Zoho ManageEngine OpManager < 12.5.329 - Remote Code Execution

Zoho ManageEngine OpManager before 12.5.329 contains a remote code execution caused by a general bypass in the deserialization class, letting unauthenticated attackers execute arbitrary code, exploit requires no authentication id: CVE-2021-3287 info: name: Zoho ManageEngine OpManager 12.5.329 -...

CVE-2026-3287

A security flaw has been discovered in youlaitech youlai-mall 2.0.0. This affects the function listPagedSpuForApp of the file mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/controller/app/SpuController.java of the component App-side Product Pagination Endpoint. Performing a manipulation of t...

CVE-2026-3287

creationtimestamp| type| source ---|---|--- 2026-02-27 05:27:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfsxyuzaq42n...

MiracleLinux 8 : fwupd-1.7.8-2.el8.ML.1 (AXSA:2023-7312:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7312:04 advisory. fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 Tenable has extracted the preceding description block directly from the MiracleLinux...

MINI-3287-V969-54G5

Bulletin has no description...

TencentOS Server 4: fwupd (TSSA-2025:0084)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0084 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: fwupd (TSSA-2023:0301)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0301 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2021-3287

Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class...

CVE-2025-3287

A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the...

CVE-2025-3287

creationtimestamp| type| source ---|---|--- 2025-04-08 15:47:09+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10933 2025-04-08 19:22:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmd7562uco2i 2025-04-09 13:15:45+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2022-3287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction,...

CVE-2023-3287

creationtimestamp| type| source ---|---|--- 2024-07-09 13:56:09+00:00| seen| https://t.me/cvedetector/322...

CVE-2023-3287 A BOLA vulnerability in POST /admins in EasyAppointments < 1.5.0

A BOLA vulnerability in POST /admins allows a low privileged user to create a high privileged user admin in the system. This results in privilege escalation...

CVE-2024-3287

The CVE for SmartCrawl WordPress SEO checker (CVE-2024-3287) is tied to unauthorized ld+json description injection caused by a missing capability check in save_settings. Technical details from connected sources indicate the issue affects all versions up to and including 3.10.2, enabling unauthent...

RHEL 8 : fwupd (RHSA-2024:1403)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1403 advisory. The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in...

RHEL 8 : fwupd (RHSA-2024:1106)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1106 advisory. The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-3287)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 8 : fwupd (RLSA-2023:7189)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:7189 advisory. - When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction,...

Oracle Linux 8 : fwupd (ELSA-2023-7189)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-7189 advisory. 1.7.8-2.0.1 - Modify %prep to correctly apply downstream patches - Align sections to 512 bytes Orabug: 35265981 - Use objcopy to build arm/aarch64 binaries if...

Moderate: fwupd security update

The fwupd packages provide a service that allows session software to update device firmware. Security Fixes: fwupd: world readable password in /etc/fwupd/redfish.conf CVE-2022-3287 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...