21 matches found
CVE-2022-28339
creationtimestamp| type| source ---|---|--- 2025-02-22 21:25:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5056 2025-02-22 23:20:53+00:00| seen| https://t.me/cvedetector/18735 2025-02-23 00:02:15+00:00| seen|...
CVE-2022-28339
Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability that could allow an attacker with low user privileges to create a malicious DLL that could lead to escalated privileges...
CVE-2020-28339
The usc-e-shop aka Collne Welcart e-Commerce plugin before 1.9.36 for WordPress allows Object Injection because of uscesunserialize. There is not a complete POP chain...
CVE-2024-28339
An information leak in the debuginfo.htm component of Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28, and Netgear CBK43 2.5.0.28 allows attackers to obtain sensitive information without any authentication required...
CVE-2024-28339
An information leak in the debuginfo.htm component of Netgear CBR40 2.5.0.28, Netgear CBK40 2.5.0.28, and Netgear CBK43 2.5.0.28 allows attackers to obtain sensitive information without any authentication required...
CVE-2024-28339
CVE-2024-28339 describes an information leak in the debuginfo.htm component of Netgear CBR40, CBK40, and CBK43 routers (version 2.5.0.28). The issue allows attackers to obtain sensitive information without authentication, due to improper access control in the debuginfo.htm page. Publicly availabl...
CVE-2023-28339
creationtimestamp| type| source ---|---|--- 2023-03-14 21:23:17+00:00| seen| https://t.me/cibsecurity/60023...
CVE-2023-28339
OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later...
CVE-2023-28339
OpenDoas up to version 6.8.2 is affected by CVE-2023-28339. The root cause is privilege escalation when TIOCSTI is available and the attacker shares a terminal with the original session. Note that TIOCSTI is unavailable in OpenBSD 6.0+ and can be disabled in the Linux kernel 6.2+; OpenDoas remain...
CVE-2023-28339
OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later...
CVE-2021-28339
Remote Procedure Call Runtime Remote Code Execution Vulnerability...
CVE-2021-28339 Remote Procedure Call Runtime Remote Code Execution Vulnerability
...
CVE-2021-28339
CVE-2021-28339 is a Remote Procedure Call Runtime remote code execution vulnerability affecting Windows components. The connected scans show the CVE referenced across multiple Windows monthly security updates (KB5001330/1335/1337/1340/1342/1347) and in Nessus/OpenVAS feeds, indicating it is being...
Patch Tuesday - April 2021
Patch Tuesday is here again and there are more Exchange updates to apply! A total of 114 vulnerabilities were fixed this month with more than half of them affecting all versions of Windows, with about half of them being remote code execution bugs, and about a fifth of them being rated as critical...
KLA12142 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions, spoof user interface. Below is a...
KB5001389: Windows Server 2008 Security Update (Apr 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Microsoft Internet Messaging API Remote Code Execution Vulnerability CVE-2021-27089 - Windows Kernel Information Disclosure Vulnerability CVE-2021-27093, CVE-2021-28309 - Windows Media...
KB5001342: Windows 10 version 1809 / Windows Server 2019 Security Update (Apr 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072, CVE-2021-28310 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Windows Event Tracing Elevati...
KB5001347: Windows 10 version 1607 / Windows Server 2016 Security Update (Apr 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Microsoft Internet Messaging API Remote Code...
CVE-2020-28339
creationtimestamp| type| source ---|---|--- 2020-11-07 22:52:40+00:00| seen| https://t.me/cibsecurity/16018...
CVE-2020-28339
The usc-e-shop aka Collne Welcart e-Commerce plugin before 1.9.36 for WordPress allows Object Injection because of uscesunserialize. There is not a complete POP chain...