Lucene search
+L

56 matches found

Cvelist
Cvelist
added 2022/12/19 1:41 p.m.35 views

CVE-2022-3987 Responsive Lightbox2 < 1.0.4 - Contributor+ Stored XSS

The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.6AI score0.00471EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2022/11/16 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2022:3987-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/10/28 12:0 a.m.50 views

RHEL 7 : kernel (RHSA-2021:3987)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3987 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in...

8.8CVSS6.8AI score0.01476EPSS
Exploits3References14
Check Point Advisories
Check Point Advisories
added 2021/09/29 12:0 a.m.28 views

Trend Micro Password Manager Command Injection (CVE-2016-3987)

A command injection vulnerability exists in Trend Micro Password Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS9.7AI score0.22304EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2018:3987-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.06169EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2020/09/24 12:0 a.m.45 views

VMware Horizon View Client < 5.4.4 Multiple Vulnerabilities (VMSA-2020-0020)

The version of VMware Horizon Client for Windows installed on the remote host is less than 5.4.4. It is, therefore, affected by the following vulnerabilities: - Multiple out-of-bounds read vulnerabilities in Cortado ThinPrint components JPEG2000 parser, EMR STRETCHDIBITS parser, and EMF Parser. A...

6.5CVSS6AI score0.00324EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/09/24 12:0 a.m.30 views

VMware Workstation 15.x < 15.5.7 Multiple Vulnerabilities (VMSA-2020-0020)

The version of VMware Workstation installed on the remote host is 15.x. It is, therefore, affected by the following vulnerabilities: - Multiple out-of-bounds read vulnerabilities in Cortado ThinPrint components JPEG2000 parser, EMR STRETCHDIBITS parser, and EMF Parser. A malicious actor with norm...

6.5CVSS6AI score0.00324EPSS
Exploits0References6
CVE
CVE
added 2020/09/16 4:14 p.m.77 views

CVE-2020-3987

CVE-2020-3987 is an out-of-bounds read vulnerability in the Cortado ThinPrint EMR STRETCHDIBITS parser affecting VMware Workstation 15.x and Horizon Client for Windows older than 5.4.4. A malicious actor with normal access to a guest VM may trigger a partial DoS or leak memory from the TPView pro...

6.1CVSS5.9AI score0.00301EPSS
Exploits0References1Affected Software3
Kaspersky
Kaspersky
added 2020/09/14 12:0 a.m.46 views

KLA12099 Multiple vulnerabilities in VMware Workstation and Player

Multiple vulnerabilities were found in VMware Workstation and Player. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. A out of bounds read vulnerability in Cortado ThinPrin...

6.7CVSS6.8AI score0.00324EPSS
Exploits0References4
CVE
CVE
added 2020/02/12 11:36 p.m.102 views

CVE-2018-3987

Rakuten Viber for Android 9.3.0.6 exposes an information-disclosure in the app’s Secret Chats: photos taken and shared within secret chats are not fully removed when a chat is deleted, leaving copies on the device filesystem that are accessible to other installed apps. The vulnerability stems fro...

5.5CVSS5.1AI score0.00376EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/12/11 11:15 p.m.13 views

CVE-2019-3987

Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary commands on the device due to improperly sanitized input when configuring the devices wifi configuration via the key parameter...

8.8CVSS9.1AI score0.01664EPSS
Exploits1References1
CVE
CVE
added 2019/12/11 10:39 p.m.84 views

CVE-2019-3987

Blink XT2 Sync Module firmware prior to 2.13.11 is affected by an OS command injection vulnerability caused by improper sanitization when configuring Wi‑Fi via the key parameter. If exploited, this can allow remote attackers to execute arbitrary commands on the device. Public sources indicate mit...

8.8CVSS9AI score0.01664EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2018/03/16 2:4 p.m.23 views

CVE-2017-3987

CVE-2017-3987 is rejected/not used and does not represent an active vulnerability entry.

7.3AI score
Exploits0
Cvelist
Cvelist
added 2018/03/16 2:4 p.m.10 views

CVE-2017-3987

...

Exploits0
OpenVAS
OpenVAS
added 2017/09/28 12:0 a.m.23 views

Debian: Security Advisory (DSA-3987-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.03641EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2016/04/14 12:0 a.m.12 views

Syslog Detection (TCP)

Binary data 3987.prm...

7.3AI score
Exploits0
NVD
NVD
added 2016/04/12 2:0 a.m.18 views

CVE-2016-3987

The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to 1 api/openUrlInDefaultBrowser or 2 api/showSB...

10CVSS9.8AI score0.22304EPSS
Exploits1References5
CVE
CVE
added 2016/04/08 4:0 p.m.56 views

CVE-2016-3987

CVE-2016-3987 concerns the HTTP server in Trend Micro Password Manager, where the URL parameter to api/openUrlInDefaultBrowser or api/showSB can lead to remote command execution. The vulnerability implies a command-injection flaw in the server’s handling of specific URL queries, enabling an attac...

10CVSS9.7AI score0.22304EPSS
Exploits1References5Affected Software1
Circl
Circl
added 2016/01/11 12:0 a.m.39 views

CVE-2016-3987

creationtimestamp| type| source ---|---|--- 2016-01-11 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39218...

10CVSS6.9AI score0.22304EPSS
Exploits1References1
Cvelist
Cvelist
added 2015/05/14 2:0 p.m.22 views

CVE-2015-3987

Multiple unquoted Windows search path vulnerabilities in the 1 Client Management and 2 Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors...

9.3AI score0.00472EPSS
Exploits0References3
Rows per page
Query Builder