14 matches found
EUVD-2022-35628
Malicious code in bioql PyPI...
Oracle Linux 7 : aide (ELSA-2025-15728)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-15728 advisory. 0.15.1-13.0.3 - aide security update CVE-2025-54389 Orabug: 38427919 Tenable has extracted the preceding description block directly from the Oracle Linux...
CVE-2019-15728
An issue was discovered in GitLab Community and Enterprise Edition 10.1 through 12.2.1. Protections against SSRF attacks on the Kubernetes integration are insufficient, which could have allowed an attacker to request any local network resource accessible from the GitLab server...
Stack overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by default. The issue...
CVE-2022-40718
CVE-2022-40718 concerns D-Link DIR-2150 (firmware 4.0.1). The flaw is a stack-based buffer overflow in the anweb service (listening on TCP ports 80/443) caused by improper validation of user-supplied data length, allowing network-adjacent attackers to execute code with root privileges. Multiple s...
CVE-2022-40718
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by default. The issue...
CVE-2020-15728
...
CVE-2020-15728
CVE-2020-15728 is rejected/not used per the Initial Description.
CVE-2019-15728
An issue was discovered in GitLab Community and Enterprise Edition 10.1 through 12.2.1. Protections against SSRF attacks on the Kubernetes integration are insufficient, which could have allowed an attacker to request any local network resource accessible from the GitLab server...
CVE-2019-15728
CVE-2019-15728 affects GitLab Community and Enterprise Edition 10.1–12.2.1. The root issue is insufficient SSRF protections in the Kubernetes integration, enabling an attacker to request local network resources reachable from the GitLab server. Impact and exploitation details are as described; re...
CVE-2018-15728
CVE-2018-15728 affects Couchbase Server where the REST/diag/eval endpoint (on TCP 8091 and/or 18091) could be accessed by authenticated Full Admin users to submit arbitrary Erlang code, which would execute on the underlying OS with the attacker's privileges. Affected versions include 4.0.0, 4.1.2...
CVE-2018-15728
Couchbase Server exposed the '/diag/eval' endpoint which by default is available on TCP/8091 and/or TCP/18091. Authenticated users that have 'Full Admin' role assigned could send arbitrary Erlang code to the 'diag/eval' endpoint of the API and the code would subsequently be executed in the...
CVE-2017-15728
CVE-2017-15728 affects phpMyFAQ prior to 2.9.9, exposing a Stored Cross-site Scripting (XSS) vulnerability through metaDescription or metaKeywords fields. Public sources (NVD entry and Red Hat advisory) describe the flaw as an XSS issue in phpMyFAQ versions before 2.9.9. The OpenVAS entry and CNV...
CVE-2010-4507
creationtimestamp| type| source ---|---|--- 2010-12-12 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15728 2026-06-28 15:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mpecinjyu72y...