Lucene search
K

180 matches found

Nuclei
Nuclei
added 7 hours ago47 views

MLflow < 2.11.3 - Path Traversal

MLflow versions prior to 2.11.3 are vulnerable to a Path Traversal attack due to improper URI fragment parsing. This vulnerability allows attackers to read arbitrary files on the server, potentially exposing sensitive information. id: CVE-2024-2928 info: name: MLflow 2.11.3 - Path Traversal autho...

7.5CVSS7.2AI score0.21847EPSS
Exploits2References2
OSV
OSV
added 2026/06/17 4:12 p.m.4 views

MINI-XR77-XM9V-2928

Bulletin has no description...

7.5CVSS4.8AI score0.00761EPSS
Exploits0
Circl
Circl
added 2026/02/22 5:27 a.m.8 views

CVE-2026-2928

creationtimestamp| type| source ---|---|--- 2026-02-22 05:27:14+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfgfo3j35t26 2026-02-22 05:40:47+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mfgggdljoe2u 2026-02-22 07:30:29+00:00| seen|...

9CVSS8.2AI score0.00495EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: dhcp (CVE-2022-2928)

The version of dhcp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2928 advisory. - In ISC DHCP 4.4.0 - 4.4.3, ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16-P1, when the function optioncodehashlookup is call...

6.5CVSS5.7AI score0.00664EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/16 12:0 a.m.5 views

EUVD-2026-2928

SteelSeries Nahimic 3 1.10.7 allows Directory traversal...

7.8CVSS6.4AI score0.00324EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2026/01/07 9:9 a.m.8 views

CVE-2024-2928

A Local File Inclusion LFI vulnerability was identified in mlflow/mlflow, specifically in version 2.9.2, which was fixed in version 2.11.3. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../'. An attacker can...

7.5CVSS6.5AI score0.21847EPSS
Exploits2References1
Rosalinux
Rosalinux
added 2025/11/09 1:37 p.m.9 views

Advisory ROSA-SA-2025-3044

Software: dhcp 4.4.2 OS: ROSA Virtualization 3.1 unaffected versions = dhcp-4.4.2-19.b1.rv31 affected versions dhcp-4.4.2-19.b1.rv31 CVE-ID: CVE-2021-25217 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A software vulnerability providing the DHCP Dynamic Host Configuration Protocol service to the network is...

7.4CVSS9.2AI score0.06118EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/07/31 6:11 p.m.8 views

CVE-2025-2928

SQL Injection affecting the Archiver role...

7.2CVSS7.4AI score0.00364EPSS
Exploits0References1
Circl
Circl
added 2025/07/29 9:43 p.m.7 views

CVE-2025-2928

creationtimestamp| type| source ---|---|--- 2025-07-29 21:43:36+00:00| seen| Telegram/dls1FoWhVmlM02uJR8Jh07IR8mW6x02GwCFTJvIsd2AP9VI...

7.2CVSS6.9AI score0.00364EPSS
Exploits0
NVD
NVD
added 2025/07/29 6:15 p.m.4 views

CVE-2025-2928

SQL Injection affecting the Archiver role...

7.2CVSS0.00364EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/07/29 5:44 p.m.9 views

CVE-2025-2928

SQL Injection affecting the Archiver role...

7.2CVSS0.00364EPSS
Exploits0References5
CVE
CVE
added 2025/07/29 5:44 p.m.13 views

CVE-2025-2928

CVE-2025-2928 is a SQL injection vulnerability affecting the Archiver role in Genetec Security Center. The issue is described across multiple feeds (NVD, Red Hat, CVE lists) as a SQLi affecting access to Archiver functionality with high impact (C/H/I/A). The CVSS metrics indicate NETWORK attack v...

7.2CVSS7.5AI score0.00364EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/07/29 5:44 p.m.2 views

CVE-2025-2928

SQL Injection affecting the Archiver role...

7.2CVSS7.7AI score0.00364EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0058: dhcp (ALINUX3-SA-2023:0058)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0058 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-2928: In ISC DHCP 4.4.0 - 4.4.3,...

6.5CVSS7AI score0.00664EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-2928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful...

9.3CVSS7.5AI score0.0502EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.39 views

CVE-2022-2928 affecting package dhcp 4.4.3-3

CVE-2022-2928 affecting package dhcp 4.4.3-3. This CVE either no longer is or was never applicable...

6.5CVSS7.2AI score0.00664EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.14 views

Fedora 37 : dhcp (2022-9ca9a94e28)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-9ca9a94e28 advisory. - New version 4.4.3-P1 rhbz2132240 - Fix for CVE-2022-2928 rhbz2132429 - Fix for CVE-2022-2929 rhbz2132430 Tenable has extracted the preceding...

6.5CVSS7AI score0.00664EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.10 views

Fedora 38 : dhcp (2022-5c58ef733f)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-5c58ef733f advisory. Automatic update for dhcp-4.4.3-4.P1.fc38. Changelog Wed Oct 5 2022 Martin Osvald - 12:4.4.3-4.P1 - New version 4.4.3-P1 rhbz2132240 - Fix for...

6.5CVSS7AI score0.00664EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2024/11/08 3:55 a.m.420 views

Exploit for Path Traversal in Lfprojects Mlflow

CVE-2024-2928 Arbitrary file read exploit for CVE-2024-2928 in...

7.5CVSS7.5AI score0.21847EPSS
Exploits2
Circl
Circl
added 2024/09/11 5:21 p.m.5 views

CVE-2024-2928

creationtimestamp| type| source ---|---|--- 2024-09-11 17:21:42+00:00| published-proof-of-concept| https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/mlflowcve20242928 2024-11-08 03:57:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8970...

7.5CVSS7.1AI score0.21847EPSS
Exploits2References3
Rows per page
Query Builder