@alivault/pico (>=0.1.0 <=0.1.2), @ardeora/start-devtools (>=1.0.0 <=1.0.1) +120 more potentially affected by unknown CVE via @tanstack/start-client-core (>=1.121.0-alpha.28 <=1.168.2)

@tanstack/start-client-core NPM version =1.121.0-alpha.28, =0.1.0, =1.0.0, =0.0.1, =0.5.2, =0.1.1, =0.0.4, =1.0.0, =0.2.0, =0.2.0, =0.1.1, =0.2.0, =0.2.0, =0.1.14, =0.1.0, =0.1.38 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3487...

EUVD-2026-3487

A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerability is an unknown functionality of the file /system/downloadById. Performing a manipulation of the argument ID results in information disclosure. The attack can be initiated remotely. The attack's complexity is rated as...

MiracleLinux 8 : python3-3.6.8-45.el8.ML.1 (AXSA:2022-3487:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3487:01 advisory. python: ftplib should not use the host from the PASV response CVE-2021-4189 python: urllib: HTTP client possible infinite loop on a 100 Continue...

CVE-2006-3487

VirtuaStore 2.0 stores sensitive files under the web root with insufficient access control, which allows remote attackers to obtain local database information by directly accessing database/virtuastore.mdb...

CVE-2025-3487

creationtimestamp| type| source ---|---|--- 2025-04-17 12:00:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12208 2025-04-17 14:49:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmze2ikjw72g 2025-04-17 17:09:34+00:00| seen| https://t.me/cvedetector/23232...

CVE-2025-3487 Forminator <= 1.42.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'limit'

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘limit’ parameter in all versions up to, and including, 1.42.0 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-3487

CVE-2025-3487 affects Forminator Forms – Contact Form, Payment Form & Custom Form Builder (WordPress). It is a Stored Cross-Site Scripting vulnerability via the limit parameter in all versions up to and including 1.42.0, caused by insufficient input sanitization and output escaping. Exploitation ...

CVE-2025-3487 Forminator <= 1.42.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'limit'

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘limit’ parameter in all versions up to, and including, 1.42.0 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress Forminator plugin <= 1.42.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'limit' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'limit' vulnerability discovered by Asaf Mozes in WordPress Plugin Forminator versions = 1.42.0...

Linux Distros Unpatched Vulnerability : CVE-2021-3487

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt...

CVE-2024-3487 Broken Authentication vulnerability in iManager

Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication...

CVE-2024-3487 Broken Authentication vulnerability in iManager

Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication...

CVE-2024-3487

CVE-2024-3487 affects OpenText iManager 3.2.6.0200. Multiple connected sources (PT-2024-26236) confirm a Broken Authentication issue that allows an attacker to manipulate certain parameters to bypass authentication, i.e., bypassing login controls. The record also notes there is currently no infor...

RockyLinux 8 : binutils (RLSA-2021:4364)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4364 advisory. binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection CVE-2021-3487 binutils: Race window allows...

CVE-2023-3487

creationtimestamp| type| source ---|---|--- 2023-10-20 18:35:13+00:00| seen| https://t.me/cibsecurity/72691...

CVE-2023-3487 Integer overflow in Silicon Labs Gecko Bootloader leads to unbounded memory access

An integer overflow in Silicon Labs Gecko Bootloader version 4.3.1 and earlier allows unbounded memory access when reading from or writing to storage slots...

CVE-2023-3487

The CVE-2023-3487 entry affects Silicon Labs Gecko Bootloader versions 4.3.1 and earlier, caused by an integer overflow that enables unbounded memory access when reading from or writing to storage slots. The vulnerability could impact firmware handling of storage slots, with the disclosed data in...

BELL-CVE-2021-3487 CVE-2021-3487 does not affect BellSoft software

Bulletin has no description...

CVE-2022-3487

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

SUSE CVE-2021-3487

Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt...