Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

AlmaLinux 8 : postgresql:16 (ALSA-2026:28143)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:28143 advisory. postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can cause an...

8.8CVSS6AI score0.00668EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.7 views

RockyLinux 8 : postgresql:16 (RLSA-2026:28143)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:28143 advisory. postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison CVE-2026-6478 postgresql: integer overflow can cause an...

8.8CVSS5.9AI score0.00668EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 1:4 a.m.8 views

CVE-2022-28143

A cross-site request forgery CSRF vulnerability in Jenkins Proxmox Plugin 0.7.0 and earlier allows attackers to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for the entire Jenkins controller JVM as part ...

7.5CVSS6.5AI score0.00642EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/17 3:9 a.m.33 views

CVE-2025-28143

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V31.0.15 was discovered to contain a command injection vulnerability via the groupname at the /boafrm/formDiskCreateGroup...

6.5CVSS8AI score0.07748EPSS
Exploits1References1
Circl
Circl
added 2025/04/15 7:57 p.m.6 views

CVE-2025-28143

creationtimestamp| type| source ---|---|--- 2025-04-15 19:57:18+00:00| seen| https://t.me/cvedetector/22976...

6.5CVSS4.8AI score0.07748EPSS
Exploits1References1
NVD
NVD
added 2025/04/15 3:16 p.m.11 views

CVE-2025-28143

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V31.0.15 was discovered to contain a command injection vulnerability via the groupname at the /boafrm/formDiskCreateGroup...

6.5CVSS0.07748EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/04/15 12:0 a.m.9 views

CVE-2025-28143

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V31.0.15 was discovered to contain a command injection vulnerability via the groupname at the /boafrm/formDiskCreateGroup...

0.07748EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/04/15 12:0 a.m.7 views

CVE-2025-28143

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V31.0.15 was discovered to contain a command injection vulnerability via the groupname at the /boafrm/formDiskCreateGroup...

8.2AI score0.07748EPSS
Exploits1References2
CVE
CVE
added 2025/04/15 12:0 a.m.65 views

CVE-2025-28143

CVE-2025-28143 affects Edimax BR-6478AC (BR-6478AC, V3_1.0.15) with a command injection via the groupname parameter on the /boafrm/formDiskCreateGroup API. Root cause: insufficient input filtering of groupname leading to arbitrary command execution. Documented impact: arbitrary command execution;...

6.5CVSS7.8AI score0.07748EPSS
Exploits1References2Affected Software1
Circl
Circl
added 2024/12/12 1:55 p.m.14 views

CVE-2024-28143

creationtimestamp| type| source ---|---|--- 2024-12-12 13:55:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113640193636487541 2024-12-12 16:20:46+00:00| seen| https://t.me/cvedetector/12789...

8.4CVSS4.8AI score0.00262EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/12 1:52 p.m.23 views

CVE-2024-28143 Insecure Password Change Function

The password change function at /cgi/admin.cgi does not require the current/old password, which makes the application vulnerable to account takeover. An attacker can use this to forcefully set a new password within the -rsetpass+-aaction+- parameter for a user without knowing the old password, e....

0.00262EPSS
Exploits0References2
Circl
Circl
added 2023/04/18 8:29 p.m.5 views

CVE-2023-28143

creationtimestamp| type| source ---|---|--- 2023-04-18 20:29:21+00:00| seen| https://t.me/cibsecurity/62368...

7CVSS7AI score0.00174EPSS
Exploits0References1
NVD
NVD
added 2023/04/18 4:15 p.m.14 views

CVE-2023-28143

Qualys Cloud Agent for macOS versions 2.5.1-75 before 3.7 installer allows a local escalation of privilege bounded only to the time of installation and only on older macOSX macOS 10.15 and older versions. Attackers may exploit incorrect file permissions to give them ROOT command execution...

7CVSS6.8AI score0.00174EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/18 3:54 p.m.5 views

CVE-2023-28143 Local Privilege Escalation

Qualys Cloud Agent for macOS versions 2.5.1-75 before 3.7 installer allows a local escalation of privilege bounded only to the time of installation and only on older macOSX macOS 10.15 and older versions. Attackers may exploit incorrect file permissions to give them ROOT command execution...

6.7CVSS7.1AI score0.00174EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/18 3:54 p.m.18 views

CVE-2023-28143 Local Privilege Escalation

Qualys Cloud Agent for macOS versions 2.5.1-75 before 3.7 installer allows a local escalation of privilege bounded only to the time of installation and only on older macOSX macOS 10.15 and older versions. Attackers may exploit incorrect file permissions to give them ROOT command execution...

6.7CVSS7.4AI score0.00174EPSS
Exploits0References1
CVE
CVE
added 2023/04/18 3:54 p.m.52 views

CVE-2023-28143

CVE-2023-28143 affects Qualys Cloud Agent for macOS (versions 2.5.1-75 before 3.7). The installer allows a local escalation of privilege bounded to the installation window on macOS 10.15 and older. Attackers may exploit incorrect file permissions during PKG extraction/cromotion (copying files to ...

7CVSS6.8AI score0.00174EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/03/29 1:15 p.m.21 views

CVE-2022-28143

A cross-site request forgery CSRF vulnerability in Jenkins Proxmox Plugin 0.7.0 and earlier allows attackers to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for the entire Jenkins controller JVM as part ...

6.5CVSS7.6AI score
Exploits0References2
Cvelist
Cvelist
added 2022/03/29 12:30 p.m.25 views

CVE-2022-28143

A cross-site request forgery CSRF vulnerability in Jenkins Proxmox Plugin 0.7.0 and earlier allows attackers to connect to an attacker-specified host using attacker-specified username and password perform a connection test, disable SSL/TLS validation for the entire Jenkins controller JVM as part ...

7.3AI score0.00523EPSS
Exploits0References2
CVE
CVE
added 2022/03/29 12:30 p.m.124 views

CVE-2022-28143

The provided connected records confirm concrete details for CVE-2022-28143: Jenkins Proxmox Plugin versions up to 0.7.0 (and earlier) expose a CSRF vulnerability that lets an attacker trigger a connection test to an attacker-specified host using attacker-specified username/password, and as part o...

6.5CVSS6.7AI score0.00523EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2021/03/12 12:54 a.m.8 views

CVE-2021-28143

creationtimestamp| type| source ---|---|--- 2021-03-12 00:54:52+00:00| seen| https://t.me/cibsecurity/24824...

8CVSS7.9AI score0.31957EPSS
Exploits1References1
Rows per page
Query Builder