CVE-2025-9337

creationtimestamp| type| source ---|---|--- 2025-10-13 10:14:31+00:00| seen| Telegram/-mH7BStS94km2f7se2rsRfCArE0R2s9rZXwdZL-6EOBUA...

CVE-2020-9337

In GolfBuddy Course Manager 1.1, passwords are sent with base64 encoding via a GET request...

petmd.com Cross Site Scripting vulnerability OBB-1276183

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2019-9337

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204376...

CVE-2019-9337

CVE-2019-9337 affects Android 10 via the libavc component, causing information disclosure from uninitialized data. Impact: remote information disclosure without additional execution privileges, with user interaction required for exploitation. Root cause: uninitialized data in libavc. Affected pro...

CVE-2015-9337

The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deactivating addons via AJAX...

CVE-2015-9337

The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deactivating addons via AJAX...

CVE-2015-9337

The CVE concerns the WordPress plugin Profile Builder. Before version 2.1.4, it has no access control for activating or deactivating addons via AJAX, enabling unauthorized addon management and potentially partial integrity impact. Affected software: WordPress Profile Builder plugin (pre-2.1.4). R...

CVE-2018-9337

The PAN-OS web interface administration page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.17 and earlier, PAN-OS 8.0.10 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML...

CVE-2018-9337

The PAN-OS web interface administration page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.17 and earlier, PAN-OS 8.0.10 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML...

CVE-2018-9337

The PAN-OS web interface administration page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.17 and earlier, PAN-OS 8.0.10 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML...

CVE-2018-9337

CVE-2018-9337 is an XSS vulnerability in the PAN-OS Web interface administration page. Affected PAN-OS: 6.1.20 and earlier; 7.1.17 and earlier; 8.0.10 and earlier; 8.1.1 and earlier. The issue allows an attacker to inject arbitrary JavaScript or HTML via the web interface. Exploitation requires p...

CVE-2017-9337

The CVE-2017-9337 vulnerability affects the WordPress plugin “Markdown on Save Improved” version 2.5, with a stored cross-site scripting (XSS) flaw in post content. Public data notes: exploitation details are not provided in the included documents; the CVE entry lists XSS in content as the impact...

CVE-2016-9337

Affected product/component: Tesla Motors Model S Gateway ECU (firmware prior to 7.1 (2.36.31) with web browser enabled). Vulnerability type/root cause: Command Injection in the Gateway ECU allowing an attacker to install malicious software and send messages to the vehicle CAN bus via a compromise...

CVE-2014-9337

The CVE-2014-9337 entry covers CSRF vulnerabilities in the WordPress plugin Mikiurl Wordpress Eklentisi (version 2.0 and earlier). The flaw enables remote attackers to hijack administrator authentication for requests that trigger XSS via the twitter_kullanici and twitter_sifre parameters in a kay...

CVE-2009-3158

creationtimestamp| type| source ---|---|--- 2009-08-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9337...