Lucene search
K

179 matches found

Circl
Circl
added 2026/03/23 8:2 a.m.4 views

CVE-2026-3587

creationtimestamp| type| source ---|---|--- 2026-03-23 08:02:01+00:00| seen| https://infosec.exchange/users/certvde/statuses/116277439434054031 2026-03-23 08:02:11+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3mhplts73kmm2 2026-03-23 08:17:02+00:00| seen|...

10CVSS4.8AI score0.00679EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.101-3.b13.el7 (AXSA:2016-571:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-571:05 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2016-3458 RESERVED This candidate has been reserved by an organization ...

9.6CVSS6.9AI score0.0669EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.101-3.b13.AXS4 (AXSA:2016-570:06)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-570:06 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2016-3458 RESERVED This candidate has been reserved by an organization ...

9.6CVSS6.9AI score0.0669EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/23 9:26 a.m.10 views

CVE-2024-3587

The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Portfolios Widget in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...

6.4CVSS5.8AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/16 10:6 p.m.13 views

CVE-2025-3587

A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public a...

8.8CVSS7.2AI score0.00403EPSS
Exploits1References1
Circl
Circl
added 2025/04/14 8:54 p.m.13 views

CVE-2025-3587

creationtimestamp| type| source ---|---|--- 2025-04-14 20:54:44+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11706 2025-04-14 22:38:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmsmvuczaj2q 2025-04-14 23:02:13+00:00| seen|...

8.8CVSS6.5AI score0.00403EPSS
Exploits1References4
NVD
NVD
added 2025/04/14 8:15 p.m.20 views

CVE-2025-3587

A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public a...

8.8CVSS0.00403EPSS
Exploits1References4
OSV
OSV
added 2025/04/14 8:15 p.m.3 views

CVE-2025-3587

A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public a...

8.8CVSS5.4AI score0.00403EPSS
Exploits1References4
CVE
CVE
added 2025/04/14 8:0 p.m.80 views

CVE-2025-3587

CVE-2025-3587 affects ZeroWdd/code-projects studentmanager version 1.0. The vulnerability involves improper authorization in the /getTeacherList file, allowing a remote attacker to exploit it. Public disclosures imply exploitable conditions. CVSS base impact ratings from sources include High conf...

8.8CVSS7.4AI score0.00403EPSS
Exploits1References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2013-3587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which...

5.9CVSS6.8AI score0.06049EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2024/10/11 12:0 a.m.23 views

openSUSE Security Advisory (SUSE-SU-2024:3587-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.6AI score0.00992EPSS
Exploits4References179
Circl
Circl
added 2024/07/16 12:5 p.m.6 views

CVE-2024-3587

creationtimestamp| type| source ---|---|--- 2024-07-16 12:05:23+00:00| seen| https://t.me/cvedetector/922...

6.4CVSS4.8AI score0.00377EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/16 8:32 a.m.26 views

CVE-2024-3587 Premium Portfolio Features for Phlox theme <= 2.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via ' Grid Portfolios'

The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Portfolios Widget in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...

6.4CVSS0.00377EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/07/16 12:0 a.m.17 views

WordPress Phlox Portfolio Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Phlox Portfolio Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3587 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2481f1e17cc6 Credits wesley wcraft Required...

6.4CVSS5.8AI score0.00377EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2023/07/17 8:40 p.m.5 views

CVE-2023-3587

creationtimestamp| type| source ---|---|--- 2023-07-17 20:40:22+00:00| seen| https://t.me/cibsecurity/66840...

2.7CVSS4.1AI score0.00431EPSS
Exploits0References1
CVE
CVE
added 2023/07/17 3:26 p.m.38 views

CVE-2023-3587

Mattermost vulnerability CVE-2023-3587 concerns a UI inconsistency where, after a system admin changes a board’s permissions, the UI fails to reflect the updated state. This can allow any user with a valid sharing link to join the board with editor access, even if the UI does not show the updated...

2.7CVSS3.3AI score0.00431EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/17 3:26 p.m.15 views

CVE-2023-3587 Inconsistent state in UI after boards permission change by system admin

Mattermost fails to properly show information in the UI, allowing a system admin to modify a board state allowing any user with a valid sharing link to join the board with editor access, without the UI showing the updated permissions...

2.7CVSS6.5AI score0.00431EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/17 3:26 p.m.18 views

CVE-2023-3587 Inconsistent state in UI after boards permission change by system admin

Mattermost fails to properly show information in the UI, allowing a system admin to modify a board state allowing any user with a valid sharing link to join the board with editor access, without the UI showing the updated permissions...

2.7CVSS3.8AI score0.00431EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/06/25 12:0 a.m.30 views

Rocky Linux 9 : thunderbird (RLSA-2023:3587)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3587 advisory. - The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from...

9.8CVSS7.7AI score0.0093EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/06/17 12:0 a.m.18 views

Oracle Linux 9 : thunderbird (ELSA-2023-3587)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3587 advisory. 102.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.12.0-1 - Update to 102.12.0 build1 Tenable h...

9.8CVSS7.4AI score0.0093EPSS
Exploits0References3
Rows per page
Query Builder