Lucene search
K

15 matches found

NVD
NVD
added yesterday6 views

CVE-2026-5005

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Twiser Informatics Technology Consulting, Trade and Education Inc. OKRs & Goals allows Stored XSS. This issue affects OKRs & Goals: from 28220 before 28398...

5.4CVSS
Exploits0References1
Circl
Circl
added 2025/04/21 7:2 p.m.4 views

CVE-2025-28220

creationtimestamp| type| source ---|---|--- 2025-04-21 19:02:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12728...

7.5CVSS4.8AI score0.00448EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/30 1:6 a.m.18 views

CVE-2025-28220

Tenda W6S v1.0.0.4510 has a Buffer Overflow vulnerability in the setcfm function, which allows remote attackers to cause web server crash via parameter funcpara1 passed to the binary through a POST request...

7.5CVSS7.3AI score0.00448EPSS
Exploits0References1
NVD
NVD
added 2023/04/11 9:15 p.m.15 views

CVE-2023-28220

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability...

8.1CVSS9AI score0.14979EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/11 7:13 p.m.27 views

CVE-2023-28220 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

...

8.1CVSS9.1AI score0.14979EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/11 7:13 p.m.12 views

CVE-2023-28220 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

...

8.1CVSS6.7AI score0.14979EPSS
Exploits0References1
CVE
CVE
added 2023/04/11 7:13 p.m.190 views

CVE-2023-28220

Technical details about CVE-2023-28220 (Layer 2 Tunneling Protocol RCE) are not provided in the supplied connected documents. No affected products, impact, fixes, or exploitation data are present here. Monitor for updates.

8.1CVSS8.2AI score0.14979EPSS
Exploits0References1Affected Software13
NCSC
NCSC
added 2023/04/11 12:0 a.m.6 views

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Remote code execution Administrator/Root rights Remote...

9.8CVSS7.8AI score0.95454EPSS
Exploits22
Tenable Nessus
Tenable Nessus
added 2023/03/01 12:0 a.m.15 views

Schneider (CVE-2020-28220)

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware All versions prior to V5.0.4.11 and SoMachine/SoMachine Motion software All versions, that could cause a buffer overflow when the length of a file transferred to the...

6.8CVSS7AI score0.01041EPSS
Exploits0References2
Circl
Circl
added 2022/09/08 12:15 p.m.3 views

CVE-2022-28220

creationtimestamp| type| source ---|---|--- 2022-09-08 12:15:00+00:00| seen| https://t.me/cibsecurity/49441...

7.5CVSS7.3AI score0.01782EPSS
Exploits0References1
NVD
NVD
added 2022/09/08 8:15 a.m.19 views

CVE-2022-28220

Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...

7.5CVSS0.01782EPSS
Exploits0References2
OSV
OSV
added 2022/09/08 7:40 a.m.18 views

CVE-2022-28220 STARTTLS command injection in Apache JAMES

Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...

7.5CVSS7.1AI score0.01782EPSS
Exploits0References4
CVE
CVE
added 2022/09/08 7:40 a.m.95 views

CVE-2022-28220

CVE-2022-28220 affects Apache James prior to release 3.6.3 and 3.7.1. The issue is a vulnerability in STARTTLS handling that enables a buffering attack. The root cause is related to a parser differential from CVE-2021-38542 and does not account for concurrent requests. The CVSS base score is 7.5 ...

7.5CVSS5.8AI score0.01782EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/08 7:40 a.m.21 views

CVE-2022-28220 STARTTLS command injection in Apache JAMES

Apache James prior to release 3.6.3 and 3.7.1 is vulnerable to a buffering attack relying on the use of the STARTTLS command. Fix of CVE-2021-38542, which solved similar problem fron Apache James 3.6.1, is subject to a parser differential and do not take into account concurrent requests...

6.7AI score0.01782EPSS
Exploits0References2
Circl
Circl
added 2020/12/11 7:35 a.m.4 views

CVE-2020-28220

creationtimestamp| type| source ---|---|--- 2020-12-11 07:35:19+00:00| seen| https://t.me/cibsecurity/19780 2020-12-11 07:38:18+00:00| seen| https://t.me/cibsecurity/19800 2020-12-11 08:25:34+00:00| seen| https://t.me/cibsecurity/19820 2020-12-11 09:25:30+00:00| seen| https://t.me/cibsecurity/198...

6.8CVSS6.5AI score0.01041EPSS
Exploits0References24
Rows per page
Query Builder