CyberSecurityBoard
Sponsor Register Login

CVE-2024-3928

A vulnerability was found in Dromara open-capacity-platform 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /actuator/heapdump of the component auth-server. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261367.

Publication date: Thu, 18 Apr 2024 05:15:00 +0000


Cyber News related to CVE-2024-3928

CISA Issues Warning on Commvault Web Server Flaw Exploited in the Wild - CISA has issued a new security warning about a critical vulnerability affecting the Commvault Web Server, built into one of the industry’s leading data protection platforms. This alert comes as security teams worldwide scramble to assess exposure ...
1 month ago Cybersecuritynews.com CVE-2025-3928
Commvault says recent breach didn't impact customer backup data - "Importantly, there has been no unauthorized access to customer backup data that Commvault stores and protects, and no material impact on our business operations or our ability to deliver products and services," Danielle Sheer, the ...
1 month ago Bleepingcomputer.com CVE-2025-3928
Commvault Confirms 0-Day Exploit Allowed Hackers Access to Its Azure Environment - The Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-3928 to its Known Exploited Vulnerabilities Catalog on Monday, April 28, requiring federal agencies to secure their Commvault software by May 19, 2025. Exploiting this ...
1 month ago Cybersecuritynews.com CVE-2025-3928
AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
7 months ago Feeds.dzone.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
11 months ago Tenable.com
CVE-2024-3928 - A vulnerability was found in Dromara open-capacity-platform 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /actuator/heapdump of the component auth-server. The manipulation leads to ...
11 months ago
CVE-2024-4341 - Improper Privilege Management vulnerability in Ekstrem Bir Bilgisayar Danismanlik Ic Ve Dis Ticaret Ltd. Sti. Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3928. ...
10 months ago
CVE-2023-3928 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
3 months ago Tenable.com
CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks - The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of Broadcom Brocade Fabric OS, Commvault web servers, and Qualitia Active! Mail clients vulnerabilities that are actively exploited in attacks. The flaws were added ...
1 month ago Bleepingcomputer.com CVE-2025-42599
CVE-2007-3928 - Buffer overflow in Yahoo! Messenger 8.1 allows user-assisted remote authenticated users to execute arbitrary code via a long e-mail address in an address book entry. NOTE: this might overlap CVE-2007-3638. The vendor has confirmed the vulnerability ...
7 years ago
CVE-2021-3928 - vim is vulnerable to Use of Uninitialized Variable ...
2 years ago
CVE-2016-3928 - The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30019362 and MediaTek internal bug ALPS02829384. ...
8 years ago
CVE-2014-3928 - Cougar-LG stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain credentials. ...
8 years ago
CVE-2008-3928 - test.sh in Honeyd 1.5c might allow local users to overwrite arbitrary files via a symlink attack on a temporary file. ...
7 years ago
CVE-2010-3928 - Ruby Version Manager (RVM) before 1.2.1 writes file contents to a terminal without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via a crafted file, related to an "escape sequence injection ...
7 years ago
CVE-2013-3928 - Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.02 allows remote attackers to execute arbitrary code via crafted biPlanes and biBitCount fields in a BMP file. ...
7 years ago
CVE-2006-3928 - PHP remote file inclusion vulnerability in index.php in WMNews 0.2a and earlier allows remote attackers to execute arbitrary PHP code via a URL in the base_datapath parameter. ...
7 years ago
CVE-2005-3928 - Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a long command line argument. ...
6 years ago
CVE-2011-3928 - Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM handling. ...
5 years ago
CVE-2020-3928 - GeoVision Door Access Control device family is hardcoded with a root password, which adopting an identical password in all devices. ...
4 years ago
CVE-2019-3928 - Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allow any user to obtain the presentation passcode via the iso.3.6.1.4.1.3212.100.3.2.7.4 OIDs. A remote, unauthenticated attacker can use this vulnerability to access a ...
2 years ago
CVE-2018-3928 - An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a settings change, resulting in denial of service. An attacker can send a set of ...
2 years ago
CVE-2009-3928 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2009. Notes: none ...
55 years ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)