13 matches found
NocoDB - User Enumeration
NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the password forgot endpoint returned different responses for registered and unregistered emails, allowing user enumeration. This issue has been patched in version 0.301.3. id: CVE-2026-28358 info: name: NocoDB -...
CVE-2026-28358
creationtimestamp| type| source ---|---|--- 2026-04-02 04:59:00+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-28358.yaml...
CVE-2023-28358
A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover...
CVE-2023-28358
creationtimestamp| type| source ---|---|--- 2023-05-12 02:26:32+00:00| seen| https://t.me/cibsecurity/63938...
CVE-2023-28358
A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover...
CVE-2023-28358
A vulnerability has been discovered in Rocket.Chat where a markdown parsing issue in the "Search Messages" feature allows the insertion of malicious tags. This can be exploited on servers with content security policy disabled possible leading to some issues attacks like account takeover...
CVE-2023-28358
CVE-2023-28358 affects Rocket.Chat via a markdown parsing issue in the Search Messages feature. The vulnerability allows insertion of malicious tags due to improper parsing, enabling a cross-site scripting (XSS) vector that can be used to obtain sensitive information or potentially lead to accoun...
CVE-2021-28358
Remote Procedure Call Runtime Remote Code Execution Vulnerability...
CVE-2021-28358 Remote Procedure Call Runtime Remote Code Execution Vulnerability
...
CVE-2021-28358
Technical details for CVE-2021-28358 are not provided in the given documents. Monitoring updates is recommended as no affected products, root cause, impact, or remediation are stated here.
KB5001389: Windows Server 2008 Security Update (Apr 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Microsoft Internet Messaging API Remote Code Execution Vulnerability CVE-2021-27089 - Windows Kernel Information Disclosure Vulnerability CVE-2021-27093, CVE-2021-28309 - Windows Media...
KB5001347: Windows 10 version 1607 / Windows Server 2016 Security Update (Apr 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Microsoft Internet Messaging API Remote Code...
KB5001342: Windows 10 version 1809 / Windows Server 2019 Security Update (Apr 2021)
The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072, CVE-2021-28310 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Windows Event Tracing Elevati...