CVE-2026-8914

creationtimestamp| type| source ---|---|--- 2026-06-05 11:35:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnk2akmdy32f 2026-06-05 11:35:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnk2akmdy32f...

MAL-2025-8914 Malicious code in @malware-test-sires-feyer-spoot-fount/test-mlw3-sires-feyer-spoot-fount (npm)

The package @malware-test-sires-feyer-spoot-fount/test-mlw3-sires-feyer-spoot-fount was found to contain malicious code...

CVE-2025-8914

creationtimestamp| type| source ---|---|--- 2025-08-13 14:10:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lwbyvjmyi62p...

CVE-2025-8914 WellChoose｜Organization Portal System - SQL Injection

Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents...

Linux Distros Unpatched Vulnerability : CVE-2015-8914

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechani...

CVE-2024-8914

The Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 due to incorrect use of the wpksesallowedhtml function, which allows the 'onclick' attribute for...

AlmaLinux 9 : libtiff (ALSA-2024:8914)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8914 advisory. libtiff: NULL pointer dereference in tifdirinfo.c CVE-2024-7006 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

Oracle Linux 9 : libtiff (ELSA-2024-8914)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-8914 advisory. 4.4.0-12.1 - fix CVE-2024-7006 a null pointer dereference in tifdirinfo RHEL-52931 Tenable has extracted the preceding description block directly from the Oracl...

Moderate: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2024-8914

creationtimestamp| type| source ---|---|--- 2024-09-25 04:16:49+00:00| seen| https://t.me/cvedetector/6257...

CVE-2024-8914 Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam <= 2.0.1 - Unauthenticated Stored Cross-Site Scripting

The Thanh Toán Quét Mã QR Code Tự Động – MoMo, ViettelPay, VNPay và 40 ngân hàng Việt Nam plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 due to incorrect use of the wpksesallowedhtml function, which allows the 'onclick' attribute for...

WordPress Thanh Toán Quét Mã QR Code Tự Động Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Thanh Toán Quét Mã QR Code Tự Động Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8914 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 39d2756c43d9 Credits Frances...

CVE-2018-8914

SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter...

CVE-2018-8914

The CVE-2018-8914 issue affects Synology Media Server’s UPnP DMA, where a SQL injection allows remote execution of arbitrary SQL commands via the ObjectID parameter. Affected versions are prior to 1.7.6-2842 and prior to 1.4-2654. The vulnerability is rooted in improper handling of the ObjectID i...

CVE-2017-8914

sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to hijack npm packages or host arbitrary files by leveraging an insecure user creation policy, aka SAP Security Note 2407694...

CVE-2017-8914

CVE-2017-8914 affects SAP HANA XS Sinopia (HDB 1.00 and 2.00). The root cause is an insecure default user-creation policy in Sinopia, enabling remote attackers to hijack npm packages or host arbitrary files. Public disclosures reference ERPScan and SAP Security Note 2407694; the advisory describe...

SAP HANA Sinopia - default user creation policy insecure

Application: SAP HANA Versions Affected: SAP HANA SPS12 Vendor URL: SAP Bug: Insecure default configuration Reported: 13.12.2016 Vendor response: 14.12.2016 Date of Public Advisory: 14.02.2017 Reference: SAP Security Note 2407694 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class:...

Low: Red Hat Security Advisory: openstack-neutron security and bug fix update

An update for openstack-neutron is now available for Red Hat OpenStack Platform 8.0 Liberty. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Low: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update

An update for openstack-neutron is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

CVE-2015-8914

The CVE-2015-8914 entry corresponds to an ICMPv6-spoofing bypass in OpenStack Neutron’s IPTables firewall. The vulnerable component is Neutron’s firewall rules (IPTables) on OpenStack Neutron before versions 7.0.4 and 8.0.0 through 8.1.0. Root cause: the ICMPv6-spoofing protection mechanism can b...