Linux Distros Unpatched Vulnerability : CVE-2023-28331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk. CVE-2023-28331 Note that Nessus relies on the presence...

TencentOS Server 4: apr (TSSA-2024:0358)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0358 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Security Bulletin: IBM Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.9

Summary Apache Portable Runtime, The Expat XML Parser and DOORS Web Access are identified as vulnerable components with multiple reported vulnerabilities. The IBM Engineering Requirements Management DOORS/DWA product version 9.7.2.8 is vulnerable to the below mentioned CVEs. Remediation actions a...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.4 release and security update

Red Hat JBoss Web Server 5.7.4 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this release as having a security impact of Moderate. A Common Vulnerability Scoring System CV...

CVE-2023-28331

Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk...

CVE-2023-28331

Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk...

UBUNTU-CVE-2023-28331

Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk...

CVE-2023-28331 Moodle: xss risk when outputting database activity filter data

Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk...

CVE-2023-28331

CVE-2023-28331 affects Moodle scenarios where the web app outputs database activity or auto-linking content. The concrete detail in the connected documents shows a root cause of an XSS risk due to insufficient sanitization in the database auto-linking filter output. This content could lead to cro...

CVE-2023-28331 Moodle: xss risk when outputting database activity filter data

Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk...

Security Bulletin: IBM HTTP Server is vulnerable to multiple vulnerabilities due to the included Apache HTTP Server and Apache Portable Runtime

Summary There are multiple vulnerabilities in the IBM HTTP Server, which is used by IBM WebSphere Application Server, due to the included Apache HTTP Server and Apache Portable Runtime: CVE-2022-28331, CVE-2022-36760, CVE-2022-37436, CVE-2006-20001, and CVE-2022-25147. This has been addressed in...

SUSE CVE-2022-28331

On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in aprsocketsendv. This is a result of integer overflow...

CVE-2022-28331

On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in aprsocketsendv. This is a result of integer overflow...

CVE-2022-28331 Apache Portable Runtime (APR): Windows out-of-bounds write in apr_socket_sendv function

On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in aprsocketsendv. This is a result of integer overflow...

CVE-2022-28331

CVE-2022-28331 affects Apache Portable Runtime (APR) 1.7.0 and earlier on Windows, with a write beyond the end of a stack-based buffer in apr_socket_sendv() caused by integer overflow. The vulnerability can lead to arbitrary code execution or a crash and has a CVSS v3.1 base score of 9.8 (CRITICA...

CVE-2022-28331 Apache Portable Runtime (APR): Windows out-of-bounds write in apr_socket_sendv function

On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in aprsocketsendv. This is a result of integer overflow...

CVE-2021-28331

Remote Procedure Call Runtime Remote Code Execution Vulnerability...

CVE-2021-28331

CVE-2021-28331 is described in connected CNVD as a Remote Procedure Call Runtime Remote Code Execution vulnerability affecting Microsoft Windows/Windows Server, enabling remote code execution via RPC Runtime. The provided documents do not specify affected product versions, root cause specifics, e...

KB5001342: Windows 10 version 1809 / Windows Server 2019 Security Update (Apr 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072, CVE-2021-28310 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Windows Event Tracing Elevati...

KB5001389: Windows Server 2008 Security Update (Apr 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Microsoft Internet Messaging API Remote Code Execution Vulnerability CVE-2021-27089 - Windows Kernel Information Disclosure Vulnerability CVE-2021-27093, CVE-2021-28309 - Windows Media...