Lucene search
K

30 matches found

OpenVAS
OpenVAS
added 2026/03/23 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2026-6ed9c65eaf)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.8AI score0.00602EPSS
Exploits4References13
OpenVAS
OpenVAS
added 2026/03/23 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2026-c2049f7220)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.8AI score0.00602EPSS
Exploits4References11
Tenable Nessus
Tenable Nessus
added 2026/03/06 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-28434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and the...

5.3CVSS5.7AI score0.003EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/03/04 9:33 p.m.3 views

CVE-2026-28434

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and the application has not registered a custom exception handler via setexceptionhandler, the library catches the exception and writes its message...

5.3CVSS5.7AI score0.003EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:2 a.m.7 views

CVE-2024-28434

The CRM platform Twenty is vulnerable to stored cross site scripting via file upload in version 0.3.0. A crafted svg file can trigger the execution of the javascript code...

7.6CVSS6.2AI score0.00674EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:41 p.m.7 views

CVE-2022-28434

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions=edit=2...

9.8CVSS8.3AI score0.00874EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/09/26 12:0 a.m.36 views

MinIO < RELEASE.2023-03-20T20-16-18Z Multiple Vulnerabilities

The version of MinIO installed on the remote host is prior to RELEASE.2023-03-20T20-16-18Z. It is, therefore, affected by multiple vulnerabilities: - When deployed in a cluster/in distributed mode MinIO returns all environment variables, including 'MINIOSECRETKEY' and 'MINIOROOTPASSWORD', resulti...

8.8CVSS8.6AI score0.83957EPSS
Exploits14References5
CISA
CISA
added 2023/09/19 12:0 p.m.15 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-28434 MinIO Security Feature Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risk...

8.8CVSS7.1AI score0.06736EPSS
In wildExploits2References6
Circl
Circl
added 2023/03/22 11:35 p.m.32 views

CVE-2023-28434

creationtimestamp| type| source ---|---|--- 2023-03-22 23:35:58+00:00| seen| https://t.me/cibsecurity/60516 2023-03-23 14:52:47+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4016 2023-03-23 15:55:52+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4018 2023-03-27...

8.8CVSS7.5AI score0.06736EPSS
Exploits2References14
Chainguard
Chainguard
added 2023/03/22 9:15 p.m.142 views

CVE-2023-28434 vulnerabilities

Vulnerabilities for packages: minio...

8.8CVSS7.4AI score0.06736EPSS
Exploits2
Wolfi
Wolfi
added 2023/03/22 9:15 p.m.425 views

CVE-2023-28434 vulnerabilities

Vulnerabilities for packages: minio...

8.8CVSS7.7AI score0.06736EPSS
Exploits2
OSV
OSV
added 2023/03/22 9:15 p.m.1 views

UBUNTU-CVE-2023-28434

Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing PostPolicyBucket. To carry out this attack, the attacker requires credentials wit...

8.8CVSS7.2AI score0.06736EPSS
Exploits2References6
Vulnrichment
Vulnrichment
added 2023/03/22 8:44 p.m.12 views

CVE-2023-28434 MinIO is vulnerable to privilege escalation on Linux/MacOS

Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing PostPolicyBucket. To carry out this attack, the attacker requires credentials wit...

8.8CVSS8.3AI score0.06736EPSS
Exploits2References3
CVE
CVE
added 2023/03/22 8:44 p.m.651 views

CVE-2023-28434

CVE-2023-28434 (MinIO) affects MinIO’s object storage framework. A security feature bypass allows an attacker with credentials for arn:aws:s3:::* and Console API access to bypass metadata bucket name checking during PostPolicyBucket and place objects into arbitrary buckets. This can impact confid...

8.8CVSS8.3AI score0.06736EPSS
In wildExploits2References4Affected Software1
vulnersOsv
vulnersOsv
added 2022/08/03 12:0 a.m.4 views

console-blame (>=1.0.0 <=1.1.1), grunt-lintblame (>=0.1.0 <=0.3.5) +2 more potentially affected by CVE-2020-28434 via gitblame (>=0.1.0 <=0.1.1)

gitblame NPM version =0.1.0, =1.0.0, =0.1.0, =0.2.5, =0.9.5 - tch-lint-jshint =0.0.1 Source cves: CVE-2020-28434 Source advisory: OSV:GHSA-3486-RVXC-HRRJ...

9.8CVSS7.2AI score0.0109EPSS
Exploits1
Circl
Circl
added 2022/08/02 6:17 p.m.6 views

CVE-2020-28434

creationtimestamp| type| source ---|---|--- 2022-08-02 18:17:43+00:00| seen| https://t.me/cibsecurity/47404...

9.8CVSS8.7AI score0.0109EPSS
Exploits1References1
CVE
CVE
added 2022/08/02 1:26 p.m.57 views

CVE-2020-28434

CVE-2020-28434 affects all versions of the gitblame package. The root cause is a command injection in gitblame.js where the file parameter is not properly sanitized before using exec, enabling arbitrary code execution. Public documents corroborate that the vulnerability exists across all versions...

9.8CVSS9.7AI score0.0109EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2022/04/22 12:27 a.m.7 views

CVE-2022-28434

creationtimestamp| type| source ---|---|--- 2022-04-22 00:27:09+00:00| seen| https://t.me/cibsecurity/41268...

9.8CVSS8.7AI score0.00874EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/21 8:15 p.m.3 views

CVE-2022-28434

Baby Care System v1.0 was discovered to contain a SQL injection vulnerability via /admin.php?id=siteoptions&social=edit&sid=2...

9.8CVSS5.9AI score0.00874EPSS
Exploits0References2
CVE
CVE
added 2022/04/21 7:4 p.m.73 views

CVE-2022-28434

CVE-2022-28434 affects Baby Care System v1.0. A SQL injection vulnerability exists in admin.php, exploitable via parameters id=siteoptions, social=edit, sid (example sid=2). Multiple sources corroborate a database-input validation flaw leading to potential unauthorized SQL execution and data expo...

9.8CVSS9.7AI score0.00874EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder