56 matches found
CVE-2022-3987 Responsive Lightbox2 < 1.0.4 - Contributor+ Stored XSS
The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...
SUSE: Security Advisory (SUSE-SU-2022:3987-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : kernel (RHSA-2021:3987)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3987 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in...
Trend Micro Password Manager Command Injection (CVE-2016-3987)
A command injection vulnerability exists in Trend Micro Password Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
SUSE: Security Advisory (SUSE-SU-2018:3987-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VMware Horizon View Client < 5.4.4 Multiple Vulnerabilities (VMSA-2020-0020)
The version of VMware Horizon Client for Windows installed on the remote host is less than 5.4.4. It is, therefore, affected by the following vulnerabilities: - Multiple out-of-bounds read vulnerabilities in Cortado ThinPrint components JPEG2000 parser, EMR STRETCHDIBITS parser, and EMF Parser. A...
VMware Workstation 15.x < 15.5.7 Multiple Vulnerabilities (VMSA-2020-0020)
The version of VMware Workstation installed on the remote host is 15.x. It is, therefore, affected by the following vulnerabilities: - Multiple out-of-bounds read vulnerabilities in Cortado ThinPrint components JPEG2000 parser, EMR STRETCHDIBITS parser, and EMF Parser. A malicious actor with norm...
CVE-2020-3987
CVE-2020-3987 is an out-of-bounds read vulnerability in the Cortado ThinPrint EMR STRETCHDIBITS parser affecting VMware Workstation 15.x and Horizon Client for Windows older than 5.4.4. A malicious actor with normal access to a guest VM may trigger a partial DoS or leak memory from the TPView pro...
KLA12099 Multiple vulnerabilities in VMware Workstation and Player
Multiple vulnerabilities were found in VMware Workstation and Player. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A out of bounds read vulnerability in Cortado ThinPrin...
CVE-2018-3987
Rakuten Viber for Android 9.3.0.6 exposes an information-disclosure in the app’s Secret Chats: photos taken and shared within secret chats are not fully removed when a chat is deleted, leaving copies on the device filesystem that are accessible to other installed apps. The vulnerability stems fro...
CVE-2019-3987
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the key parameter...
CVE-2019-3987
Blink XT2 Sync Module firmware prior to 2.13.11 is affected by an OS command injection vulnerability caused by improper sanitization when configuring Wi‑Fi via the key parameter. If exploited, this can allow remote attackers to execute arbitrary commands on the device. Public sources indicate mit...
CVE-2017-3987
CVE-2017-3987 is rejected/not used and does not represent an active vulnerability entry.
CVE-2017-3987
...
Debian: Security Advisory (DSA-3987-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Syslog Detection (TCP)
Binary data 3987.prm...
CVE-2016-3987
The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to 1 api/openUrlInDefaultBrowser or 2 api/showSB...
CVE-2016-3987
CVE-2016-3987 concerns the HTTP server in Trend Micro Password Manager, where the URL parameter to api/openUrlInDefaultBrowser or api/showSB can lead to remote command execution. The vulnerability implies a command-injection flaw in the server’s handling of specific URL queries, enabling an attac...
CVE-2016-3987
creationtimestamp| type| source ---|---|--- 2016-01-11 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39218...
CVE-2015-3987
Multiple unquoted Windows search path vulnerabilities in the 1 Client Management and 2 Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors...