MAL-2025-9293 Malicious code in @sellerly-kit/amazon-token-connect (npm)

The package @sellerly-kit/amazon-token-connect was found to contain malicious code...

CVE-2024-9293

A vulnerability classified as critical was found in skyselang yylAdmin up to 3.0. Affected by this vulnerability is the function list of the file /app/admin/controller/file/File.php of the component Backend. The manipulation of the argument isdisable leads to sql injection. The attack can be...

CVE-2019-9293

In libstagefright, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117661116...

CVE-2024-9293

creationtimestamp| type| source ---|---|--- 2024-09-28 00:16:14+00:00| seen| https://t.me/cvedetector/6584...

CVE-2024-39920

A flaw was found in the TCP protocol in RFC 9293. The TCP protocol has a timing side channel that makes it easier for remote attackers to infer the content of one TCP connection from a client system to any server when that client system is concurrently obtaining TCP data at a slow rate from an...

CVE-2024-39920

The TCP protocol in RFC 9293 has a timing side channel that makes it easier for remote attackers to infer the content of one TCP connection from a client system to any server, when that client system is concurrently obtaining TCP data at a slow rate from an attacker-controlled server, aka the...

CVE-2024-39920

The CVE-2024-39920 entry describes a timing side channel in TCP (RFC 9293), dubbed the SnailLoad issue, where an attacker can infer the content of a client’s TCP connection when the client concurrently receives data from an attacker-controlled server. The attack is illustrated by measuring RTTs o...

CVE-2024-39920

The TCP protocol in RFC 9293 has a timing side channel that makes it easier for remote attackers to infer the content of one TCP connection from a client system to any server, when that client system is concurrently obtaining TCP data at a slow rate from an attacker-controlled server, aka the...

[Security Nation] Chris Levendis and Lisa Olson on Cloud CVEs

!\Security Nation\ Chris Levendis and Lisa Olson on Cloud CVEshttps://blog.rapid7.com/content/images/2022/09/securitynationlogo.jpg In this episode of Security Nation, Jen and Tod chat with Chris Levendis of MITRE and Lisa Olson of Microsoft about assigning CVE IDs for vulnerabilities affecting...

Ubuntu: Security Advisory (USN-2449-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2014-356-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0259-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0259-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0259-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0322-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-9293

In libstagefright, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117661116...

CVE-2019-9293

CVE-2019-9293 affects Android 10, describing an out-of-bounds read in libstagefright due to a missing bounds check. This could allow remote information disclosure with no execution privileges, though exploitation requires user interaction. The vulnerability is documented across multiple sources (...

CVE-2015-9293

creationtimestamp| type| source ---|---|--- 2019-08-13 20:38:17+00:00| seen| https://t.me/cibsecurity/6103...

CVE-2015-9293

The CVE refers to the All In One WP Security & Firewall WordPress plugin (before 3.9.8) with an XSS in the unlock request feature. Affected component: the plugin’s unlock request handling. Root cause: reflected script injection in the unlock request path (exact technical details not provided in t...

Security Bulletin: Multiple vulnerabilities in ntp affect IBM Flex System Manager (FSM) (CVE-2014-9293, CVE-2014-9294, CVE-2014-9297, CVE-2014-9298)

Summary There are multiple vulnerabilities in ntp that is used by IBM Flex System Manager. Vulnerability Details Summary There are multiple vulnerabilities in ntp that is used by IBM Flex System Manager. Vulnerability Details: CVE-ID: CVE-2014-9293 Description: Network Time Protocol NTP Project N...