MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.AXS4 (AXSA:2013-99:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-99:01 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2013-0424 Unspecified vulnerability in the Java Runtime Environment JRE...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.9-2.3.7.1.AXS4 (AXSA:2013-98:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2013-98:02 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2013-0424 Unspecified vulnerability in the Java Runtime Environment JRE...

MiracleLinux 3 : qspice-0.3.0-54.AXS3.2 (AXSA:2010-422:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-422:03 advisory. The Simple Protocol for Independent Computing Environments SPICE is a remote display system built for virtual environments which allows you to view a...

CVE-2021-0428

In getSimSerialNumber of TelephonyManager.java, there is a possible way to read a trackable identifier due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

CVE-2022-0428

The Content Egg WordPress plugin before 5.3.0 does not sanitise and escape the page parameter before outputting back in an attribute in the Autoblogging admin dashboard, leading to a Reflected Cross-Site Scripting...

EUVD-2026-0428

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

Linux Distros Unpatched Vulnerability : CVE-2017-0428

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the...

CVE-2020-0428

In CamX code, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges required. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-123999783...

CVE-2023-0428

creationtimestamp| type| source ---|---|--- 2025-03-12 20:42:36+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7374...

CVE-2025-0428

creationtimestamp| type| source ---|---|--- 2025-01-22 08:02:00+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2525 2025-01-22 08:16:12+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgcwho2lyi2n 2025-01-22 08:54:27+00:00| seen|...

dbs-arch (>=0.2.2 <=0.2.3), dbs-boot (>=0.3.0 <=0.4.0) +7 more potentially affected by unknown CVE via kvm-ioctls (>=0.10.0 <=0.18.0)

kvm-ioctls CARGO version =0.10.0, =0.2.2, =0.3.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.0.29, =0.2.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0428...

openSUSE: Security Advisory for the Linux Kernel (Live Patch 20 for SLE 15 SP4) (SUSE-SU-2024:0428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for ImageMagick (SUSE-SU-2023:0428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-0428

creationtimestamp| type| source ---|---|--- 2024-02-05 23:31:30+00:00| seen| https://t.me/ctinow/179601...

CVE-2024-0428

CVE-2024-0428 concerns the WordPress plugin Index Now. A CSRF vulnerability exists in all versions up to 2.6.3 caused by missing or improper nonce validation in the reset_form function, enabling unauthenticated attackers to delete arbitrary site options via a forged request if a site admin is tri...

WordPress Index Now Plugin <= 2.6.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Index Now Type Plugin Vulnerable versions = 2.6.3 Fixed in 2.6.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0428 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 1df75eded923 Credits Francesco Carlucci Require...

CVE-2023-0428 Watu Quiz < 3.3.8.2 - Reflected XSS

The Watu Quiz WordPress plugin before 3.3.8.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-0428

CVE-2023-0428 affects the WordPress plugin Watu Quiz prior to version 3.3.8.2. The issue is a reflected Cross-Site Scripting (XSS) caused by a parameter not being properly sanitised/escaped before being output on the page, enabling an attacker to exploit it against high-privilege users (e.g., adm...

SUSE CVE-2013-0428

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vecto...

WordPress Watu Quiz Plugin < 3.3.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Watu Quiz Type Plugin Vulnerable versions 3.3.8.2 Fixed in 3.3.8.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0428 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 65a196ce52fa Credits Felipe Restrepo Rodriguez...