15 matches found
CVE-2026-5005
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Twiser Informatics Technology Consulting, Trade and Education Inc. OKRs & Goals allows Stored XSS. This issue affects OKRs & Goals: from 28220 before 28398...
CVE-2025-28220
creationtimestamp| type| source ---|---|--- 2025-04-21 19:02:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12728...
CVE-2025-28220
Tenda W6S v1.0.0.4510 has a Buffer Overflow vulnerability in the setcfm function, which allows remote attackers to cause web server crash via parameter funcpara1 passed to the binary through a POST request...
CVE-2023-28220
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability...
CVE-2023-28220 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
...
CVE-2023-28220 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
...
CVE-2023-28220
Technical details about CVE-2023-28220 (Layer 2 Tunneling Protocol RCE) are not provided in the supplied connected documents. No affected products, impact, fixes, or exploitation data are present here. Monitor for updates.
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote...
Schneider (CVE-2020-28220)
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware All versions prior to V5.0.4.11 and SoMachine/SoMachine Motion software All versions, that could cause a buffer overflow when the length of a file transferred to the...
CVE-2022-28220
creationtimestamp| type| source ---|---|--- 2022-09-08 12:15:00+00:00| seen| https://t.me/cibsecurity/49441...
CVE-2022-28220
Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...
CVE-2022-28220 STARTTLS command injection in Apache JAMES
Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...
CVE-2022-28220
CVE-2022-28220 affects Apache James prior to release 3.6.3 and 3.7.1. The issue is a vulnerability in STARTTLS handling that enables a buffering attack. The root cause is related to a parser differential from CVE-2021-38542 and does not account for concurrent requests. The CVSS base score is 7.5 ...
CVE-2022-28220 STARTTLS command injection in Apache JAMES
Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...
CVE-2020-28220
creationtimestamp| type| source ---|---|--- 2020-12-11 07:35:19+00:00| seen| https://t.me/cibsecurity/19780 2020-12-11 07:38:18+00:00| seen| https://t.me/cibsecurity/19800 2020-12-11 08:25:34+00:00| seen| https://t.me/cibsecurity/19820 2020-12-11 09:25:30+00:00| seen| https://t.me/cibsecurity/198...