Linux Distros Unpatched Vulnerability : CVE-2026-9204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain...

CVE-2026-9204

creationtimestamp| type| source ---|---|--- 2026-06-11 12:45:14+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnzaxmissr2y 2026-06-11 14:07:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnzfl2dc3f2t 2026-06-11 18:00:00+00:00| seen|...

CVE-2026-9204

CVE-2026-9204 describes a Server-Side Request Forgery (SSRF) in GitLab CE/EE where an authenticated user could read arbitrary files from the Gitaly server and access internal network resources during repository import, due to insufficient validation of secondary URLs. Affected versions: 18.10 bef...

GitLab 18.10 < 18.10.8 / 18.11 < 18.11.5 / 19.0 < 19.0.2 (CVE-2026-9204)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an...

EUVD-2008-6735

Malware in sbrugna...

WordPress X Addons for Elementor plugin <= 1.0.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via Youtube Video ID Field vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Youtube Video ID Field vulnerability discovered by zer0gh0st in WordPress Plugin X Addons for Elementor versions = 1.0.16...

CVE-2025-9204

creationtimestamp| type| source ---|---|--- 2025-10-03 12:05:18+00:00| seen| Telegram/q26ZIODGdTvL5unvuuKrcnVcQCPDuzNHDHAxYz7bZYBe-gI...

CVE-2018-9204

creationtimestamp| type| source ---|---|--- 2025-03-17 22:48:02+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7882...

CVE-2024-9204

creationtimestamp| type| source ---|---|--- 2024-10-04 07:40:19+00:00| seen| https://t.me/cvedetector/6951...

CVE-2024-9204

The WordPress Smart Custom 404 Error Page plugin (

Nagios IM SQL Injection (CVE-2019-9204)

An SQL injection vulnerability exists in Nagios IM. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

Oracle Linux 7 : python-pip (ELSA-2022-9204)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-9204 advisory. 9.0.3-8.0.1 - CVE-2019-20916 Orabug: 33861505 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

CVE-2019-9204

SQL injection vulnerability in Nagios IM component of Nagios XI before 2.2.7 allows attackers to execute arbitrary SQL commands...

CVE-2019-9204

Nagios IM (Nagios XI component) is affected by a SQL injection vulnerability prior to 2.2.7. The issue allows an attacker to execute arbitrary SQL commands through the affected component, as described in CVE-2019-9204 records from Nagios/Red Hat/Check Point tooling. Red Hat and other advisories r...

CVE-2015-9204

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, if cchFriendlyName is greater than TZPRMAXNAMELEN in function playreadyleavedomaingeneratechallenge, a...

CVE-2015-9204

CVE-2015-9204 describes a buffer overread in Android on Qualcomm Snapdragon mobile/wear platforms (various SD series) when cchFriendlyName exceeds TZ_PR_MAX_NAME_LEN in playready_leavedomain_generate_challenge(). The issue is triggered in affected Android versions prior to the 2018-04-05 security...

CVE-2017-9204

The iwgetui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service invalid read and SEGV via a crafted image, related to imagew-jpeg.c...

CVE-2017-9204

CVE-2017-9204 affects ImageWorsener 1.3.1. The vulnerability is in the function iw_get_ui16le (imagew-util.c:405:23) of the libimageworsener.a binary and is related to imagew-jpeg.c, allowing remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image. The available ...

CVE-2014-9204

CVE-2014-9204 affects Rockwell Automation RSLinx Classic OPCTest.exe prior to version 3.73.00. The flaw is a stack-based buffer overflow triggered by loading a crafted CSV file, which could crash the application or allow code execution when a user opens the file. Affected product is RSLinx Classi...

SuSE 11.3 Security Update : nagios-nrpe, nagios-nrpe-debuginfo, nagios-nrpe-debugsource, etc (SAT Patch Number 9204)

nagios-nrpe has been updated to prevent possible remote command execution when command arguments are enabled. This issue affects versions 2.15 and older. Further information is available at http://seclists.org/fulldisclosure/2014/Apr/240 These security issues have been fixed : - Remote command...