CVE-2026-28429

creationtimestamp| type| source ---|---|--- 2026-03-06 08:09:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mgeudz4b5z26...

CVE-2021-28429

Integer overflow vulnerability in avtimecodemakestring in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service DoS via crafted .mov file...

OESA-2024-1834 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: Integer overflow...

CVE-2024-28429

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /dede/archivesdo.php...

CVE-2024-28429

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /dede/archivesdo.php...

CVE-2024-28429

DedeCMS v5.7 is affected by a Cross-Site Request Forgery (CSRF) vulnerability in the /dede/archives_do.php component. The issue allows an attacker to perform unintended actions on behalf of an authenticated user. Exploitation details are not provided in the core CVE description, and multiple conn...

openSUSE: Security Advisory for ffmpeg (SUSE-SU-2023:3818-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : FFmpeg vulnerabilities (USN-6430-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6430-1 advisory. It was discovered that FFmpeg did not properly handle certain inputs in vflagfun.c, resulting in a buffer overflow vulnerability...

CVE-2021-28429

Integer overflow vulnerability in avtimecodemakestring in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service DoS via crafted .mov file...

CVE-2023-28429 Pimcore has Cross-site Scripting vulnerability in DataObject tooltip field

Pimcore is an open source data and experience management platform. Versions prior to 10.5.19 have an unsecured tooltip field in DataObject class definition. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie ...

CVE-2022-28429

CVE-2022-28429 affects Baby Care System v1.0. The vulnerability is a SQL injection in /admin/inbox.php (parameters: action=delete&msgid=) caused by lack of validation for external input in the msgid parameter. This can allow an attacker to execute arbitrary SQL commands and potentially exfiltrate...

geojson2 (>=0.1.1 <=0.1.8) potentially affected by CVE-2020-28429 via geojson2kml (=0.1.1)

geojson2kml NPM version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on geojson2kml and may be impacted: - geojson2 =0.1.1, =0.1.8 Source cves: CVE-2020-28429 Source advisory: OSV:GHSA-W83X-FP72-P9QC...

CVE-2020-28429

creationtimestamp| type| source ---|---|--- 2021-02-23 18:35:13+00:00| published-proof-of-concept| https://t.me/cibsecurity/23994 2021-05-10 15:59:33+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-w83x-fp72-p9qc...

CVE-2020-28429

All versions of package geojson2kml are vulnerable to Command Injection via the index.js file. PoC: var a =require"geojson2kml"; a"./","& touch JHU",function...

geojson2 (>=0.1.1 <=0.1.8) potentially affected by CVE-2020-28429 via geojson2kml (=0.1.1)

geojson2kml NPM version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on geojson2kml and may be impacted: - geojson2 =0.1.1, =0.1.8 Source cves: CVE-2020-28429 Source advisory: SNYK:JS-GEOJSON2KML-1050412...