-1087

Malware in sbrugna...

EUVD-2016-1087

Malware in sbrugna...

CVE-2023-1087

The WC Sales Notification WordPress plugin before 1.2.3 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

CVE-2022-1087

A vulnerability, which was classified as problematic, has been found in htmly 5.3 whis affects the component Edit Profile Module. The manipulation of the field Title with script tags leads to persistent cross site scripting. The attack may be initiated remotely and requires an authentication. A...

CVE-2013-1087

Cross-site scripting XSS vulnerability in the client in Novell GroupWise through 8.0.3 HP3, and 2012 through SP2, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML via the body of an e-mail message...

CVE-2025-1087

creationtimestamp| type| source ---|---|--- 2025-05-09 12:26:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15716 2025-05-09 12:53:15+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loqhnmi552q2 2025-05-09...

RHSA-2025:1087

creationtimestamp| type| source ---|---|--- 2025-02-26 07:24:00+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5477...

CVE-2023-1087

creationtimestamp| type| source ---|---|--- 2025-02-19 19:13:54+00:00| seen| Telegram/sUWnqEi91EAqyTkMOIBjuGbgodWqJO1a6yCcTpp3NdCpK6CW...

CVE-2024-1087

creationtimestamp| type| source ---|---|--- 2024-01-31 14:31:34+00:00| seen| https://t.me/ctinow/176771...

PT-2024-16603 · Undefined · Undefined

CVE-2024-1087 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2024-1085. https://t.co/AfPITIpqg8...

CVE-2023-1087

The WC Sales Notification WordPress plugin before 1.2.3 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

CVE-2023-1087

The CVE-2023-1087 entry concerns the WC Sales Notification WordPress plugin, affected versions prior to 1.2.3. The vulnerability is a CSRF issue in the plugin activation flow, allowing a logged-in attacker to trigger activation of arbitrary plugins on the target blog without proper CSRF checks. T...

CVE-2023-1087 WC Sales Notification < 1.2.3 - Arbitrary Plugin Activation via CSRF

The WC Sales Notification WordPress plugin before 1.2.3 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

CVE-2023-1087 WC Sales Notification < 1.2.3 - Arbitrary Plugin Activation via CSRF

The WC Sales Notification WordPress plugin before 1.2.3 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack...

WordPress WC Sales Notification Plugin < 1.2.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software WC Sales Notification Type Plugin Vulnerable versions 1.2.3 Fixed in 1.2.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-1087 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 359b32e62cb7 Credits WPScan Required...

SUSE CVE-2018-1087

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch...

CVE-2022-1087 htmly Edit Profile Module cross site scripting

A vulnerability, which was classified as problematic, has been found in htmly 5.3 whis affects the component Edit Profile Module. The manipulation of the field Title with script tags leads to persistent cross site scripting. The attack may be initiated remotely and requires an authentication. A...