RockyLinux 9 : openexr (RLSA-2026:15887)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:15887 advisory. OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file CVE-2026-34588 Tenable has extracted the preceding description block...

RockyLinux 9 : opentelemetry-collector (RLSA-2025:15887)

The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2025:15887 advisory. net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 Tenable has extracted the preceding description block directly from th...

RHEL 9 : opentelemetry-collector (RHSA-2025:15887)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:15887 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fixes: net/http: Sensitive headers not cleared on cross-origin...

CVE-2020-15887

A SQL injection vulnerability in softwareupdatecontroller.php in the Software Update module before 1.6 for MunkiReport allows attackers to execute arbitrary SQL commands via the last URL parameter of the /module/softwareupdate/gettabdata/ endpoint...

CVE-2020-15887

CVE-2020-15887 affects MunkiReport’s Software Update module (versions before 1.6). The vulnerability is a SQL injection in softwareupdate_controller.php, exploitable via the last URL parameter of the /module/softwareupdate/get_tab_data/ endpoint, allowing arbitrary SQL commands. The provided docu...

CVE-2019-15887

...

CVE-2019-15887

CVE-2019-15887 entry is rejected and not used.

Asus Dsln12e C1 Firmware Command Execution (CVE-2018-15887)

A command execution vulnerability exists in asus dsln12e c1 firmware. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

VulnCheck KEV: CVE-2018-15887

MainAnalysisContent.asp in ASUS DSL-N12EC1 1.1.2.3345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request...

CVE-2018-15887

The CVE-2018-15887 entry concerns ASUS DSL-N12E_C1 (firmware version 1.1.2.3_345). A vulnerability in Main_Analysis_Content.asp allows an authenticated remote attacker to execute arbitrary OS commands by crafting service parameters (e.g., destIP in a cmdMethod=ping request). Affected component/fu...

CVE-2017-15887

CVE-2017-15887 describes an improper restriction of excessive authentication attempts in the Synology CardDAV Server, affecting versions before 6.0.7-0085. The vulnerability is triggered via brute-forcing on the /principals endpoint, enabling remote attackers to obtain user credentials. According...

Unfixed XSS vulnerability at wildmatch.com

Security researcher MurderSkillz, has submitted on 25/04/2007 a cross-site-scripting XSS vulnerability affecting wildmatch.com, which at the time of submission ranked 15887 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/04/2007. It is...