CVE-2021-0328

In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...

EUVD-2026-0328

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

CVE-2020-0328

In the camera, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150156131...

CVE-2019-0328

ABAP Tests Modules SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5 of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. An attacker could thereby impact the integrity and availability of the system...

CVE-2010-0328

Cross-site scripting XSS vulnerability in the Unit Converter cs2unitconv extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2025-0328

creationtimestamp| type| source ---|---|--- 2025-01-09 04:35:26+00:00| seen| https://infosec.exchange/users/cve/statuses/113796535156197739 2025-01-09 05:14:47+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/889 2025-01-09 05:15:34+00:00| seen|...

CVE-2025-0328 KaiYuanTong ECT Platform HTTP POST Request runCode.php command injection

A vulnerability, which was classified as critical, has been found in KaiYuanTong ECT Platform up to 2.0.0. Affected by this issue is some unknown functionality of the file /public/server/runCode.php of the component HTTP POST Request Handler. The manipulation of the argument code leads to command...

CVE-2025-0328 KaiYuanTong ECT Platform HTTP POST Request runCode.php command injection

A vulnerability, which was classified as critical, has been found in KaiYuanTong ECT Platform up to 2.0.0. Affected by this issue is some unknown functionality of the file /public/server/runCode.php of the component HTTP POST Request Handler. The manipulation of the argument code leads to command...

Mageia: Security Advisory (MGASA-2024-0328)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 9 : ruby (ELSA-2024-3838)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3838 advisory. - Fix double free in Regexp compilation. Resolves: CVE-2022-28738 Tenable has extracted the preceding description block directly from the Oracle Linux...

openSUSE: Security Advisory for rubygem (SUSE-SU-2023:0328-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 9 : go-toolset and golang (RLSA-2023:0328)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0328 advisory. - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of...

WordPress WPCode - Insert Headers and Footers Plugin < 2.0.7 Improper Authorization Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpcode:wpcode"; ifdescription...

CVE-2023-0328

creationtimestamp| type| source ---|---|--- 2023-03-06 16:12:44+00:00| seen| https://t.me/cibsecurity/59471 2025-03-06 16:07:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6688...

CVE-2023-0328 WPCode < 2.0.7 - Contributor+ WPCode Library Auth Key Update/Deletion

The WPCode WordPress plugin before 2.0.7 does not have adequate privilege checks in place for several AJAX actions, only checking the nonce. This may lead to allowing any authenticated user who can edit posts to call the endpoints related to WPCode Library authentication such as update and delete...

CVE-2023-0328 WPCode < 2.0.7 - Contributor+ WPCode Library Auth Key Update/Deletion

The WPCode WordPress plugin before 2.0.7 does not have adequate privilege checks in place for several AJAX actions, only checking the nonce. This may lead to allowing any authenticated user who can edit posts to call the endpoints related to WPCode Library authentication such as update and delete...

CVE-2023-0328

The CVE-2023-0328 entry concerns the WPCode WordPress plugin before version 2.0.7, where insufficient privilege checks exist for several AJAX actions that only validate a nonce. This can allow any authenticated user with post-editing rights to invoke WPCode Library authentication endpoints, poten...

WordPress WPCode Plugin < 2.0.7 is vulnerable to Broken Access Control

Software WPCode Type Plugin Vulnerable versions 2.0.7 Fixed in 2.0.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0328 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ec0db54dded4 Credits Sanjay Das Required privilege Contributor...

SUSE CVE-2015-0328

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service NULL pointer dereference or possibly have unspecified other impact via unknown vectors, a different vulnerability than...

Oracle Linux 9 : go-toolset / and / golang (ELSA-2023-0328)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0328 advisory. golang 1.18.9-1 - Rebase to Go 1.18.9 - Enable big endian support for fips mode - Fix ppc64le linker issue - Resolves: rhbz2144547 - Resolves:...