CVE-2026-2287

creationtimestamp| type| source ---|---|--- 2026-04-01 23:26:42+00:00| seen| Telegram/jbWMrWY3kup1vLwq2L3T9QUurzdP-pS58MJjOuG7oT4-o...

crewai-geolocate (=0.1.0) potentially affected by CVE-2026-2287 via crewai-tools (=1.11.0)

crewai-tools PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on crewai-tools and may be impacted: - crewai-geolocate =0.1.0 Source cves: CVE-2026-2287 Source advisory: SNYK:PYTHON-CREWAITOOLS-15922651...

CVE-2026-2287

CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation...

CVE-2026-2287

CrewAI does not properly check that Docker is still running during runtime, and will fall back to a sandbox setting that allows for RCE exploitation...

MiracleLinux 3 : kvm-84-5AXS3 (AXSA:2009-381:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-381:01 advisory. This package provides the kvm kernel modules built for the Linux kernel 2.6.18-128.8AXS3PAE for the i686 family of processors. Fixed bugs:...

EUVD-2026-2287

In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin - Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...

EUVD-2014-0631

Malware in sbrugna...

CVE-2024-2287

The Knight Lab Timeline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.9.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2019-2287

Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607...

CVE-2025-2287

creationtimestamp| type| source ---|---|--- 2025-04-08 19:22:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmd755chip2b 2025-04-09 13:15:45+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114308189037550499 2025-04-10 10:00:00+00:00| seen|...

CVE-2025-2287 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

CVE-2025-2287 Local Code Execution Vulnerability in Arena®

A local code execution vulnerability exists in the Rockwell Automation Arena® due to an uninitialized pointer. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

CVE-2025-2287

CVE-2025-2287 is a local code-execution vulnerability in Rockwell Automation Arena® caused by an uninitialized pointer resulting from improper validation of user-supplied data. A threat actor could disclose information and execute arbitrary code if a legitimate user opens a malicious DOE file. Ex...

Linux Distros Unpatched Vulnerability : CVE-2022-2287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. CVE-2022-2287 Note that Nessus relies on the presence of the package as reported by the vendor...

CVE-2023-2287

creationtimestamp| type| source ---|---|--- 2025-01-10 21:03:37+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1220...

Rocky Linux 9 : gstreamer1-plugins-bad-free (RLSA-2024:2287)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2287 advisory. - GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code ...

Oracle Linux 9 : gstreamer1-plugins-bad-free (ELSA-2024-2287)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2287 advisory. - CVE-2023-40474: Integer overflow leading to heap overwrite in MXF - CVE-2023-40475: Integer overflow leading to heap overwrite in MXF - CVE-2023-4047...

CVE-2024-2287

creationtimestamp| type| source ---|---|--- 2024-04-11 06:06:37+00:00| seen| https://t.me/arpsyndicate/4450...

CVE-2024-2287

The Knight Lab Timeline plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.9.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

Amazon Linux 2 : curl (ALAS-2023-2287)

The version of curl installed on the remote host is prior to 8.3.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2287 advisory. An issue was found in curl that can cause a buffer overflow in its SOCKS5 proxy communications code. When curl is using a...