126 matches found
EUVD-2026-4028
Missing Authorization vulnerability in Taxcloud TaxCloud for WooCommerce simple-sales-tax allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TaxCloud for WooCommerce: from n/a through = 8.3.8...
MiracleLinux 9 : thunderbird-91.11.0-2.el9.ML.1 (AXSA:2022-4028:19)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4028:19 advisory. Mozilla: CSP sandbox header without allow-scripts can be bypassed via retargeted javascript: URI CVE-2022-34468 Mozilla: Use-after-free in nsSHistor...
MiracleLinux 3 : xorg-x11-server-1.1.1-48.90.0.1.AXS3 (AXSA:2012-271:01)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-271:01 advisory. X.Org X11 X server Security issues fixed with this release: CVE-2011-4028 No information available at the time of writing, please refer to the CVE links below...
CVE-2012-4028
Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass intended access restrictions by using the stored information for authentication...
CVE-2025-4028
A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched...
CVE-2025-4028 PHPGurukul COVID19 Testing Management System profile.php sql injection
A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched...
CVE-2025-4028
CVE-2025-4028 affects PHPGurukul COVID19 Testing Management System 1.0. The vulnerability resides in /profile.php where the mobilenumber parameter is manipulated to cause SQL injection. The issue can be triggered remotely and has been disclosed publicly, with other parameters potentially affected...
CVE-2025-4028 PHPGurukul COVID19 Testing Management System profile.php sql injection
A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched...
Linux Distros Unpatched Vulnerability : CVE-2021-4028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a...
Linux Distros Unpatched Vulnerability : CVE-2011-4028
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to determine the existence of arbitrary files via a symlink attack on a...
be.jidoka:jdk-keycloak-admin (>=2.0.0 <=2.4.0), ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0) +716 more potentially affected by CVE-2024-4028 via org.keycloak:keycloak-core (>=1.0-alpha-1 <=26.1.2)
org.keycloak:keycloak-core MAVEN version =1.0-alpha-1, =2.0.0, =0.1.0, =0.0.1, =1.5.1, =1.5.1, =1.6.2, =1.6.2, =1.5.2, =1.5.2, =1.7.2, =1.7.2, =1.0.22, =1.0.22, =1.4.3, =1.4.3, =1.6.5 and more Source cves: CVE-2024-4028 Source advisory: OSV:GHSA-Q4XQ-445G-G6CH...
CVE-2024-4028
creationtimestamp| type| source ---|---|--- 2025-02-18 18:16:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lihul5aitt2o 2025-02-18 20:59:52+00:00| seen| https://t.me/cvedetector/18354 2025-03-15 04:45:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7664...
CVE-2024-4028 vulnerabilities
Vulnerabilities for packages: keycloak-operator, keycloak-config-cli, keycloak...
CVE-2024-4028 vulnerabilities
Vulnerabilities for packages: keycloak-fips, keycloak, keycloak-operator, keycloak-config-cli...
CentOS 7 : kpatch-patch (RHSA-2022:1185)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1185 advisory. - A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to...
CentOS 7 : kernel (RHSA-2022:1198)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:1198 advisory. - A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to...
CVE-2023-4028
creationtimestamp| type| source ---|---|--- 2023-08-17 20:37:35+00:00| seen| https://t.me/cibsecurity/68772...
CVE-2023-4028
Affected software/hardware: Lenovo Notebook family. Issue: a buffer overflow in the SystemUserMasterHddPwdDxe driver. Root cause: overflow vulnerability in specific Lenovo notebook driver components that can be triggered locally. Impact: allows an attacker with local access and elevated privilege...
Tridium Niagara AX Insufficiently Protected Credentials (CVE-2012-4028)
Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass intended access restrictions by using the stored information for authentication. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-o...
K37256400: Linux kernel vulnerability CVE-2021-4028
Security Advisory Description A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local...