Lucene search
K

22 matches found

Circl
Circl
added 2026/01/22 2:3 a.m.4 views

CVE-2026-23887

creationtimestamp| type| source ---|---|--- 2026-01-22 02:03:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcy3tkxxgj26...

5.4CVSS5AI score0.00246EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:18 a.m.5 views

CVE-2025-23887

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in scottwallick Blog Summary blog-summary allows Stored XSS.This issue affects Blog Summary: from n/a through = 0.1.2 β...

6.5CVSS7.2AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:20 p.m.8 views

CVE-2021-23887

Privilege Escalation vulnerability in McAfee Data Loss Prevention DLP Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting...

7.8CVSS6.9AI score0.00217EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:45 p.m.7 views

CVE-2020-23887

XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service DoS via a crafted ico file. Related to a Read Access Violation starting at USER32!SmartStretchDIBits+0x33...

5.5CVSS7.4AI score0.00697EPSS
Exploits1
Circl
Circl
added 2025/01/16 9:19 p.m.3 views

CVE-2025-23887

creationtimestamp| type| source ---|---|--- 2025-01-16 21:19:08+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7g4s2bl2n 2025-01-17 21:56:51+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2218...

6.5CVSS8.7AI score0.00357EPSS
Exploits0References2
NVD
NVD
added 2025/01/16 9:15 p.m.14 views

CVE-2025-23887

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in scottwallick Blog Summary blog-summary allows Stored XSS.This issue affects Blog Summary: from n/a through = 0.1.2 β...

6.5CVSS0.00357EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/16 8:7 p.m.5 views

CVE-2025-23887 WordPress Blog Summary plugin <= 0.1.2 β - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in scottwallick Blog Summary blog-summary allows Stored XSS.This issue affects Blog Summary: from n/a through = 0.1.2 β...

6.5CVSS7.2AI score0.00357EPSS
Exploits0References1
CVE
CVE
added 2025/01/16 8:7 p.m.42 views

CVE-2025-23887

CVE-2025-23887 describes a stored cross-site scripting (XSS) vulnerability in the WordPress Blog Summary plugin. According to connected Red Hat/Wordfence data, the issue is caused by improper input neutralization during web page generation, enabling stored XSS. The affected software is the Blog S...

6.5CVSS7.2AI score0.00357EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 11:31 a.m.40 views

CVE-2023-23887 WordPress Easy Google Analytics for WordPress plugin <= 1.6.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Shaon Easy Google Analytics for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Google Analytics for WordPress: from n/a through 1.6.0...

5.3CVSS0.00558EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.19 views

CVE-2023-23887 WordPress Easy Google Analytics for WordPress plugin <= 1.6.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Shahjada Easy Google Analytics for WordPress easy-google-analytics-for-wordpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Google Analytics for WordPress: from n/a through = 1.6.0...

5.3CVSS7.3AI score0.00558EPSS
Exploits0References1
Circl
Circl
added 2024/02/19 2:51 p.m.5 views

CVE-2024-23887

creationtimestamp| type| source ---|---|--- 2024-02-19 14:51:36+00:00| seen| https://t.me/ctinow/187705...

8.2CVSS6.1AI score0.00436EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/26 9:18 a.m.6 views

CVE-2024-23887 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/grncreate.php, in the grndate parameter. Exploitation of this vulnerability could...

8.2CVSS7.1AI score0.00436EPSS
Exploits0References1
CVE
CVE
added 2024/01/26 9:18 a.m.52 views

CVE-2024-23887

CVE-2024-23887 affects Cups Easy (Purchase & Inventory) v1.0. The vulnerability is a Cross-Site Scripting (XSS) in the grndate parameter of /cupseasylive/grncreate.php, caused by insufficient encoding of user-controlled input. It could allow a remote attacker to craft a URL sent to an authenticat...

8.2CVSS5.8AI score0.00436EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/02/20 12:0 a.m.10 views

WordPress Easy Google Analytics for WordPress Plugin <= 1.6.0 is vulnerable to Broken Access Control

Software Easy Google Analytics for WordPress Type Plugin Vulnerable versions = 1.6.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-23887 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 682fb3f4795d Credits Mika Requir...

6.9AI score0.00558EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2022/01/29 12:21 a.m.5 views

CVE-2022-23887

creationtimestamp| type| source ---|---|--- 2022-01-29 00:21:57+00:00| seen| https://t.me/cibsecurity/36519...

6.5CVSS6.4AI score0.00739EPSS
Exploits1References1
CVE
CVE
added 2022/01/28 8:44 p.m.55 views

CVE-2022-23887

CVE-2022-23887: YzmCMS v6.3 is affected by a Cross-Site Request Forgery (CSRF) that lets an attacker delete user accounts via /admin/admin_manage/delete. Root cause is CSRF vulnerability; exploitation details are not provided in the documents. No remediation/fix is specified in the provided data....

6.5CVSS6.5AI score0.00739EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2021/11/11 12:36 a.m.4 views

CVE-2020-23887

creationtimestamp| type| source ---|---|--- 2021-11-11 00:36:59+00:00| seen| https://t.me/cibsecurity/32216...

5.5CVSS5.5AI score0.00697EPSS
Exploits1References1
CVE
CVE
added 2021/11/10 9:25 p.m.48 views

CVE-2020-23887

XnView MP v0.96.4 is affected by a heap-based buffer overflow that can be triggered by a crafted ICO file, leading to a denial of service. The issue is described as a Read Access Violation beginning at USER32!SmartStretchDIBits+0x33. Connected sources confirm the vulnerability in XnView MP, but d...

5.5CVSS5.5AI score0.00697EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/04/23 12:0 a.m.82 views

McAfee DLPe Agent < 11.6.100.41 Multiple Vulnerabilities (SB10357)

The version of the McAfee Data Loss Prevention Endpoint DLPe Agent installed on the remote Windows host is prior to 11.6.100.41. It is, therefore, affected by multiple vulnerabilities: - Denial of Service vulnerability in McAfee Data Loss Prevention DLP Endpoint for Windows prior to 11.6.100.41...

7.8CVSS6.6AI score0.00217EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/04/15 7:55 a.m.19 views

CVE-2021-23887 Privilege escalation in McAfee DLP Endpoint for Windows

Privilege Escalation vulnerability in McAfee Data Loss Prevention DLP Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting...

7.8CVSS7.7AI score0.00217EPSS
Exploits0References2
Rows per page
Query Builder