CVE-2022-28471

In ffjpeg commit hash: caade60, the function bmpload in bmp.c contains an integer overflow vulnerability, which eventually results in the heap overflow in jfifencode in jfif.c. This is due to the incomplete patch for issue 38...

CVE-2023-28471

creationtimestamp| type| source ---|---|--- 2023-04-28 18:27:19+00:00| seen| https://t.me/cibsecurity/63054 2025-02-01 17:28:11+00:00| seen| Telegram/Yo7K55vIiyqDBZ9EfeK8M4mQVF46BnXunyhWFsv0l38DYIM...

CVE-2023-28471

Concrete CMS previously concrete5 in versions 9.0 through 9.1.3 is vulnerable to Stored XSS via a container name...

CVE-2023-28471

CVE-2023-28471 affects Concrete CMS (formerly concrete5) versions 9.0 through 9.1.3, where a vulnerability allows Stored XSS via the container name parameter. The issue is documented across multiple sources (Red Hat, Veracode, OSV, GHSA, CNVD, and PT-Security) with the root cause described as lac...

CVE-2020-28471

This affects the package properties-reader before 2.2.0...

CVE-2020-28471

This affects the package properties-reader before 2.2.0...

CVE-2020-28471 Prototype Pollution

This affects the package properties-reader before 2.2.0...

CVE-2020-28471

CVE-2020-28471 affects the Node.js package properties-reader before v2.2.0 and is a prototype pollution vulnerability. Public docs confirm the issue as a prototype pollution in properties-reader, with Bitbucket Data Center/Server references noting the vulnerability in 8.19.x releases and advising...

CVE-2022-28471

creationtimestamp| type| source ---|---|--- 2022-05-05 16:55:00+00:00| seen| https://t.me/cibsecurity/41984...

CVE-2022-28471

CVE-2022-28471 affects ffjpeg. The issue is in bmp_load() in bmp.c, where an integer overflow leads to a heap overflow in jfif_encode() in jfif.c, due to an incomplete patch for issue 38. Documents consistently name the vulnerable chain (bmp_load overflow → heap overflow in jfif_encode) and attri...

CVE-2021-28471

Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability...

CVE-2021-28471

Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability...

CVE-2021-28471 Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability

...

CVE-2021-28471

CVE-2021-28471 is a Remote Development Extension for Visual Studio Code remote code execution vulnerability. The NVD/OSV entries rate it HIGH (CVSS v3.1: LOCAL, LOW/LOCAL, UI REQUIRED, C/H/I/H/A/H). The vulnerability affects Visual Studio Code components and related tools (e.g., Remote Developmen...

@adobe/aio-app-scripts (>=0.6.0 <=2.3.0), @adobe/aio-cli (>=2.1.0 <=4.0.0) +21 more potentially affected by CVE-2020-28471 via properties-reader (>=2.0.0 <=2.1.1)

properties-reader NPM version =2.0.0, =0.6.0, =2.1.0, =1.0.0, =0.3.1, =1.0.3, =0.6.0, =1.7.0, =0.0.16, =2.0.0, =2.4.1-next.238, =2.0.0-RC1, =2.1.1-next.0, =2.1.1-next.0, =2.2.1-next.5, =2.1.1-next.0, =2.5.2-next.17 and more Source cves: CVE-2020-28471 Source advisory:...