CVE-2025-9460

creationtimestamp| type| source ---|---|--- 2025-12-16 13:45:53+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115729547415365209 2025-12-17 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1113/...

CVE-2025-9460

A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2025-9460

CVE-2025-9460 αφορά la lectura fuera de límites al analizar archivos SLDPRT en Autodesk. Documentos conectados señalan que el fallo provoca lectura de datos sensibles, crash o ejecución de código en el contexto del proceso actual mediante el análisis de SLDPRT en productos Autodesk. El vector de ...

CVE-2024-9460

A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2024-9460

creationtimestamp| type| source ---|---|--- 2024-10-03 18:17:17+00:00| seen| https://t.me/cvedetector/6898...

CVE-2024-9460

A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2024-9460 Codezips Online Shopping Portal index.php sql injection

A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclos...

Oracle Linux 8 : kvm_utils (ELSA-2022-9460)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9460 advisory. - A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9460)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9460 advisory. - Bluetooth: defer cleanup of resources in hciunregisterdev Tetsuo Handa Orabug: 33369947 CVE-2021-3573 - Bluetooth: fix the erroneous flushwork order...

CVE-2020-9460

CVE-2020-9460 / CVE-2020-9461 pertain to Octech Oempro 4.7–4.11. The vulnerability is an authenticated XSS in Octech Oempro’s web interface: specifically, the Campaign.Create command’s CampaignName parameter (CVE-2020-9460) and, in the stored variant, the Media.CreateFolder command’s FolderName p...

CVE-2015-9460

creationtimestamp| type| source ---|---|--- 2019-10-10 20:31:43+00:00| seen| https://t.me/cibsecurity/7356...

CVE-2015-9460

The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter...

CVE-2015-9460

The CVE refers to CVE-2015-9460 in the WordPress Pinpoint/booking-system plugin. A SQL injection exists in the booking-system plugin before 2.1 via DOPBSPBackEndTranslation::display and the language parameter. Several connected records confirm the vulnerability, its association with the WordPress...

CVE-2019-9460

CVE-2019-9460 entry is rejected/not used and does not represent an active vulnerability entry.

CVE-2019-9460

...

Code injection

The wp-vipergb plugin before 1.3.16 for WordPress has XSS via addqueryarg and removequeryarg, a different issue than CVE-2014-9460...

CVE-2016-9460

Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a content-spoofing attack in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use this to display an...

CVE-2016-9460

Summary: Nextcloud Server < 9.0.52 and ownCloud Server

CVE-2014-9460

CVE-2014-9460 affects the WordPress WP-ViperGB plugin prior to 1.3.11. Multiple CSRF flaws allow remote attackers to hijack administrator authentication by submitting requests that (1) change plugin settings via unspecified vectors or (2)-(3) trigger XSS via vgb_page or vgb_items_per_pg on wp-adm...