Lucene search
+L

30 matches found

Vulnrichment
Vulnrichment
added 2026/05/25 10:0 a.m.8 views

CVE-2026-9448 code-projects Employee Management System applyleave.php cross site scripting

A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown function of the file /applyleave.php. Executing a manipulation of the argument ID can lead to cross site scripting. The attack may be performed from remote. The exploit has been publicly...

5.3CVSS4.1AI score0.00336EPSS
Exploits0References5
CVE
CVE
added 2026/05/25 10:0 a.m.20 views

CVE-2026-9448

The CVE-2026-9448 affects code-projects Employee Management System 1.0, specifically the /applyleave.php file. The root cause is manipulation of the ID argument that enables cross site scripting (XSS). Exploitation is possible remotely, and public disclosure of the exploit is noted. No remediatio...

5.3CVSS4.1AI score0.00336EPSS
Exploits0References5
OSV
OSV
added 2026/05/07 4:48 p.m.6 views

MINI-H8HR-9448-P25F

Bulletin has no description...

7.5CVSS5.7AI score0.00248EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/10/04 12:0 a.m.8 views

RockyLinux 9 : emacs (RLSA-2025:9448)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9448 advisory. emacs: arbitrary code execution via Lisp macro expansion CVE-2024-53920 Tenable has extracted the preceding description block directly from the RockyLinux securit...

7.8CVSS8.3AI score0.00526EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:21 a.m.8 views

CVE-2015-9448

The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter...

8.8CVSS8.4AI score0.01927EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:33 a.m.6 views

CVE-2014-9448

Buffer overflow in Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 allows remote attackers to execute arbitrary code or cause a denial of service crash via a long string in a WAX file...

7.5CVSS8.4AI score0.06305EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 2:53 a.m.14 views

CVE-2017-9448

Cross-site scripting XSS vulnerabilities in BigTree CMS through 4.2.18 allow remote authenticated users to inject arbitrary web script or HTML via the description parameter. This issue exists in core\admin\ajax\pages\save-revision.php and core\admin\modules\pages\revisions.php. Low-privileged...

5.4CVSS5.8AI score0.00592EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/10 8:8 p.m.27 views

CVE-2024-9448

On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if th...

7.5CVSS7.1AI score0.00485EPSS
Exploits0References1
NVD
NVD
added 2025/05/08 8:15 p.m.14 views

CVE-2024-9448

On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if th...

7.5CVSS0.00485EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/08 7:14 p.m.26 views

CVE-2024-9448 On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropp

On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if th...

7.5CVSS0.00485EPSS
Exploits0References1
CVE
CVE
added 2025/05/08 7:14 p.m.79 views

CVE-2024-9448

CVE-2024-9448 affects Arista EOS with Traffic Policies configured. The issue causes received untagged packets to bypass Traffic Policy rules, so a rule that would drop a packet may not be enforced, potentially delivering packets to unintended destinations. Affected EOS releases include 4.33.x (4....

7.5CVSS7.4AI score0.00485EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/08 7:14 p.m.16 views

CVE-2024-9448 On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropp

On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if th...

7.5CVSS7AI score0.00485EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.34 views

Mageia: Security Advisory (MGASA-2016-0405)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.04975EPSS
Exploits0References7
Cvelist
Cvelist
added 2019/09/26 3:33 a.m.16 views

CVE-2015-9448

The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter...

9.3AI score0.01927EPSS
Exploits1References3
CVE
CVE
added 2019/09/26 3:33 a.m.160 views

CVE-2015-9448

The CVE-2015-9448 issue affects the WordPress SendPress plugin (versions prior to 1.2). The vulnerability is an SQL Injection in the wp-admin/admin.php?page=sp-queue listid parameter. Impact per sources includes manipulation/exfiltration of data via the web interface, with CVSS scores indicating ...

8.8CVSS9.2AI score0.01927EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2018/11/06 5:0 p.m.45 views

CVE-2018-9448

CVE-2018-9448 affects Android 8.0 and 8.1, with a vulnerability in avct_bcb_msg_ind (avct_bcb_act.cc) caused by a missing bounds check that could enable remote information disclosure without user interaction or additional privileges. The issue is categorized as an information-disclosure risk (no ...

7.8CVSS6.3AI score0.01654EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/06/06 3:0 p.m.48 views

CVE-2017-9448

BigTree CMS

5.4CVSS5.5AI score0.00592EPSS
Exploits0References1Affected Software1
Slackware Linux
Slackware Linux
added 2017/04/08 8:11 p.m.45 views

[slackware-security] libtiff

New libtiff packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libtiff-4.0.7-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more information, see:...

7.5CVSS7.8AI score0.05789EPSS
Exploits5
OSV
OSV
added 2017/01/27 5:59 p.m.38 views

CVE-2016-9448

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service NULL pointer dereference and crash by setting the tags TIFFSETGETC16ASCII or TIFFSETGETC32ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix f...

7.5CVSS6.7AI score
Exploits0References6
CVE
CVE
added 2017/01/27 5:0 p.m.116 views

CVE-2016-9448

CVE-2016-9448 affects LibTIFF, specifically TIFFFetchNormalTag in the 4.0.6 release. The vulnerability allows remote attackers to cause a denial of service via a NULL pointer dereference when the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII are set to values that access 0-byte arrays. This ...

7.5CVSS7.3AI score0.04975EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder