31 matches found
MINI-9352-GW9G-G455
Bulletin has no description...
CVE-2026-9352
creationtimestamp| type| source ---|---|--- 2026-05-27 03:17:13+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116644369651047677...
MINI-9352-MRF5-MM69
Bulletin has no description...
CVE-2018-9352
In ihevcdallocatedynamicbufs of ihevcdapi.c there is a possible resource exhaustion due to integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation...
WordPress Pronamic Google Maps plugin <= 2.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin Pronamic Google Maps versions = 2.4.1...
CVE-2020-9352
An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...
Linux Distros Unpatched Vulnerability : CVE-2017-9352
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by...
CVE-2018-9352
creationtimestamp| type| source ---|---|--- 2024-11-27 22:39:29+00:00| seen| https://infosec.exchange/users/cve/statuses/113557318483411013...
CVE-2018-9352
CVE-2018-9352 affects the ihevcd_allocate_dynamic_bufs function in ihevcd_api.c. The vulnerability is a resource exhaustion due to an integer overflow, potentially enabling remote denial of service with no code execution required. Exploitation requires user interaction. Connected sources (Red Hat...
CVE-2024-9352
creationtimestamp| type| source ---|---|--- 2024-10-17 09:07:02+00:00| seen| https://t.me/cvedetector/8147 2025-01-29 17:18:34+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3378...
CVE-2024-9352
CVE-2024-9352 (Forminator Forms for WordPress) is a CSRF vulnerability in all versions up to 1.35.1 caused by missing/incorrect nonce validation in the custom form function create_module. This allows unauthenticated attackers to cause a site administrator to draft forms by forging a request (e.g....
CVE-2024-9352 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.35.1 - Cross-Site Request Forgery to Draft Custom Form Creation
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the custom form 'createmodule' function. This makes it...
CVE-2024-9352 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.35.1 - Cross-Site Request Forgery to Draft Custom Form Creation
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the custom form 'createmodule' function. This makes it...
CGA-X6JW-RJ64-9352
Bulletin has no description...
Eclipse Jetty's cookie parsing of quoted values can exfiltrate values from other cookies
Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with " double quote, it will continue to read the cookie string unti...
Unauthorized Access Vulnerability in CLX-9352 at Samsung (China) Investment Co.
Samsung China Investment Co., Ltd. is the headquarters of Samsung Group in China. By the end of 2008, 20 out of more than 30 companies under Samsung have invested in China, including Samsung Electronics, Samsung SDI, Samsung SDS and Samsung Electro-Mechanics. An unauthorized access vulnerability...
CVE-2020-9352
An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...
CVE-2020-9352
An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...
CVE-2020-9352
An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the transaction parameter. NOTE: the documentation states "These tools are, by...
CVE-2020-9352
SmartClient 12.0 is affected by an unauthenticated blind XML External Entity (XXE) in the downloadWSDL feature. An attacker can trigger the vulnerability by sending a POST to /tools/developerConsoleOperations.jsp with a valid payload in the _transaction parameter. The issue is documented across m...