17 matches found
CVE-2026-28710
creationtimestamp| type| source ---|---|--- 2026-03-06 08:35:58+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mgevsmjkkd2x 2026-03-06 13:03:05+00:00| seen| https://www.acn.gov.it/portale/w/rilevate-vulnerabilita-in-prodotti-acronis 2026-03-12 19:00:13+00:00| seen|...
CVE-2023-28710
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: before 4.0.1...
CVE-2024-28710
creationtimestamp| type| source ---|---|--- 2024-10-07 19:18:37+00:00| seen| https://t.me/cvedetector/7247...
CVE-2024-28710
Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a remote attacker to execute arbitrary code via a lack of input validation and output encoding in the Alert Widget's message component...
CVE-2024-28710
Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a remote attacker to execute arbitrary code via a lack of input validation and output encoding in the Alert Widget's message component...
CVE-2024-28710
LimeSurvey is affected by a Cross-Site Scripting (XSS) vulnerability in the Alert Widget’s message component, due to insufficient input validation and output encoding in versions prior to 6.5.0+240319. The issue enables a remote attacker to execute arbitrary code through crafted input. Remediatio...
CVE-2023-28710
creationtimestamp| type| source ---|---|--- 2023-04-07 18:29:26+00:00| seen| https://t.me/cibsecurity/61692...
CVE-2023-28710
Apache Airflow Spark Provider (before 4.0.1) is affected by CVE-2023-28710 due to improper input validation in the JDBC Hook, where host/schema can contain “/” or “?”, enabling an attacker to read arbitrary files during connection setup. Affected product: Apache Airflow Spark Provider prior to 4....
CVE-2022-28710
An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability...
CVE-2022-28710
The CVE-2022-28710 affects WWBN AVideo 11.6 and dev master commit 3f7c0364. TALOS-2022-1550 documents an information disclosure vulnerability in the chunkFile functionality that allows an attacker to read arbitrary files via a specially crafted HTTP request, e.g., using chunkFile to trick the upl...
CVE-2022-28710
An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability...
WWBN AVideo chunkFile information disclosure vulnerability
Talos Vulnerability Report TALOS-2022-1550 WWBN AVideo chunkFile information disclosure vulnerability August 16, 2022 CVE Number CVE-2022-28710 SUMMARY An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A...
CVE-2021-28710
certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures page tables may and, on suitable hardware, by default will be shared between CPUs, for second-level translation EPT, and IOMMUs. These page tables are presently set up to alwa...
CVE-2021-28710
creationtimestamp| type| source ---|---|--- 2021-11-21 18:18:51+00:00| seen| https://t.me/cibsecurity/32778...
CVE-2021-28710
certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures page tables may and, on suitable hardware, by default will be shared between CPUs, for second-level translation EPT, and IOMMUs. These page tables are presently set up to alwa...
CVE-2021-28710
CVE-2021-28710 affects the Xen hypervisor on x86 VT-d IOMMUs when sharing page tables. The bug arises because the top-level strip of the 3-level page tables was skipped while inserting the root page-table address into the hardware pagetable base register, allowing a guest to write to leaf page-ta...
CVE-2021-28710
certain VT-d IOMMUs may not work in shared page table mode For efficiency reasons, address translation control structures page tables may and, on suitable hardware, by default will be shared between CPUs, for second-level translation EPT, and IOMMUs. These page tables are presently set up to alwa...