Fedora 43 : perl-Cpanel-JSON-XS (2026-d88c7fac8c)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d88c7fac8c advisory. This update addresses a number of bugs including these security issues: Fix BOM-shift PV-corruption SIGABRT CVE-2026-9516 Fix dupkeysasarrayref type...

CVE-2026-9334

creationtimestamp| type| source ---|---|--- 2026-06-03 02:57:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mne4fdfgs223...

DEBIAN-CVE-2026-9334

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeysasarrayref is enabled. decodehv collapses duplicate object keys into an array reference under dupkeysasarrayref. The branch reached for a duplicate key tests SvTYPE oldvalue != SVtRV && SvTYP...

CVE-2026-9334

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeysasarrayref is enabled. decodehv collapses duplicate object keys into an array reference under dupkeysasarrayref. The branch reached for a duplicate key tests SvTYPE oldvalue != SVtRV && SvTYP...

Linux Distros Unpatched Vulnerability : CVE-2026-9334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeysasarrayref is enabled. decodehv collapses duplicate...

MINI-4FCC-GQXX-9334

Bulletin has no description...

WordPress Better Find and Replace plugin <= 1.7.7 - Authenticated (Subscriber+) Limited Code Injection vulnerability

Authenticated Subscriber+ Limited Code Injection vulnerability discovered by ISMAILSHADOW in WordPress Plugin Better Find and Replace versions = 1.7.7...

CVE-2025-9334

creationtimestamp| type| source ---|---|--- 2025-11-08 07:32:05+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m5437qdrzw24 2025-11-08 08:55:48+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m547u6ves7j2 2025-11-08 09:07:18+00:00| seen|...

CVE-2025-9334

The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to Limited Code Injection in all versions up to, and including, 1.7.7. This is due to insufficient input validation and restriction on the 'rtafarajax' function. This makes it possible for authenticated...

EUVD-2016-9334

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-9334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An incorrect pair? check in the Scheme length procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an...

CVE-2020-9334

A stored XSS vulnerability exists in the Envira Photo Gallery plugin through 1.7.6 for WordPress. Successful exploitation of this vulnerability would allow a authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users...

CVE-2015-9334

The email-newsletter plugin through 20.15 for WordPress has SQL injection...

CVE-2024-9334

Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authentication Bypass. This issue affects Pallium Vehicle Tracking: before 17.10.2024...

CVE-2024-9334

creationtimestamp| type| source ---|---|--- 2025-02-27 15:23:56+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114076538403107122 2025-02-27 15:48:32+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114076635029385494 2025-02-27 16:45:05+00:00| seen|...

CVE-2024-9334 Information Disclosure in E-Kent's Pallium Vehicle Tracking

Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authentication Bypass. This issue affects Pallium Vehicle Tracking: before 17.10.2024...

CVE-2024-9334 Information Disclosure in E-Kent's Pallium Vehicle Tracking

Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authentication Bypass. This issue affects Pallium Vehicle Tracking: before 17.10.2024...

Rockwell Automation MicroLogix Cleartext Transmission of Sensitive Information (CVE-2016-9334)

An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions; and 1763-L16DWD,...

CVE-2020-9334

The CVE-2020-9334 entry maps to a stored XSS vulnerability in the WordPress Envira Photo Gallery plugin (versions up to 1.7.6). The issue arises from an insufficient sanitization/presentation path that allows an authenticated, low-privilege user to inject arbitrary JavaScript code, which can be r...

CVE-2019-9334

CVE-2019-9334 concerns the Android 10 ecosystem where a vulnerability in the Media/Library stack (libhevc) allows information disclosure via uninitialized data. The issue affects Android 10 and is described as enabling remote information disclosure with no additional execution privileges; exploit...