21 matches found
RHEL 9 : webkit2gtk3 (RHSA-2026:28147)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28147 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...
Important: Red Hat Security Advisory: webkit2gtk3 security update
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: webkit2gtk3 security update
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...
RHEL 7 : webkitgtk4 (RHSA-2026:27728)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27728 advisory. WebKitGTK+ is port of the WebKit portable web rendering engine to the GTK+ platform. These packages provide WebKitGTK+ for GTK+ 3. Security...
RHEL 8 : webkit2gtk3 (RHSA-2026:27785)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27785 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...
Linux Distros Unpatched Vulnerability : CVE-2026-28946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing maliciously crafted web...
CVE-2025-28946
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme PrintXtore allows PHP Local File Inclusion.This issue affects PrintXtore: from n/a before 1.7.8...
CVE-2025-28946 WordPress PrintXtore theme < 1.7.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme PrintXtore bw-printxtore allows PHP Local File Inclusion.This issue affects PrintXtore: from n/a through 1.7.8...
CVE-2022-28946
An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service DoS via triggering out-of-range memory access...
CVE-2020-28946
An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker with network access to the device to obtain the configuration file, including hashed credential data. Successful exploitation could allow access to hashed credential data with a single...
openSUSE: Security Advisory for trivy (openSUSE-SU-2022:10022-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for trivy (moderate)
openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2022:10022-1 Rating: moderate References: 1199760 Cross-References: CVE-2022-23648 CVE-2022-28946 CVSS scores: CVE-2022-23648 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2022-23648 SUSE: 5.5...
CVE-2022-28946
creationtimestamp| type| source ---|---|--- 2022-05-19 22:29:56+00:00| seen| https://t.me/cibsecurity/43000...
CVE-2022-28946 vulnerabilities
Vulnerabilities for packages: opa...
CVE-2022-28946 vulnerabilities
Vulnerabilities for packages: opa...
CVE-2022-28946
Open Policy Agent CVE-2022-28946 affects v0.39.0, due to a bug in ast/parser.go that causes the application to misinterpret expressions, leading to a Denial of Service via out-of-range memory access. The NVD metrics show a CVSS 3.1 base score of 7.5 (Network, Low attack complexity, No privileges ...
CVE-2020-28946
creationtimestamp| type| source ---|---|--- 2020-12-08 22:31:37+00:00| seen| https://t.me/cibsecurity/17282...
CVE-2020-28946
The CVE-2020-28946 entry concerns Plum IK-401 devices with firmware prior to 1.02. The issue is an improper webserver configuration that, when the device is reachable over the network, allows unauthenticated retrieval of the configuration file, including hashed credential data, via a single GET r...
Internet Explorer VML Fill Method Code Execution
No description provided by source. $Id: ms06055vmlmethod.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
MS06-055 Microsoft Internet Explorer VML Fill Method Code Execution
This module exploits a code execution vulnerability in Microsoft Internet Explorer using a buffer overflow in the VML processing code VGX.dll. This module has been tested on Windows 2000 SP4, Windows XP SP0, and Windows XP SP2. This module requires Metasploit: https://metasploit.com/download...