CVE-2026-9455 Totolink A8000RU Web Management cstecgi.cgi UploadOpenVpnCert os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the...

CVE-2026-9455 Totolink A8000RU Web Management cstecgi.cgi UploadOpenVpnCert os command injection

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument FileName leads to os command injection. Remote exploitation of the...

CVE-2025-9455

creationtimestamp| type| source ---|---|--- 2025-12-16 13:47:06+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115729552193462662 2025-12-17 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1117/...

MAL-2025-9455 Malicious code in @taktikangea/odio-quas-beatae-dolor (npm)

The package @taktikangea/odio-quas-beatae-dolor was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2019-9455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Android kernel in the video driver there is a kernel pointer leak due to a WARNON statement. This could lead to local information disclosure with System...

CVE-2024-9455

The WP Cleanup and Basic Functions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level...

CVE-2020-9455

The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users with minimal privileges to send arbitrary emails on behalf of the site via classrmuserservices.php sendemailuserview...

WordPress WP Cleanup and Basic Functions Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Cleanup and Basic Functions Type Plugin Vulnerable versions = 2.2.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9455 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 039af66fda0d Credits Francesco...

CVE-2024-9455

creationtimestamp| type| source ---|---|--- 2024-10-05 04:34:54+00:00| seen| https://t.me/cvedetector/7040...

CVE-2024-9455

CVE-2024-9455 : WP Cleanup and Basic Functions (WordPress plugin)

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1605-1)

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:1599-1)

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1602-1)

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called...

SUSE-SU-2020:1255-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-11494: An issue was discovered in slcbump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized canframe data, potentially containin...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1186)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-9455

The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users with minimal privileges to send arbitrary emails on behalf of the site via classrmuserservices.php sendemailuserview...

CVE-2020-9455

CVE-2020-9455 relates to the WordPress plugin RegistrationMagic (versions up to 4.6.0.3). It allows remote authenticated users with minimal privileges to send arbitrary emails on behalf of the site via the function/class rm_user_services.php send_email_user_view. The vulnerability’s impact is des...

CVE-2015-9455

The CVE-2015-9455 issue affects the WordPress plugin buddypress-activity-plus (before 1.6.2). The vulnerability is a CSRF leading to directory traversal via the wp-admin/admin-ajax.php parameter bpfb_photos[] in the action bpfb_remove_temp_images . This can enable an attacker to traverse director...

UBUNTU-CVE-2019-9455

In the Android kernel in the video driver there is a kernel pointer leak due to a WARNON statement. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2019-9455

CVE-2019-9455: In the Android kernel video driver, there is a kernel pointer leak caused by a WARN_ON statement, leading to local information disclosure with System execution privileges needed. Local exploitation is possible without user interaction. The connected Nessus advisories corroborate th...