CVE-2026-4487

creationtimestamp| type| source ---|---|--- 2026-03-20 18:50:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhj6oa3qtt2u 2026-03-20 21:00:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhjfxcngsv2u 2026-03-20 21:01:22+00:00| seen|...

CVE-2026-4487

A vulnerability was determined in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/websHostFilter. This manipulation causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized...

Debian: Security Advisory (DLA-4487-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-4487-1 gegl - security update

Bulletin has no description...

CVE-2017-4487

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none...

EUVD-2026-4487

Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a...

PT-2026-21390

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description GIMP installations are susceptible to remote code execution due to a heap-based buffer overflow present in the HDR file parsing functionality. Exploitation requires user interaction with malicio...

PT-2026-21391

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability...

RockyLinux 9 : ruby (RLSA-2025:4487)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:4487 advisory. CGI: ReDoS in CGI::UtilescapeElement CVE-2025-27220 CGI: Denial of Service in CGI::Cookie.parse CVE-2025-27219 Tenable has extracted the preceding...

CVE-2011-4487

SQL injection vulnerability in Cisco Unified Communications Manager CUCM with software 6.x and 7.x before 7.15bsu5, 8.0 before 8.03asu3, and 8.5 and 8.6 before 8.62asu1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.62asu1 allows remote attacke...

CVE-2025-4487

creationtimestamp| type| source ---|---|--- 2025-05-09 20:26:24+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15847 2025-05-09 22:06:56+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lorbeynhoxd2 2025-05-09...

CVE-2025-4487

CVE-2025-4487 affects itsourcecode Gym Management System 1.0. The vulnerability is an SQL injection in the unknown function handling the endpoint /ajax.php?action=delete_member, triggered by manipulating the ID parameter. It is described as exploitable remotely, with public disclosure of exploits...

CVE-2025-4487 itsourcecode Gym Management System ajax.php sql injection

A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /ajax.php?action=deletemember. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit...

CVE-2025-4487 itsourcecode Gym Management System ajax.php sql injection

A vulnerability was found in itsourcecode Gym Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /ajax.php?action=deletemember. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit...

Linux Distros Unpatched Vulnerability : CVE-2016-4487

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service segmentation fault and crash via a crafted binary, related to...

CVE-2024-4487

creationtimestamp| type| source ---|---|--- 2025-01-28 03:16:38+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3204...

WordPress Blocksy Companion Plugin <= 2.0.45 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Companion Type Plugin Vulnerable versions = 2.0.45 Fixed in 2.0.46 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4487 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID 47cc317dca12 Credits wesley wcraft Requir...

CVE-2024-4487 Blocksy Companion <= 2.0.45 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG Uploads

The Blocksy Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG uploads in versions up to, and including, 2.0.45 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and...

RHEL 6 : gcc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gcc: Exploitable buffer overflow CVE-2016-2226 - Use-after-free vulnerability in libiberty allows remote...

CVE-2023-4487

creationtimestamp| type| source ---|---|--- 2023-09-06 02:17:38+00:00| seen| https://t.me/cibsecurity/69925...