16 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-28946
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing maliciously crafted web...
CVE-2025-28946
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme PrintXtore allows PHP Local File Inclusion.This issue affects PrintXtore: from n/a before 1.7.8...
CVE-2025-28946 WordPress PrintXtore theme < 1.7.8 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in BZOTheme PrintXtore bw-printxtore allows PHP Local File Inclusion.This issue affects PrintXtore: from n/a through 1.7.8...
CVE-2022-28946
An issue in the component ast/parser.go of Open Policy Agent v0.39.0 causes the application to incorrectly interpret every expression, causing a Denial of Service DoS via triggering out-of-range memory access...
CVE-2020-28946
An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker with network access to the device to obtain the configuration file, including hashed credential data. Successful exploitation could allow access to hashed credential data with a single...
openSUSE: Security Advisory for trivy (openSUSE-SU-2022:10022-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for trivy (moderate)
openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2022:10022-1 Rating: moderate References: 1199760 Cross-References: CVE-2022-23648 CVE-2022-28946 CVSS scores: CVE-2022-23648 NVD : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2022-23648 SUSE: 5.5...
CVE-2022-28946
creationtimestamp| type| source ---|---|--- 2022-05-19 22:29:56+00:00| seen| https://t.me/cibsecurity/43000...
CVE-2022-28946 vulnerabilities
Vulnerabilities for packages: opa...
CVE-2022-28946 vulnerabilities
Vulnerabilities for packages: opa...
CVE-2022-28946
Open Policy Agent CVE-2022-28946 affects v0.39.0, due to a bug in ast/parser.go that causes the application to misinterpret expressions, leading to a Denial of Service via out-of-range memory access. The NVD metrics show a CVSS 3.1 base score of 7.5 (Network, Low attack complexity, No privileges ...
CVE-2020-28946
creationtimestamp| type| source ---|---|--- 2020-12-08 22:31:37+00:00| seen| https://t.me/cibsecurity/17282...
CVE-2020-28946
The CVE-2020-28946 entry concerns Plum IK-401 devices with firmware prior to 1.02. The issue is an improper webserver configuration that, when the device is reachable over the network, allows unauthenticated retrieval of the configuration file, including hashed credential data, via a single GET r...
Internet Explorer VML Fill Method Code Execution
No description provided by source. $Id: ms06055vmlmethod.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
MS06-055 Microsoft Internet Explorer VML Fill Method Code Execution
This module exploits a code execution vulnerability in Microsoft Internet Explorer using a buffer overflow in the VML processing code VGX.dll. This module has been tested on Windows 2000 SP4, Windows XP SP0, and Windows XP SP2. This module requires Metasploit: https://metasploit.com/download...
Internet Explorer VML rect fill buffer overflow
Added: 09/20/2006 CVE: CVE-2006-4868 BID: 20096 OSVDB: 28946 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem A buffer overflow in Internet Explorer when processing VML code allows remote command execution using a long fill parameter within a rect tag...