Lucene search
K

20 matches found

EUVD
EUVD
added 2025/11/10 4:5 a.m.1 views

EUVD-2025-39887

Malicious code in dono-getas90-ruro npm...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-39887

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix null-ptr-deref in bitmapparselist A crash was observed with the...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/23 5:10 p.m.6 views

CVE-2025-39887

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix null-ptr-deref in bitmapparselist A crash was observed with the following output: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 92 Comm:...

5.5CVSS5.6AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.3 views

CVE-2025-39887

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix null-ptr-deref in bitmapparselist A crash was observed with the following output: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 92 Comm:...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/23 6:0 a.m.7 views

CVE-2025-39887 tracing/osnoise: Fix null-ptr-deref in bitmap_parselist()

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix null-ptr-deref in bitmapparselist A crash was observed with the following output: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 92 Comm:...

0.00119EPSS
Exploits0References2
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-39887 Malicious code in xnatetris (npm)

The package xnatetris was found to contain malicious code...

7.2AI score
Exploits0
Circl
Circl
added 2024/07/16 12:55 p.m.4 views

CVE-2024-39887

creationtimestamp| type| source ---|---|--- 2024-07-16 12:55:40+00:00| seen| https://t.me/cvedetector/926 2024-12-09 16:22:14+00:00| seen| https://t.me/cvedetector/12393 2024-12-11 15:19:16+00:00| confirmed|...

9.8CVSS4.8AI score0.04433EPSS
Exploits2References3
OSV
OSV
added 2024/07/16 10:15 a.m.10 views

CVE-2024-39887

An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new...

9.8CVSS7.3AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/16 9:20 a.m.18 views

CVE-2024-39887 Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions

An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new...

4.3CVSS7.3AI score0.04433EPSS
Exploits2References2
Cvelist
Cvelist
added 2024/07/16 9:20 a.m.44 views

CVE-2024-39887 Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions

An SQL Injection vulnerability in Apache Superset exists due to improper neutralization of special elements used in SQL commands. Specifically, certain engine-specific functions are not checked, which allows attackers to bypass Apache Superset's SQL authorization. To mitigate this, a new...

4.3CVSS0.04433EPSS
Exploits2References2
CVE
CVE
added 2024/07/16 9:20 a.m.90 views

CVE-2024-39887

CVE-2024-39887 describes an SQL Injection in Apache Superset due to improper neutralization of engine-specific SQL functions. The vulnerability affects “Apache Superset” and allows bypassing SQL authorization via certain PostgreSQL functions, mitigated by a config key DISALLOWED_SQL_FUNCTIONS. Th...

9.8CVSS7.3AI score0.04433EPSS
Exploits2References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/01/02 12:0 a.m.21 views

GitLab 8.4 < 14.1.7 / 14.2 < 14.2.5 / 14.3 < 14.3.1 (CVE-2021-39887)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A stored Cross-Site Scripting vulnerability in the GitLab Flavored Markdown in GitLab CE/EE version 8.4 and above allowed an attacker to execute arbitrary JavaScript code on the victim's behalf...

7.3CVSS7AI score0.00837EPSS
Exploits0References4
Circl
Circl
added 2022/11/10 12:49 a.m.5 views

CVE-2022-39887

creationtimestamp| type| source ---|---|--- 2022-11-10 00:49:29+00:00| seen| https://t.me/cibsecurity/52781 2025-05-01 20:16:08+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14402...

4.3CVSS4.2AI score0.00082EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/09 12:0 a.m.5 views

CVE-2022-39887

Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting...

4.3CVSS6.6AI score0.00082EPSS
Exploits0References1
CVE
CVE
added 2022/11/09 12:0 a.m.64 views

CVE-2022-39887

CVE-2022-39887 refers to an improper access‑control vulnerability in the Samsung MiscPolicy function clearAllGlobalProxy (before SMR Nov-2022 Release 1) that allows a local attacker to configure EDM settings. The NVD entry shows a low to medium overall risk depending on vector/impact metrics, wit...

4.3CVSS4AI score0.00082EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2021/10/05 4:30 p.m.5 views

CVE-2021-39887

creationtimestamp| type| source ---|---|--- 2021-10-05 16:30:33+00:00| seen| https://t.me/cibsecurity/29963...

7.3CVSS6.1AI score0.00837EPSS
Exploits0References1
OSV
OSV
added 2021/10/05 12:15 p.m.20 views

CVE-2021-39887

A stored Cross-Site Scripting vulnerability in the GitLab Flavored Markdown in GitLab CE/EE version 8.4 and above allowed an attacker to execute arbitrary JavaScript code on the victim's behalf...

5.4CVSS6.1AI score0.00837EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2021/10/05 12:15 p.m.20 views

CVE-2021-39887

A stored Cross-Site Scripting vulnerability in the GitLab Flavored Markdown in GitLab CE/EE version 8.4 and above allowed an attacker to execute arbitrary JavaScript code on the victim's behalf...

7.3CVSS6.8AI score0.00837EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2021/10/05 11:12 a.m.20 views

CVE-2021-39887

Removed by vendor...

7.3CVSS6.6AI score0.00837EPSS
Exploits0
CVE
CVE
added 2021/10/05 11:12 a.m.70 views

CVE-2021-39887

CVE-2021-39887 affects GitLab CE/EE using GitLab Flavored Markdown. The vulnerability is a stored Cross-Site Scripting flaw in the Markdown renderer for version 8.4 and above, enabling an attacker to execute arbitrary JavaScript in a victim’s browser. The public documents consistently describe th...

7.3CVSS5.4AI score0.00837EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder