30 matches found
CVE-2026-9448 code-projects Employee Management System applyleave.php cross site scripting
A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown function of the file /applyleave.php. Executing a manipulation of the argument ID can lead to cross site scripting. The attack may be performed from remote. The exploit has been publicly...
CVE-2026-9448
The CVE-2026-9448 affects code-projects Employee Management System 1.0, specifically the /applyleave.php file. The root cause is manipulation of the ID argument that enables cross site scripting (XSS). Exploitation is possible remotely, and public disclosure of the exploit is noted. No remediatio...
MINI-H8HR-9448-P25F
Bulletin has no description...
RockyLinux 9 : emacs (RLSA-2025:9448)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9448 advisory. emacs: arbitrary code execution via Lisp macro expansion CVE-2024-53920 Tenable has extracted the preceding description block directly from the RockyLinux securit...
CVE-2015-9448
The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter...
CVE-2014-9448
Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 allows remote attackers to execute arbitrary code or cause a denial of service crash via a long string in a WAX file...
CVE-2017-9448
Cross-site scripting XSS vulnerabilities in BigTree CMS through 4.2.18 allow remote authenticated users to inject arbitrary web script or HTML via the description parameter. This issue exists in core\admin\ajax\pages\save-revision.php and core\admin\modules\pages\revisions.php. Low-privileged...
CVE-2024-9448
On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if th...
CVE-2024-9448
On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if th...
CVE-2024-9448 On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropp
On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if th...
CVE-2024-9448
CVE-2024-9448 affects Arista EOS with Traffic Policies configured. The issue causes received untagged packets to bypass Traffic Policy rules, so a rule that would drop a packet may not be enforced, potentially delivering packets to unintended destinations. Affected EOS releases include 4.33.x (4....
CVE-2024-9448 On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropp
On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if th...
Mageia: Security Advisory (MGASA-2016-0405)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-9448
The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter...
CVE-2015-9448
The CVE-2015-9448 issue affects the WordPress SendPress plugin (versions prior to 1.2). The vulnerability is an SQL Injection in the wp-admin/admin.php?page=sp-queue listid parameter. Impact per sources includes manipulation/exfiltration of data via the web interface, with CVSS scores indicating ...
CVE-2018-9448
CVE-2018-9448 affects Android 8.0 and 8.1, with a vulnerability in avct_bcb_msg_ind (avct_bcb_act.cc) caused by a missing bounds check that could enable remote information disclosure without user interaction or additional privileges. The issue is categorized as an information-disclosure risk (no ...
CVE-2017-9448
BigTree CMS
[slackware-security] libtiff
New libtiff packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libtiff-4.0.7-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more information, see:...
CVE-2016-9448
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service NULL pointer dereference and crash by setting the tags TIFFSETGETC16ASCII or TIFFSETGETC32ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix f...
CVE-2016-9448
CVE-2016-9448 affects LibTIFF, specifically TIFFFetchNormalTag in the 4.0.6 release. The vulnerability allows remote attackers to cause a denial of service via a NULL pointer dereference when the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII are set to values that access 0-byte arrays. This ...