Lucene search
K

142 matches found

OSV
OSV
added 2026/04/11 4:17 p.m.1 views

MINI-X5FM-7QQV-3387

Bulletin has no description...

6.1CVSS5.7AI score0.0029EPSS
Exploits0
Circl
Circl
added 2026/03/01 1:58 p.m.6 views

CVE-2026-3387

creationtimestamp| type| source ---|---|--- 2026-03-01 13:58:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfyvieffpk2e...

5.5CVSS5.9AI score0.00163EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/01 9:32 a.m.9 views

CVE-2026-3387

A vulnerability has been found in wren-lang wren up to 0.4.0. Affected by this issue is the function getByteCountForArguments of the file src/vm/wrencompiler.c. Such manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to...

5.5CVSS5.4AI score0.00163EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2026/01/20 2:49 p.m.15 views

EUVD-2026-3387

A reflected cross-site scripting xss vulnerability exists in the sendOruReport functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

6.1CVSS5.6AI score0.00317EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 4:32 a.m.7 views

CVE-2010-3387

vdrleaktest in Video Disk Recorder VDR 1.6.0 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: a third party disputes this issue because the script erroneously uses a...

6.9CVSS6.7AI score0.00401EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/10 4:12 a.m.18 views

CVE-2025-3387

A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

5.4CVSS6.2AI score0.0029EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/04/07 10:31 p.m.7 views

CVE-2025-3387 renrenio renren-security JSON cross site scripting

A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

5.1CVSS6.4AI score0.0029EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/04/07 10:31 p.m.34 views

CVE-2025-3387 renrenio renren-security JSON cross site scripting

A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

5.1CVSS0.0029EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.25 views

CentOS 6 : java-1.7.1-ibm (RHSA-2020:3387)

The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3387 advisory. - In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or...

8.3CVSS6.6AI score0.04315EPSS
Exploits0References10
OSV
OSV
added 2024/06/06 12:27 p.m.4 views

CGA-GGCV-JMX5-3387

Bulletin has no description...

7.5CVSS8AI score0.02758EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.23 views

RHEL 8 : Satellite 6.13.1 Async Security Update (Moderate) (RHSA-2023:3387)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3387 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide...

5.4CVSS5.5AI score0.00556EPSS
Exploits0References17
Circl
Circl
added 2024/04/10 8:8 p.m.5 views

CVE-2024-3387

creationtimestamp| type| source ---|---|--- 2024-04-10 20:08:42+00:00| seen| Telegram/KYIaGGUUECfiFFhr1hRQaqqeF1Mr1zoJwWDvL7eDPVKrWpg 2024-04-15 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1270...

5.9CVSS5.5AI score0.0017EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/10 5:6 p.m.19 views

CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure

A weak low bit strength device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle MitM attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker...

5.3CVSS6.6AI score0.0017EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/10 12:0 a.m.90 views

Palo Alto Networks PAN-OS 10.1.x < 10.1.12 / 10.2.x < 10.2.8 / 11.0.x < 11.0.4 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.4. It is, therefore, affected by a vulnerability. - A weak low bit strength device certificate in Palo Alto Networks Panorama software enables an attack...

5.9CVSS5.8AI score0.0017EPSS
Exploits0References2
CVE
CVE
added 2023/06/24 2:0 a.m.53 views

CVE-2023-3387

The CVE-2023-3387 entry concerns the Lana Text to Image WordPress plugin (

6.4CVSS5.2AI score0.00532EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/06/23 12:0 a.m.9 views

WordPress Lana Text to Image Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Lana Text to Image Type Plugin Vulnerable versions = 1.0.0 Fixed in 1.1.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3387 Patch priority Medium CVSS severity Medium 6.4 Developer Claim ownership PSID 0d489ec1b616 Credits István Márton...

6.4CVSS5.6AI score0.00532EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 6:11 a.m.5 views

SUSE CVE-2007-3387

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in 1 poppler before 0.5.91, 2 gpdf before 2.8.2, 3 kpdf, 4 kdegraphics, 5 CUPS, 6 PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a...

6.8CVSS8.3AI score0.08565EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.4 views

SUSE CVE-2010-3387

vdrleaktest in Video Disk Recorder VDR 1.6.0 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: a third party disputes this issue because the script erroneously uses a...

6.9CVSS7.1AI score0.00401EPSS
Exploits1References4
Circl
Circl
added 2022/10/28 12:29 a.m.5 views

CVE-2022-3387

creationtimestamp| type| source ---|---|--- 2022-10-28 00:29:05+00:00| seen| https://t.me/cibsecurity/52188...

6.5CVSS6AI score0.1398EPSS
Exploits0References1
CVE
CVE
added 2022/10/27 8:47 p.m.75 views

CVE-2022-3387

Advantech R-SeeNet (software management platform) Versions 2.4.19 and earlier are affected by CVE-2022-3387 due to an improper restriction of a pathname (path traversal). An unauthorized, remote attacker could exploit vulnerable PHP code to delete arbitrary .PDF files. The issue is documented wit...

6.5CVSS5.3AI score0.1398EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder