CVE-2026-28902

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4:...

CVE-2026-28902

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2023-28902

An integer underflow in the image processing binary of the MIB3 infotainment unit allows an attacker with local access to the vehicle to cause denial-of-service of the infotainment system. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part...

CVE-2023-28902

CVE-2023-28902 describes an integer underflow in the image processing binary of the MIB3 infotainment unit, allowing a local-attacker to cause denial-of-service of the infotainment system. The vulnerability was first identified in Skoda Superb III with MIB3 OEM part 3V0035820; affected MIB3 OEM p...

CVE-2020-28902

Command Injection in Nagios Fusion 4.1.8 and earlier allows Privilege Escalation from apache to root in cmdsubsys.php...

CVE-2025-28902

Cross-Site Request Forgery CSRF vulnerability in Benjamin Pick Contact Form 7 Select Box Editor Button contact-form-7-select-box-editor-button allows Cross Site Request Forgery.This issue affects Contact Form 7 Select Box Editor Button: from n/a through = 0.6...

CVE-2025-28902

Cross-Site Request Forgery CSRF vulnerability in Benjamin Pick Contact Form 7 Select Box Editor Button contact-form-7-select-box-editor-button allows Cross Site Request Forgery.This issue affects Contact Form 7 Select Box Editor Button: from n/a through = 0.6...

CVE-2025-28902 WordPress Contact Form 7 Select Box Editor Button plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Benjamin Pick Contact Form 7 Select Box Editor Button contact-form-7-select-box-editor-button allows Cross Site Request Forgery.This issue affects Contact Form 7 Select Box Editor Button: from n/a through = 0.6...

Linux Distros Unpatched Vulnerability : CVE-2021-28902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In function readyincontainer in libyang extr is NULL. In some cases, it can be NULL, which leads to the operation of retval-extr-flags that results in a crash...

RHEL 8 : libyang (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libyang: NULL pointer dereference in readyinleaf CVE-2021-28906 - libyang: NULL pointer dereference via...

RHEL 8 : libyang (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libyang: NULL pointer dereference in readyinleaf CVE-2021-28906 - libyang: NULL pointer dereference via...

CVE-2024-28902

Windows Remote Access Connection Manager Information Disclosure Vulnerability...

CVE-2024-28902

CVE-2024-28902 is associated with Windows Remote Access Connection Manager and is listed in an ENISA/NCSC-style advisory as a local, low-complexity information-disclosure vulnerability with potential impact to data confidentiality (CVE-2024-28902, Windows Remote Access Connection Manager). The co...

CVE-2024-28902 Windows Remote Access Connection Manager Information Disclosure Vulnerability

...

CVE-2024-28902 Windows Remote Access Connection Manager Information Disclosure Vulnerability

...

SUSE CVE-2021-28902

In function readyincontainer in libyang extr is NULL. In some cases, it can be NULL, which leads to the operation of retval-extr-flags that results in a crash...

SUSE SLES15 Security Update : libyang (SUSE-SU-2022:3245-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3245-1 advisory. - In function readyincontainer in libyang extr is NULL. In some cases, it can be NULL, which leads to the operation of...

openSUSE: Security Advisory for libyang (SUSE-SU-2022:3245-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2022:3245-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:3245-1 Security update for libyang

This update for libyang fixes the following issues: - CVE-2021-28906: Fixed missing check in readyinleaf that can lead to DoS bsc1186378 - CVE-2021-28904: Fixed missing check in extgetplugin that lead to DoS bsc1186376. - CVE-2021-28903: Fixed stack overflow in lyxmlparsemem bsc1186375. -...