19 matches found
ch.acanda.maven:code-analysis-maven-plugin (>=0.1.0 <=1.27.0), com.alibaba.p3c.idea:p3c-common (=1.0.0) +175 more potentially affected by CVE-2026-28338 via net.sourceforge.pmd:pmd-core (>=5.2.0 <=7.21.0)
net.sourceforge.pmd:pmd-core MAVEN version =5.2.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =2.7.1, =ev1.4.1, =ev1.4.1, =2.14.1, =1.0.0, =0.1.0, =0.1.2 and more Source cves: CVE-2026-28338 Source advisory: OSV:GHSA-8RR6-2QW5-PC7R...
ch.acanda.maven:code-analysis-maven-plugin (>=1.6.0 <=1.27.0), com.jpinpoint.sonar:sonar-pmd-jpinpoint (>=2.0.0 <=2.1.1) +116 more potentially affected by CVE-2026-28338 via net.sourceforge.pmd:pmd-core (>=7.0.0-rc1 <=7.21.0)
net.sourceforge.pmd:pmd-core MAVEN version =7.0.0-rc1, =1.6.0, =2.0.0, =0.25.1, =0.25.1, =1.0.0, =0.5.6, =0.5.41, =12.2.0, =3.31.0, =0.7.0, =0.67.2, =0.67.2, =2.0.0, =0.1.0, =0.1.19 and more Source cves: CVE-2026-28338 Source advisory: SNYK:JAVA-NETSOURCEFORGEPMD-15365925...
CVE-2026-28338
creationtimestamp| type| source ---|---|--- 2026-02-27 12:50:43+00:00| published-proof-of-concept| https://github.com/pmd/pmd/security/advisories/GHSA-8rr6-2qw5-pc7r 2026-02-27 23:18:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfuttvuhhk2u 2026-02-28 04:10:10+00:00| seen|...
CVE-2023-28338
Any request send to a Netgear Nighthawk Wifi6 Router RAX30's web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. A sufficiently large file will cause device resources to be exhausted, resulting ...
CVE-2024-28338
A login bypass in TOTOLINK A8000RU V7.1cu.643B20200521 allows attackers to login to Administrator accounts via providing a crafted session cookie...
CVE-2024-28338
The provided connected documents confirm a vulnerability in TOTOLINK A8000RU (firmware version V7.1cu.643_B20200521): a login bypass that allows an attacker to authenticate as an Administrator by supplying a crafted session cookie. The exact root cause and affected software internals are not deta...
CVE-2023-28338
Any request send to a Netgear Nighthawk Wifi6 Router RAX30's web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. A sufficiently large file will cause device resources to be exhausted, resulting ...
CVE-2023-28338
Any request send to a Netgear Nighthawk Wifi6 Router RAX30's web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. A sufficiently large file will cause device resources to be exhausted, resulting ...
CVE-2023-28338
Any request send to a Netgear Nighthawk Wifi6 Router RAX30's web service containing a “Content-Type” of “multipartboundary=” will result in the request body being written to “/tmp/mulipartFile” on the device itself. A sufficiently large file will cause device resources to be exhausted, resulting ...
CVE-2023-28338
CVE-2023-28338 affects Netgear Nighthawk WiFi 6 Router (RAX30). A request with a Content-Type header containing multipartboundary= can cause the body to be written to /tmp/mulipartFile, leading to resource exhaustion and making the device unusable until reboot. Descriptions in multiple sources co...
CVE-2021-28338
Remote Procedure Call Runtime Remote Code Execution Vulnerability...
CVE-2021-28338
Remote Procedure Call Runtime Remote Code Execution Vulnerability...
CVE-2021-28338 Remote Procedure Call Runtime Remote Code Execution Vulnerability
...
CVE-2021-28338
Technical details for CVE-2021-28338 are not provided in the supplied documents. Monitor for official disclosures and remediation guidance as more information becomes available.
KLA12142 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions, spoof user interface. Below is a...
KB5001342: Windows 10 version 1809 / Windows Server 2019 Security Update (Apr 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072, CVE-2021-28310 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Windows Event Tracing Elevati...
KB5001389: Windows Server 2008 Security Update (Apr 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Microsoft Internet Messaging API Remote Code Execution Vulnerability CVE-2021-27089 - Windows Kernel Information Disclosure Vulnerability CVE-2021-27093, CVE-2021-28309 - Windows Media...
KB5001347: Windows 10 version 1607 / Windows Server 2016 Security Update (Apr 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Microsoft Internet Messaging API Remote Code...
Apple Safari WebKit JavaScript 正则表达式处理缓冲区溢出漏洞
CVE:CVE-2008-1010 Bugtraq ID:28338 Apple Safari is prone to a buffer-overflow vulnerability. Attackers may exploit this issue to execute arbitrary code or to crash the affected application. Other attacks are also possible. This issue affects versions prior to Apple Safari 3.1 running on Apple Mac...