Photon OS 5.0: Python3 PHSA-2026-5.0-0862

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0862. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Linux Distros Unpatched Vulnerability : CVE-2026-3087

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:... then the archive will be extracted outside the target...

CVE-2026-3087

creationtimestamp| type| source ---|---|--- 2026-04-28 02:22:50+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkjjo7njhy2z 2026-04-28 12:15:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mkkkrbupjv2w...

CVE-2026-3087

If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:\... then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability...

Medium: audiofile

Issue Overview: Audiofile v0.3.7 was discovered to contain a NULL pointer dereference via the ModuleState::setup function. CVE-2025-50950 Affected Packages: audiofile Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Cor...

EUVD-2020-3087

Malware in sbrugna...

CVE-2005-3087

The SecureW2 3.0 TLS implementation uses weak random number generators rand and srand from system time during generation of the pre-master secret PMS, which makes it easier for attackers to guess the secret and decrypt sensitive data...

CVE-2025-3087

Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...

CVE-2025-3087

creationtimestamp| type| source ---|---|--- 2025-04-04 07:36:11+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10416 2025-04-04 10:29:23+00:00| seen| https://t.me/cvedetector/22089...

CVE-2025-3087

Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...

CVE-2025-3087 Stored XSS Vulnerability in M-Files Web

Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...

CVE-2025-3087 Stored XSS Vulnerability in M-Files Web

Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 allows an authenticated user to run scripts...

CVE-2022-3087

Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code...

CVE-2024-3087 PHPGurukul Emergency Ambulance Hiring Portal Ambulance Tracking Page ambulance-tracking.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this issue is some unknown functionality of the file ambulance-tracking.php of the component Ambulance Tracking Page. The manipulation of the argument searchdata lead...

CVE-2024-3087 PHPGurukul Emergency Ambulance Hiring Portal Ambulance Tracking Page ambulance-tracking.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this issue is some unknown functionality of the file ambulance-tracking.php of the component Ambulance Tracking Page. The manipulation of the argument searchdata lead...

CVE-2023-3087

CVE-2023-3087 (FluentSMTP, WordPress) : A stored XSS exists in FluentSMTP via the email subject in versions up to and including 2.2.4 due to insufficient input sanitization/output escaping. Exploitation is possible by unauthenticated users, affecting pages where the plugin displays logged emails....

Oracle Linux 8 : mysql:8.0 (ELSA-2023-3087)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-3087 advisory. mecab 0.996-2.12 - Bump version for 'mysql' module rebuild We are moving the 'mecab-devel' RPM from the 'buildroot' repo to the 'AppStream' repo -...

CentOS 8 : mysql:8.0 (CESA-2023:3087)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:3087 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.30 and prior...

RHEL 8 : mysql:8.0 (RHSA-2023:3087)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3087 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...

K37024017: Apache Struts 2 vulnerability CVE-2016-3087

Security Advisory Description Apache Struts 2.3.20.x before 2.3.20.3, 2.3.24.x before 2.3.24.3, and 2.3.28.x before 2.3.28.1, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! exclamation mark operator to the REST Plugin...