142 matches found
MINI-X5FM-7QQV-3387
Bulletin has no description...
CVE-2026-3387
creationtimestamp| type| source ---|---|--- 2026-03-01 13:58:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfyvieffpk2e...
CVE-2026-3387
A vulnerability has been found in wren-lang wren up to 0.4.0. Affected by this issue is the function getByteCountForArguments of the file src/vm/wrencompiler.c. Such manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to...
EUVD-2026-3387
A reflected cross-site scripting xss vulnerability exists in the sendOruReport functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...
CVE-2010-3387
vdrleaktest in Video Disk Recorder VDR 1.6.0 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: a third party disputes this issue because the script erroneously uses a...
CVE-2025-3387
A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...
CVE-2025-3387 renrenio renren-security JSON cross site scripting
A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...
CVE-2025-3387 renrenio renren-security JSON cross site scripting
A vulnerability classified as problematic has been found in renrenio renren-security up to 5.4.0. This affects an unknown part of the component JSON Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...
CentOS 6 : java-1.7.1-ibm (RHSA-2020:3387)
The remote CentOS Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3387 advisory. - In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or...
CGA-GGCV-JMX5-3387
Bulletin has no description...
RHEL 8 : Satellite 6.13.1 Async Security Update (Moderate) (RHSA-2023:3387)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3387 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide...
CVE-2024-3387
creationtimestamp| type| source ---|---|--- 2024-04-10 20:08:42+00:00| seen| Telegram/KYIaGGUUECfiFFhr1hRQaqqeF1Mr1zoJwWDvL7eDPVKrWpg 2024-04-15 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1270...
CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure
A weak low bit strength device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle MitM attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker...
Palo Alto Networks PAN-OS 10.1.x < 10.1.12 / 10.2.x < 10.2.8 / 11.0.x < 11.0.4 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.4. It is, therefore, affected by a vulnerability. - A weak low bit strength device certificate in Palo Alto Networks Panorama software enables an attack...
CVE-2023-3387
The CVE-2023-3387 entry concerns the Lana Text to Image WordPress plugin (
WordPress Lana Text to Image Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Lana Text to Image Type Plugin Vulnerable versions = 1.0.0 Fixed in 1.1.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3387 Patch priority Medium CVSS severity Medium 6.4 Developer Claim ownership PSID 0d489ec1b616 Credits István Márton...
SUSE CVE-2007-3387
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in 1 poppler before 0.5.91, 2 gpdf before 2.8.2, 3 kpdf, 4 kdegraphics, 5 CUPS, 6 PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a...
SUSE CVE-2010-3387
vdrleaktest in Video Disk Recorder VDR 1.6.0 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: a third party disputes this issue because the script erroneously uses a...
CVE-2022-3387
creationtimestamp| type| source ---|---|--- 2022-10-28 00:29:05+00:00| seen| https://t.me/cibsecurity/52188...
CVE-2022-3387
Advantech R-SeeNet (software management platform) Versions 2.4.19 and earlier are affected by CVE-2022-3387 due to an improper restriction of a pathname (path traversal). An unauthorized, remote attacker could exploit vulnerable PHP code to delete arbitrary .PDF files. The issue is documented wit...