CVE-2026-9371

A security vulnerability has been detected in ItzCrazyKns Vane up to 1.12.1. Affected by this issue is some unknown functionality of the file route.ts of the component API. The manipulation leads to missing authentication. The attack may be initiated remotely. The attack's complexity is rated as...

CVE-2025-9371

creationtimestamp| type| source ---|---|--- 2025-10-09 12:11:16+00:00| seen| Telegram/5a8h2hPHsWBlklFeAi--bFgkCT3rp3S1MCTixrd9fQn2E...

WordPress Betheme Theme <= 28.1.6 is vulnerable to Cross Site Scripting (XSS)

Software Betheme Type Theme Vulnerable versions = 28.1.6 Fixed in 28.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2025-9371 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 451fc05f11e2 Credits Zbigniew Piotrak Required...

CVE-2017-9371

creationtimestamp| type| source ---|---|--- 2025-08-22 15:12:32+00:00| seen| Telegram/mRC-OsJP0hVxhUnYMD8nOHuESj1QFHkcFlnRScCMqaU09A...

MAL-2025-9371 Malicious code in @supernpm2024/modi-consequuntur-mollitia-nesciunt (npm)

The package @supernpm2024/modi-consequuntur-mollitia-nesciunt was found to contain malicious code...

TencentOS Server 3: libvpx (TSSA-2022:0048)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0048 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2024-9371

The Branda – White Label & Branding, Custom Login Page Customizer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 3.4.19. This makes it possible for unauthenticated...

CVE-2024-9371

creationtimestamp| type| source ---|---|--- 2024-11-21 04:29:30+00:00| seen| https://infosec.exchange/users/cve/statuses/113519058595718266...

CVE-2024-9371 Branda – White Label & Branding, Custom Login Page Customizer <= 3.4.19 - Reflected Cross-Site Scripting

The Branda – White Label & Branding, Custom Login Page Customizer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 3.4.19. This makes it possible for unauthenticated...

WordPress Branda Plugin <= 3.4.21 is vulnerable to Cross Site Scripting (XSS)

Software Branda Type Plugin Vulnerable versions = 3.4.21 Fixed in 3.4.22 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9371 Patch priority Medium CVSS severity Medium 7.1 Developer WPMU DEV PSID c1cede0cef03 Credits vgo0 Required privilege...

CVE-2018-9371

creationtimestamp| type| source ---|---|--- 2024-11-19 21:51:25+00:00| seen| https://t.me/cvedetector/11522...

CVE-2018-9371

CVE-2018-9371 affects the Mediatek Preloader/bootloader. It describes out-of-bounds reads/writes via an exposed interface that permits arbitrary peripheral memory mapping due to insufficient blacklisting/whitelisting. Under the described conditions, this can enable local elevation of privilege wi...

Oracle Linux 9 : python3.9 (ELSA-2024-9371)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9371 advisory. - Security fix for CVE-2024-8088 Resolves: RHEL-55967 - Security fix for CVE-2024-6923 Resolves: RHEL-53045 - Security fix for CVE-2024-4032 Resolves: RHEL-4410...

CVE-2020-9371

creationtimestamp| type| source ---|---|--- 2024-10-17 16:56:47+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/787...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9371)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9371 advisory. 5.4.17-2102.203.6.el8uek - seqfile: disallow extremely large seq buffer allocations Eric Sandeen Orabug: 33135632 CVE-2021-33909 Tenable has extracted the...

SUSE: Security Advisory (SUSE-SU-2020:0143-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libvpx security update

1.7.0-8 - Resolves: rhbz1796086, rhbz1796100, rhbz1796448, rhbz1796454 - Enable webm-io explicitly 1.7.0-7 - Fix for CVE-2019-9232, CVE-2019-9433, CVE-2019-9371, CVE-2019-2126 - Resolves: rhbz1796086, rhbz1796100, rhbz1796448, rhbz1796454 - Remove php-cli BR...

Moderate: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RHEL 8 : libvpx (RHSA-2020:4629)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4629 advisory. The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimed...

Moderate: libvpx security update

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Double free in ParseContentEncodingEntry in mkvparser.cc CVE-2019-2126 libvpx: Out of bounds read in vp8nor...