CVE-2023-28579

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length...

CVE-2024-28579

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the FreeImageUnload function when reading images in HDR format...

CVE-2024-28579

CVE-2024-28579 concerns a buffer overflow in the open‑source FreeImage library (v3.19.0 [r1909]). The vulnerability is triggered by the FreeImage_Unload() function when processing HDR images, allowing a local attacker to cause a denial of service. Affected component is FreeImage_Version 3.19.0; i...

CVE-2024-28579

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the FreeImageUnload function when reading images in HDR format...

CVE-2023-28579

CVE-2023-28579 corresponds to a memory corruption flaw in Qualcomm chipsets’ WLAN host, triggered when deserializing input PMK bytes without validating PMK length. Connected sources confirm the issue within Qualcomm WLAN components, affecting WLAN host processing, with potential impact on integri...

CVE-2023-28579 Buffer Copy Without Checking Size of Input in WLAN Host

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length...

CVE-2023-28579 Buffer Copy Without Checking Size of Input in WLAN Host

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length...

TOTOLINK A7100RU Router Command Injection (CVE-2022-28575; CVE-2022-28577; CVE-2022-28578; CVE-2022-28579; CVE-2022-28580; CVE-2022-28581; CVE-2022-28582; CVE-2022-28583; CVE-2022-28584)

A command injection vulnerability exists in TOTOLINK A7100RU router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

CVE-2022-28579

creationtimestamp| type| source ---|---|--- 2022-05-05 22:36:53+00:00| seen| https://t.me/cibsecurity/42052...

CVE-2022-28579

CVE-2022-28579: A command-injection vulnerability in TOTOLINK A7100RU’s setParentalRules interface (firmware 7.4cu.2313_b20191024) allows unauthenticated or remote exploitation via a crafted payload to run arbitrary commands. Impact is described as arbitrary code execution with high confidentiali...

CVE-2022-28579

It is found that there is a command injection vulnerability in the setParentalRules interface in TOTOlink A7100RU v7.4cu.2313b20191024 router, which allows an attacker to execute arbitrary commands through a carefully constructed payload...

CVE-2021-28579

Adobe Connect

CVE-2021-28579 Adobe Connect improper access control could lead to privilege escalation

Adobe Connect version 11.2.1 and earlier is affected by an Improper access control vulnerability that can lead to the elevation of privileges. An attacker with 'Learner' permissions can leverage this scenario to access the list of event participants...

Adobe Connect Privilege Escalation Vulnerability (APSB21-36)

Adobe Connect is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:connect";...

Adobe Connect <= 11.2.1 Privilege Escalation Vulnerability (APSB21-36)

The version of Adobe Connect installed on the remote host is prior to 11.2.2. It is, therefore, affected by a vulnerability as referenced in the apsb21-36 advisory. - Adobe Connect version 11.2.1 and earlier is affected by an Improper access control vulnerability that can lead to the elevation of...

Trend Micro InterScan Web Security Virtual Appliance Stack Overflow (CVE-2020-28578; CVE-2020-28579)

A stack overflow vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

CVE-2020-28579

creationtimestamp| type| source ---|---|--- 2020-11-18 22:40:34+00:00| seen| https://t.me/cibsecurity/16543...

CVE-2020-28579

Summary: CVE-2020-28579 affects Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 SP2. Multiple connected advisories describe a vulnerability that allows an authenticated, remote attacker to send a specially crafted HTTP message to achieve remote code execution with elevated privil...