CVE-2018-9424

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-9424

creationtimestamp| type| source ---|---|--- 2025-08-26 02:38:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxbidjw6p72o...

CVE-2025-9424

CVE-2025-9424 concerns Ruijie WS7204-A (version 2017.06.15). The vulnerability affects the function/file path "/itbox_pi/branch_import.php?a=branch_list" where manipulating the parameter province can lead to an OS command injection . The impact is described as remote code execution, with the expl...

MAL-2025-9424 Malicious code in @taktikangea/exercitationem-odit-dolorum (npm)

The package @taktikangea/exercitationem-odit-dolorum was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2016-9424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attacke...

CVE-2018-9424

CVE-2018-9424 concerns an out-of-bounds write in CryptoPlugin::decrypt (CryptoPlugin.cpp) that could allow local escalation of privilege with no user interaction. Exploitation details are not provided in the documents; the Android Security Bulletin catalogs this CVE under Media framework issues w...

Oracle Linux 9 : tpm2-tools (ELSA-2024-9424)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-9424 advisory. - tpm2checkquote: Fix check of magic number. CVE-2024-29038 - tpm2checkquote: Add comparison of pcr selection. CVE-2024-29039 Tenable has extracted the...

SUSE CVE-2016-9424

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service heap buffer overflow crash and possibly execute arbitrary code via a crafted HTML page...

Mageia: Security Advisory (MGASA-2018-0024)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-36221

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service schemainit.c serialNumberAndIssuerCheck...

CVE-2019-9424

CVE-2019-9424 affects Android 10: a vulnerability in the Screen Lock where the setting to hide the unlock pattern can be ignored under certain conditions, causing information disclosure. The vulnerability is listed in Android 10 security release notes and has NVD scores of 4.3 (CVSS2) and 7.5 (CV...

CVE-2015-9424

creationtimestamp| type| source ---|---|--- 2019-09-26 09:01:36+00:00| seen| https://t.me/cibsecurity/7021...

CVE-2015-9424

CVE-2015-9424 affects the WordPress Multicons plugin prior to 3.0. The vulnerability is CSRF that can yield XSS via the wp-admin/options-general.php?page=multicons%2Fmulticons.php global_url or admin_url parameter. Documented impacts include XSS with no availability impact, with a CVSS 3.1 base s...

khaliques.co.za Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-953296 Security Researcher AkshatsASDAcademyKota Helped patch 11 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting khaliques.co.za website and its users...

CVE-2017-9424

IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers to execute arbitrary code, related to use of TypeNameHandling in JSON deserialization...

CVE-2017-9424

IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers to execute arbitrary code, related to use of TypeNameHandling in JSON deserialization...

CVE-2017-9424

IdeaBlade Breeze Breeze.Server.NET prior to v1.6.5 is affected. The vulnerability arises from JSON deserialization using TypeNameHandling, enabling remote code execution. Impact is remote code execution with partial/high integrity and availability impacts. A fix is not provided in the description...

Fedora 25 : w3m (2017-2e6b693937)

Security fix for CVE-2016-9422, CVE-2016-9423, CVE-2016-9424, CVE-2016-9425, CVE-2016-9428, CVE-2016-9426, CVE-2016-9429, CVE-2016-9430, CVE-2016-9431, CVE-2016-9432, CVE-2016-9433, CVE-2016-9434, CVE-2016-9435, CVE-2016-9436, CVE-2016-9437, CVE-2016-9438, CVE-2016-9439, CVE-2016-9440,...

CVE-2016-9424

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service heap buffer overflow crash and possibly execute arbitrary code via a crafted HTML page...

CVE-2016-9424

CVE-2016-9424 affects the Tatsuya Kinoshita w3m fork prior to 0.5.3-31. The issue is that w3m does not properly validate the value of a tag attribute, enabling a remote attacker to trigger a denial of service (heap buffer overflow) and potentially execute arbitrary code via a crafted HTML page. C...