Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.9 views

CVE-2024-41987

The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a...

8.6CVSS6.8AI score0.00245EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/10 5:18 a.m.2 views

EUVD-2025-41987

Malicious code in sari-bakwan4-sluey npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-41987

Malicious code in bioql PyPI...

7.5CVSS8.5AI score0.10323EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:18 a.m.6 views

CVE-2023-41987

This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data...

5.5CVSS5.7AI score0.00196EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:21 p.m.5 views

CVE-2021-41987

In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scepservername value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10...

8.1CVSS8.1AI score0.16229EPSS
Exploits1
Circl
Circl
added 2024/10/03 8:48 p.m.7 views

CVE-2024-41987

creationtimestamp| type| source ---|---|--- 2024-10-03 20:48:05+00:00| seen| https://t.me/cvedetector/6921...

8.6CVSS4.8AI score0.00245EPSS
Exploits1References1
NVD
NVD
added 2024/10/03 6:15 p.m.13 views

CVE-2024-41987

The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a...

8.6CVSS0.00245EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.115 views

MikroTik RouterOS Out-of-bounds Write (CVE-2021-41987)

In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scepservername value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10. This plugin only works with Tenable.ot. Please...

8.1CVSS7.9AI score0.16229EPSS
Exploits1References3
Circl
Circl
added 2024/01/21 10:16 a.m.7 views

CVE-2023-41987

creationtimestamp| type| source ---|---|--- 2024-01-21 10:16:49+00:00| seen| https://t.me/ctinow/170792 2025-06-17 16:41:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18619...

5.5CVSS5.5AI score0.00196EPSS
Exploits0References2
NVD
NVD
added 2024/01/10 10:15 p.m.22 views

CVE-2023-41987

This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data...

5.5CVSS4.5AI score0.00196EPSS
Exploits0References2
CVE
CVE
added 2024/01/10 10:3 p.m.65 views

CVE-2023-41987

The CVE-2023-41987 entry concerns a macOS Sonoma 14 vulnerability where an app may access sensitive user data due to insufficient checks. The connected sources (NVD/Red Hat/PRION/CVL) confirm that Apple resolved the issue in macOS Sonoma 14 with a patch that improves checks, addressing a data-acc...

5.5CVSS5.2AI score0.00196EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/05/25 11:15 a.m.44 views

CVE-2022-41987

Cross-Site Request Forgery CSRF vulnerability in LearningTimes BadgeOS plugin = 3.7.1.6 versions...

8.8CVSS7.1AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2023/05/25 10:13 a.m.55 views

CVE-2022-41987

CVE-2022-41987: A Cross-Site Request Forgery (CSRF) vulnerability in the LearningTimes BadgeOS WordPress plugin is present in versions

8.8CVSS7.5AI score0.00246EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/05/25 10:13 a.m.37 views

CVE-2022-41987 WordPress BadgeOS Plugin <= 3.7.1.6 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in LearningTimes BadgeOS plugin = 3.7.1.6 versions...

6.3CVSS9AI score0.00246EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/04/18 12:0 a.m.14 views

WordPress BadgeOS Plugin <= 3.7.1.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software BadgeOS Type Plugin Vulnerable versions = 3.7.1.6 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-41987 Patch priority Low CVSS severity Low 6.3 Developer Claim ownership PSID ece317dfb61e Credits István Márton Required...

8.8CVSS7AI score0.00246EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2022/03/18 12:0 a.m.100 views

MikroTik RouterOS RCE Vulnerability (CVE-2021-41987)

MikroTik RouterOS is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.1CVSS8.5AI score0.16229EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/03/16 2:44 p.m.26 views

CVE-2021-41987

In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scepservername value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10...

8.7AI score0.16229EPSS
Exploits1References2
CVE
CVE
added 2022/03/16 2:44 p.m.253 views

CVE-2021-41987

The vulnerability CVE-2021-41987 affects MikroTik RouterOS SCEP Server in specific releases (RouterOS 6.46.8, 6.47.9, 6.47.10). A heap-based buffer overflow can be triggered by an attacker who knows the scep_server_name value, leading to remote code execution. Multiple sources (NVD entry and Red ...

8.1CVSS8.4AI score0.16229EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder