CVE-2026-9309

creationtimestamp| type| source ---|---|--- 2026-06-02 13:45:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mncq4gxck323 2026-06-03 04:52:24+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-prodotti-mozilla-6...

CVE-2026-9309

Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...

CVE-2026-9309

CVE-2026-9309 affects Firefox for iOS Reader View. The issue is improper escaping of HTML tags in JSON-LD metadata, enabling a malicious page to inject markup that leaks sensitive URL parameters and could lead to arbitrary JavaScript execution in an internal origin. Impact is described as access ...

MiracleLinux 9 : fontforge-20201107-6.el9 (AXSA:2024-9309:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-9309:02 advisory. fontforge: command injection via crafted archives or compressed files CVE-2024-25082 fontforge: command injection via crafted filenames CVE-2024-250...

CVE-2025-9309

creationtimestamp| type| source ---|---|--- 2025-08-21 20:43:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lwwslpsrpp2p...

CVE-2019-9309

In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117985575...

CVE-2024-9309

A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in haotian-liu/llava version v1.2.0 LLaVA-1.6. This vulnerability allows attackers to exploit the victim Controller API Server's credentials to perform unauthorized...

CVE-2024-9309

creationtimestamp| type| source ---|---|--- 2025-03-20 11:40:53+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmi34chk2v 2025-03-20 12:48:39+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114194836150364747...

CVE-2024-9309

A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in haotian-liu/llava version v1.2.0 LLaVA-1.6. This vulnerability allows attackers to exploit the victim Controller API Server's credentials to perform unauthorized...

CVE-2020-9309

SilverStripe CMS up to version 4.5 is vulnerable to script execution via malicious upload contents, when files with allowed extensions are stored as protected or draft and MIME detection causes browsers to run the file contents. Affected component/file: uploads handling (protected/draft state) an...

CVE-2019-9309

CVE-2019-9309 affects Android 10 due to an out-of-bounds write in the NFC handling caused by a missing bounds check. This could enable local elevation of privilege with user interaction required for exploitation. The vulnerability is documented in the Android 10 security release notes and is addr...

CVE-2015-9309

creationtimestamp| type| source ---|---|--- 2019-08-14 20:34:00+00:00| seen| https://t.me/cibsecurity/6143...

CVE-2015-9309

The CVE-2015-9309 entry concerns the WordPress plugin wp-google-map-plugin, which prior to version 2.3.10 has a CSRF vulnerability in the add/edit category feature. Public details from multiple sources confirm the affected software/versions and the CSRF flaw, with CVSS scores indicating medium to...

CVE-2018-9309

An issue was discovered in zzcms 8.2. It allows SQL injection via the id parameter in a dl/dlsendsms.php request...

CVE-2018-9309

CVE-2018-9309 affects zzcms 8.2, where the id parameter in the dl/dl_sendsms.php request enables SQL injection. The NVD entry documents a high‑risk flaw with CVSS v3.1 base score 9.8 (NETWORK, LOW complexity, no privileges, UI/N user interaction, with HIGH impact on confidentiality, integrity, an...