180 matches found
MLflow < 2.11.3 - Path Traversal
MLflow versions prior to 2.11.3 are vulnerable to a Path Traversal attack due to improper URI fragment parsing. This vulnerability allows attackers to read arbitrary files on the server, potentially exposing sensitive information. id: CVE-2024-2928 info: name: MLflow 2.11.3 - Path Traversal autho...
MINI-XR77-XM9V-2928
Bulletin has no description...
CVE-2026-2928
creationtimestamp| type| source ---|---|--- 2026-02-22 05:27:14+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfgfo3j35t26 2026-02-22 05:40:47+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mfgggdljoe2u 2026-02-22 07:30:29+00:00| seen|...
Azure Linux 3.0 Security Update: dhcp (CVE-2022-2928)
The version of dhcp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2928 advisory. - In ISC DHCP 4.4.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1, when the function optioncodehashlookup is call...
EUVD-2026-2928
SteelSeries Nahimic 3 1.10.7 allows Directory traversal...
CVE-2024-2928
A Local File Inclusion LFI vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../'. An attacker can...
Advisory ROSA-SA-2025-3044
Software: dhcp 4.4.2 OS: ROSA Virtualization 3.1 unaffected versions = dhcp-4.4.2-19.b1.rv31 affected versions dhcp-4.4.2-19.b1.rv31 CVE-ID: CVE-2021-25217 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A software vulnerability providing the DHCP Dynamic Host Configuration Protocol service to the network is...
CVE-2025-2928
SQL Injection affecting the Archiver role...
CVE-2025-2928
creationtimestamp| type| source ---|---|--- 2025-07-29 21:43:36+00:00| seen| Telegram/dls1FoWhVmlM02uJR8Jh07IR8mW6x02GwCFTJvIsd2AP9VI...
CVE-2025-2928
SQL Injection affecting the Archiver role...
CVE-2025-2928
SQL Injection affecting the Archiver role...
CVE-2025-2928
CVE-2025-2928 is a SQL injection vulnerability affecting the Archiver role in Genetec Security Center. The issue is described across multiple feeds (NVD, Red Hat, CVE lists) as a SQLi affecting access to Archiver functionality with high impact (C/H/I/A). The CVSS metrics indicate NETWORK attack v...
CVE-2025-2928
SQL Injection affecting the Archiver role...
Alibaba Cloud Linux 3 : 0058: dhcp (ALINUX3-SA-2023:0058)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0058 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-2928: In ISC DHCP 4.4.0 - 4.4.3,...
Linux Distros Unpatched Vulnerability : CVE-2017-2928
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful...
CVE-2022-2928 affecting package dhcp 4.4.3-3
CVE-2022-2928 affecting package dhcp 4.4.3-3. This CVE either no longer is or was never applicable...
Fedora 37 : dhcp (2022-9ca9a94e28)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-9ca9a94e28 advisory. - New version 4.4.3-P1 rhbz2132240 - Fix for CVE-2022-2928 rhbz2132429 - Fix for CVE-2022-2929 rhbz2132430 Tenable has extracted the preceding...
Fedora 38 : dhcp (2022-5c58ef733f)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-5c58ef733f advisory. Automatic update for dhcp-4.4.3-4.P1.fc38. Changelog Wed Oct 5 2022 Martin Osvald - 12:4.4.3-4.P1 - New version 4.4.3-P1 rhbz2132240 - Fix for...
Exploit for Path Traversal in Lfprojects Mlflow
CVE-2024-2928 Arbitrary file read exploit for CVE-2024-2928 in...
CVE-2024-2928
creationtimestamp| type| source ---|---|--- 2024-09-11 17:21:42+00:00| published-proof-of-concept| https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/mlflowcve20242928 2024-11-08 03:57:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8970...