179 matches found
CVE-2026-3587
creationtimestamp| type| source ---|---|--- 2026-03-23 08:02:01+00:00| seen| https://infosec.exchange/users/certvde/statuses/116277439434054031 2026-03-23 08:02:11+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3mhplts73kmm2 2026-03-23 08:17:02+00:00| seen|...
MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.101-3.b13.el7 (AXSA:2016-571:05)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-571:05 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2016-3458 RESERVED This candidate has been reserved by an organization ...
MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.101-3.b13.AXS4 (AXSA:2016-570:06)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-570:06 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2016-3458 RESERVED This candidate has been reserved by an organization ...
CVE-2024-3587
The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Portfolios Widget in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
CVE-2025-3587
A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-3587
creationtimestamp| type| source ---|---|--- 2025-04-14 20:54:44+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11706 2025-04-14 22:38:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmsmvuczaj2q 2025-04-14 23:02:13+00:00| seen|...
CVE-2025-3587
A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-3587
A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects unknown code of the file /getTeacherList. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2025-3587
CVE-2025-3587 affects ZeroWdd/code-projects studentmanager version 1.0. The vulnerability involves improper authorization in the /getTeacherList file, allowing a remote attacker to exploit it. Public disclosures imply exploitable conditions. CVSS base impact ratings from sources include High conf...
Linux Distros Unpatched Vulnerability : CVE-2013-3587
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which...
openSUSE Security Advisory (SUSE-SU-2024:3587-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-3587
creationtimestamp| type| source ---|---|--- 2024-07-16 12:05:23+00:00| seen| https://t.me/cvedetector/922...
CVE-2024-3587 Premium Portfolio Features for Phlox theme <= 2.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via ' Grid Portfolios'
The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Grid Portfolios Widget in all versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
WordPress Phlox Portfolio Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)
Software Phlox Portfolio Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3587 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2481f1e17cc6 Credits wesley wcraft Required...
CVE-2023-3587
creationtimestamp| type| source ---|---|--- 2023-07-17 20:40:22+00:00| seen| https://t.me/cibsecurity/66840...
CVE-2023-3587
Mattermost vulnerability CVE-2023-3587 concerns a UI inconsistency where, after a system admin changes a board’s permissions, the UI fails to reflect the updated state. This can allow any user with a valid sharing link to join the board with editor access, even if the UI does not show the updated...
CVE-2023-3587 Inconsistent state in UI after boards permission change by system admin
Mattermost fails to properly show information in the UI, allowing a system admin to modify a board state allowing any user with a valid sharing link to join the board with editor access, without the UI showing the updated permissions...
CVE-2023-3587 Inconsistent state in UI after boards permission change by system admin
Mattermost fails to properly show information in the UI, allowing a system admin to modify a board state allowing any user with a valid sharing link to join the board with editor access, without the UI showing the updated permissions...
Rocky Linux 9 : thunderbird (RLSA-2023:3587)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3587 advisory. - The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from...
Oracle Linux 9 : thunderbird (ELSA-2023-3587)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3587 advisory. 102.12.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.12.0-1 - Update to 102.12.0 build1 Tenable h...