MAL-2026-1628 Malicious code in @legacy-ui/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cc68fa0af265da13a26ccfc943668c887b5aa3f4a73ddc7af9ab2d8498d7a0d The package @legacy-ui/core was found to contain malicious code...

Oracle Linux 10 : php (ELSA-2026-1628)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1628 advisory. 8.3.29-1 - rebase to 8.3.29 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

CVE-2023-1628

A vulnerability classified as problematic has been found in Jianming Antivirus 16.2.2022.418. Affected is an unknown function in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploi...

CVE-2021-1628

MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...

CVE-2009-1628

Stack-based buffer overflow in mnet.exe in Unisys Business Information Server BIS 10 and 10.1 on Windows allows remote attackers to execute arbitrary code via a crafted TCP packet...

CVE-2025-1628

creationtimestamp| type| source ---|---|--- 2025-03-20 02:54:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkrp27y5vf26...

CVE-2024-1628

OS command injection vulnerabilities in GE HealthCare ultrasound devices...

CVE-2024-1628

creationtimestamp| type| source ---|---|--- 2024-05-17 17:05:05+00:00| published-proof-of-concept| https://t.me/truesecator/5749...

CVE-2024-1628

OS command injection vulnerabilities in GE HealthCare ultrasound devices...

CVE-2024-1628 OS command injection vulnerabilities in GE HealthCare ultrasound devices

OS command injection vulnerabilities in GE HealthCare ultrasound devices...

CVE-2024-1628 OS command injection vulnerabilities in GE HealthCare ultrasound devices

OS command injection vulnerabilities in GE HealthCare ultrasound devices...

CVE-2024-1628

Technical details about CVE-2024-1628 are not publicly available in the provided connected documents. Monitor for updates from GE HealthCare advisories and security bulletins for affected products, versions, impact, and fixes.

Siemens Industrial Products Uncontrolled Resource Consumption (CVE-2019-11478)

Multiple industrial products are affected by a vulnerability in the kernel known as TCP SACK PANIC. A remote attacker could cause a denial of service condition by sending specially crafted TCP Selective Acknowledgment SACK sequences to affected products. This plugin only works with Tenable.ot...

SUSE: Security Advisory (SUSE-SU-2023:1628-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1628

creationtimestamp| type| source ---|---|--- 2023-03-25 15:38:13+00:00| seen| https://t.me/cibsecurity/60743...

CVE-2023-1628

A vulnerability classified as problematic has been found in Jianming Antivirus 16.2.2022.418. Affected is an unknown function in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploi...

CVE-2023-1628 Jianming Antivirus IoControlCode kvcore.sys null pointer dereference

A vulnerability classified as problematic has been found in Jianming Antivirus 16.2.2022.418. Affected is an unknown function in the library kvcore.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploi...

CVE-2023-1628

Jianming Antivirus 16.2.2022.418 is affected by a vulnerability in the kvcore.sys IoControlCode Handler where manipulation of an unknown function leads to a null pointer dereference. The attack is local in nature, and public exploits have been disclosed. Remediation status is not consistently doc...

Security Bulletin: Incorrect authorization for stop and resume Event Manager REST API in IBM Business Process Manager (CVE-2017-1628)

Summary Due to incorrect authorization for stop and resume Event Manager REST API, users without required permission can stop and resume the Event Manager in IBM Business Process Manager. Vulnerability Details CVEID: CVE-2017-1628 DESCRIPTION: IBM Business Process Manager allows authenticated use...

CVE-2022-1628 Simple SEO <= 1.7.91 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Simple SEO plugin for WordPress is vulnerable to attribute-based stored Cross-Site Scripting in versions up to, and including 1.7.91, due to insufficient sanitization or escaping on the SEO social and standard title parameters. This can be exploited by authenticated users with Contributor and...