22 matches found
RockyLinux 10 : podman (RLSA-2025:9146)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9146 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly...
CVE-2025-9146
A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verifygemtekheader of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. The attack requires a high leve...
CVE-2025-9146
A vulnerability (CVE-2025-9146) affects Linksys E5600 with firmware version 1.1.0.26. The flaw resides in the verify_gemtek_header function of the checkFw.sh file within the Firmware Handler component. The issue is described as enabling manipulation that leads to a risky cryptographic algorithm; ...
CVE-2024-9146
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in jamesdlow CSS JS Files css-js-files allows Path Traversal.This issue affects CSS JS Files: from n/a through = 1.5.0...
CVE-2024-9146
creationtimestamp| type| source ---|---|--- 2024-10-05 13:46:42+00:00| seen| https://t.me/cvedetector/7046...
CVE-2024-9146 WordPress CSS JS Files plugin <= 1.5.0 - Directory Traversal to File Read vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in jamesdlow CSS JS Files css-js-files allows Path Traversal.This issue affects CSS JS Files: from n/a through = 1.5.0...
WordPress CSS JS Files Plugin <= 1.5.0 is vulnerable to Directory Traversal
Software CSS JS Files Type Plugin Vulnerable versions = 1.5.0 Fixed in 1.5.1 OWASP Top 10 A3: Injection Classification Directory Traversal CVE CVE-2024-9146 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID eaa2d0720275 Credits jsjp Required privilege Administrator Published...
CVE-2020-9146
A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local attackers can exploit this vulnerability to cause memory leakage and doS attacks by carefully constructing attack scenarios...
CVE-2020-9146
CVE-2020-9146 affects Huawei Smartphone via a memory buffer error in a component interface. The vulnerability allows local attackers to cause memory leakage and potential DoS by crafting specific attack scenarios. Affected details and exact vulnerable components/versions are not provided in the c...
CVE-2019-9146
CVE-2019-9146 affects Jamf Self Service 10.9.0. A MITM attacker could leverage the feature to publish Bash shell scripts and inject the string "/Applications/Utilities/Terminal app/Contents/MacOS/Terminal" into the TCP data stream, enabling escalation to a root shell. The base metrics indicate hi...
Ubuntu: Security Advisory (USN-3667-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for exiv2 FEDORA-2018-871fa4d189
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3667-1: libytnef vulnerabilities
It was discovered that libytnef incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. CVE-2017-12141, CVE-2017-9146, CVE-2017-9471, CVE-2017-9473 It was discovered that libytnef incorrectly handled certain files. An attacker could possibly use this t...
CVE-2018-9146
REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-17724. Reason: This candidate is a reservation duplicate of CVE-2017-17724. Notes: All CVE users should reference CVE-2017-17724 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2018-9146
...
CVE-2018-9146
CVE-2018-9146 is a rejected candidate; reference CVE-2017-17724 instead.
CVE-2017-9146
The CVE-2017-9146 entry concerns the libytnef component (ytnef, libytnef) where TNEFFillMapi in lib/ytnef.c may allocate with a zero/nonzero count check, enabling a heap-based buffer overflow via a crafted tnef file. Affected up to ytnef 1.9.2; remote attackers could crash the application or caus...
Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: FiyoCMS Multiple Vulnerabilities Date: 29 March 2015 Exploit Author: Mahendra Vendor Homepage: www.fiyo.org Software Link: http://sourceforge.net/projects/fiyo-cms/ Version: 2.0.1.8, other version might be vulnerable. Tested :...
Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities
Exploit Title: FiyoCMS Multiple Vulnerabilities Date: 29 March 2015 Exploit Author: Mahendra Vendor Homepage: www.fiyo.org Software Link: http://sourceforge.net/projects/fiyo-cms/ Version: 2.0.1.8, other version might be vulnerable. Tested : Kali Linux 1.0.9a-amd64 CVEs:...
Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities
Fiyo CMS 2.0.1.8 - Multiple Vulnerabilities Exploit Title: FiyoCMS Multiple Vulnerabilities Date: 29 March 2015 Exploit Author: Mahendra Vendor Homepage: www.fiyo.org Software Link: http://sourceforge.net/projects/fiyo-cms/ Version: 2.0.1.8, other version might be vulnerable. Tested : Kali Linux...