Debian: Security Advisory (DLA-4528-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MINI-GHG7-4528-JPRQ

Bulletin has no description...

CVE-2026-4528

A vulnerability was determined in trueleaf ApiFlow 0.9.7. The impacted element is the function validateUrlSecurity of the file packages/server/src/service/proxy/httpproxy.service.ts of the component URL Validation Handler. This manipulation causes server-side request forgery. Remote exploitation ...

CVE-2026-4528

creationtimestamp| type| source ---|---|--- 2026-03-22 00:04:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhmaokszeh2o 2026-03-22 01:42:57+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mhmg6tppmc2m...

CVE-2026-4528 trueleaf ApiFlow URL Validation http_proxy.service.ts validateUrlSecurity server-side request forgery

A vulnerability was determined in trueleaf ApiFlow 0.9.7. The impacted element is the function validateUrlSecurity of the file packages/server/src/service/proxy/httpproxy.service.ts of the component URL Validation Handler. This manipulation causes server-side request forgery. Remote exploitation ...

CVE-2025-4528

creationtimestamp| type| source ---|---|--- 2025-05-11 03:29:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15918 2025-05-11 04:06:13+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loulcnj3vx42 2025-05-11 04:36:56+00:00| seen|...

CVE-2025-4528 Dígitro NGC Explorer session expiration

A weakness has been identified in Dígitro NGC Explorer up to 3.44.15/3.48.21. This affects an unknown function. Executing a manipulation can lead to session expiration. The attack can be launched remotely. Upgrading to version 3.48.22 mitigates this issue. It is recommended to upgrade the affecte...

CVE-2025-4528 Dígitro NGC Explorer session expiration

A weakness has been identified in Dígitro NGC Explorer up to 3.44.15/3.48.21. This affects an unknown function. Executing a manipulation can lead to session expiration. The attack can be launched remotely. Upgrading to version 3.48.22 mitigates this issue. It is recommended to upgrade the affecte...

RHEL 9 : less (RHSA-2024:4528)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4528 advisory. The less utility is a text file browser that resembles more, but allows users to move backwards in the file as well as forwards. Since less does not...

CVE-2024-4528

CVE-2024-4528 affects SourceCodester Prison Management System 1.0. The vulnerability resides in the /Admin/user-record.php function where manipulating the txtfullname parameter enables cross-site scripting. Descriptions indicate remote exploitation and public disclosure of the exploit. Several so...

MGASA-2023-0349 Updated golang packages fix security vulnerabilities

Update to upstream golang 1.21.5 to fix CVE-2023-39326 and CVE-2023-452835 In Mageia 8, this update also allows build nodes to build docker stack...

CVE-2018-4528

Rejected reason: This candidate is unused by its CNA...

CVE-2023-4528

creationtimestamp| type| source ---|---|--- 2023-09-07 22:18:54+00:00| seen| https://t.me/cibsecurity/70107 2023-11-10 21:41:08+00:00| seen| https://t.me/arpsyndicate/59...

CVE-2023-4528

Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 Windows, Linux, and MacOS permits an attacker to run arbitrary Java code including OS commands via its management interface...

CVE-2023-4528 JSCAPE MFT Server Unsafe Deserialization on Management Port

Unsafe deserialization in JSCAPE MFT Server versions prior to 2023.1.9 Windows, Linux, and MacOS permits an attacker to run arbitrary Java code including OS commands via its management interface...

CVE-2023-4528

CVE-2023-4528 affects JSCAPE MFT Server versions prior to 2023.1.9. An unsafe Java deserialization on the management port (default TCP 10880) allows an attacker to send an XML-encoded Java object and execute arbitrary code with root on Linux or SYSTEM on Windows. The vulnerability is exploitable ...

SUSE CVE-2012-4528

The modsecurity2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data...

Security Bulletin: IBM MQ Appliance is affected by an information disclosure vulnerability (CVE-2020-4528)

Summary IBM MQ Appliance has resolved an information disclosure vulnerability. Vulnerability Details CVEID: CVE-2020-4528 DESCRIPTION: IBM MQ Appliance could allow a local user, under special conditions, to obtain highly sensitive information from log files. CVSS Base score: 5.9 CVSS Temporal...

CVE-2020-4528

IBM MQ Appliance IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 through 2018.4.1.12 could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-Force ID: 182658...

CVE-2020-4528

IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0–2018.4.1.12) is affected by CVE-2020-4528, a local information-disclosure vulnerability where a local user could obtain highly sensitive data from log files under specific conditions. The IBM bulletin lists affected products/versions...