Lucene search
K

55 matches found

RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.14 views

CVE-2026-9374

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The...

6.5CVSS6.3AI score0.00195EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/24 10:30 a.m.11 views

CVE-2026-9374 yangzongzhuan RuoYi-Vue Common Upload Endpoint upload FileUploadUtils.upload unrestricted upload

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The...

6.5CVSS6.3AI score0.00195EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:12 p.m.12 views

CVE-2018-9374

In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.1AI score0.00084EPSS
Exploits0References1
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-9374 Malicious code in @supernpm2024/nam-mollitia-assumenda-in (npm)

The package @supernpm2024/nam-mollitia-assumenda-in was found to contain malicious code...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2016-9374

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This...

5.9CVSS6.7AI score0.01595EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-9374

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory leak in QEMU aka Quick Emulator, when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service memory...

5.5CVSS6.5AI score0.00431EPSS
Exploits0References2
NVD
NVD
added 2024/11/28 12:15 a.m.14 views

CVE-2018-9374

In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00084EPSS
Exploits0References1
OSV
OSV
added 2024/11/28 12:15 a.m.5 views

CVE-2018-9374

In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00084EPSS
Exploits0References1
CVE
CVE
added 2024/11/27 11:42 p.m.65 views

CVE-2018-9374

CVE-2018-9374 affects Android’s PackageManagerService.java, specifically installPackageLI, enabling a possible permissions bypass that could lead to local elevation of privilege. Exploitation would require local user privileges with no user interaction, per the CVE description. The issue is liste...

7.8CVSS9AI score0.00084EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2024/10/24 8:27 a.m.5 views

CVE-2024-9374

creationtimestamp| type| source ---|---|--- 2024-10-24 08:27:20+00:00| seen| https://t.me/cvedetector/8774...

6.1CVSS5.7AI score0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/24 4:32 a.m.8 views

CVE-2024-9374 Terms descriptions <= 3.4.6 - Reflected Cross-Site Scripting

The Terms descriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.4.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS6.4AI score0.00309EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/24 4:32 a.m.20 views

CVE-2024-9374 Terms descriptions <= 3.4.6 - Reflected Cross-Site Scripting

The Terms descriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.4.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS0.00309EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/23 12:0 a.m.11 views

WordPress Terms descriptions Plugin <= 3.4.6 is vulnerable to Cross Site Scripting (XSS)

Software Terms descriptions Type Plugin Vulnerable versions = 3.4.6 Fixed in 3.4.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9374 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8fca607d99fe Credits vgo0 Required...

6.1CVSS5.9AI score0.00309EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/07/04 10:10 p.m.18 views

CGA-7FV5-FQ67-9374

Bulletin has no description...

4.9CVSS5.8AI score0.02439EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:56 a.m.3 views

SUSE CVE-2016-9374

In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable...

5.9CVSS7.7AI score0.01595EPSS
Exploits0References6
Circl
Circl
added 2022/12/11 6:43 p.m.12 views

CVE-2020-9374

creationtimestamp| type| source ---|---|--- 2022-12-11 18:43:05+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/727...

9.8CVSS7.8AI score0.42047EPSS
Exploits4References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2015-0010)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.09525EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2017:2946-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS7.7AI score0.04544EPSS
Exploits1References38
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2017:1795-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.04544EPSS
Exploits0References21
Check Point Advisories
Check Point Advisories
added 2020/12/27 12:0 a.m.31 views

TP-Link TL-WR849N Routers Remote Code Execution (CVE-2020-9374)

A command execution vulnerability exists in Tplink tlwr849n firmware 0.9.1 4.16. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS7.5AI score0.42047EPSS
Exploits4
Rows per page
Query Builder