CVE-2026-9350

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function checkallcommandguards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly...

CVE-2026-9350

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function checkallcommandguards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly...

CVE-2026-9350

CVE-2026-9350 affects NousResearch hermes-agent (up to version 2026.4.16), specifically the Batch Runner component’s file tools/approval.py, function check_all_command_guards. The description attributes a flaw that allows remote exploitation due to missing authorization in this function. Public e...

CVE-2026-9350 NousResearch hermes-agent Batch Runner approval.py check_all_command_guards authorization

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function checkallcommandguards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly...

MiracleLinux 9 : python3.11-3.11.9-7.el9.1 (AXSA:2024-9350:29)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9350:29 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block...

CVE-2018-9350

In ih264dassignpicnum of ih264dutils.c there is a possible out of bound read due to missing bounds check. This could lead to a denial of service with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2020-9350

Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly...

CVE-2019-9350

In Keymaster, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129562815...

Linux Distros Unpatched Vulnerability : CVE-2017-9350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in...

CVE-2018-9350

In ih264dassignpicnum of ih264dutils.c there is a possible out of bound read due to missing bounds check. This could lead to a denial of service with no additional execution privileges needed. User interaction is needed for exploitation...

CVE-2024-9350 DPD Baltic Shipping <= 1.2.83 - Reflected Cross-Site Scripting

The DPD Baltic Shipping plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchvalue' parameter in all versions up to, and including, 1.2.83 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

WordPress DPD Baltic Shipping Plugin <= 1.2.83 is vulnerable to Cross Site Scripting (XSS)

Software DPD Baltic Shipping Type Plugin Vulnerable versions = 1.2.83 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9350 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6c5aa369cd88 Credits vgo0 Required...

CVE-2020-9350

Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly...

CVE-2020-9350

CVE-2020-9350 affects SAS Visual Analytics 8.5, where the Graph Builder’s graph template can be directly accessed and exploited to trigger cross-site scripting (XSS) in the user's browser. The vulnerability is associated with the graph generator/templating mechanism, enabling attacker-supplied co...

CVE-2020-9350

Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly...

CVE-2019-9350

In Keymaster, there is a possible EoP due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-129562815...

CVE-2019-9350

CVE-2019-9350 corresponds to an Elevation of Privilege in Android 10 Keymaster, caused by a use-after-free in a component handling crypto operations. This vulnerability could allow a local attacker to escalate privileges without additional execution privileges or user interaction, as described ac...

CVE-2015-9350

The feed-them-social plugin before 1.7.0 for WordPress has reflected XSS in the Facebook Feeds load more button...

CVE-2015-9350

The CVE-2015-9350 entry concerns the WordPress plugin Feed Them Social before version 1.7.0, where the Facebook Feeds load more button is vulnerable to reflected cross-site scripting (XSS). The vulnerability allows injected client-side script to be executed in the context of the affected page. Pu...

Security fix for the ALT Linux 9 package wireshark version 2.2.8-alt1

July 21, 2017 Anton Farygin 2.2.8-alt1 - new version: wnpa-sec-2017-13 WBMXL dissector infinite loop CVE-2017-7702, CVE-2017-11410 wnpa-sec-2017-28 openSAFETY dissector memory exhaustion CVE-2017-9350, CVE-2017-11411 wnpa-sec-2017-34 AMQP dissector crash CVE-2017-11408 wnpa-sec-2017-35 MQ dissect...