CVE-2018-9477

In the development options section of the Settings app, there is a possible authentication bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

MAL-2025-9477 Malicious code in @taktikangea/saepe-ducimus (npm)

The package @taktikangea/saepe-ducimus was found to contain malicious code...

CVE-2020-9477

An issue was discovered on HUMAX HGA12R-02 BRGCAA 1.1.53 devices. A vulnerability in the authentication functionality in the web-based interface could allow an unauthenticated remote attacker to capture packets at the time of authentication and gain access to the cleartext password. An attacker...

CVE-2015-9477

The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates...

CVE-2018-9477

creationtimestamp| type| source ---|---|--- 2024-11-20 17:35:25+00:00| seen| https://infosec.exchange/users/cve/statuses/113516486661985667 2024-11-20 19:36:29+00:00| seen| https://t.me/cvedetector/11649...

CVE-2024-9477

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in AirTies Air4443 Firmware allows Cross-Site Scripting XSS. This issue affects Air4443 Firmware: through 14102024. NOTE: The vendor was contacted and it was learned that the product classified...

CVE-2024-9477

creationtimestamp| type| source ---|---|--- 2024-11-13 14:36:34+00:00| seen| https://infosec.exchange/users/cve/statuses/113476147223889900 2024-11-13 17:13:30+00:00| seen| https://t.me/cvedetector/10821...

CVE-2024-9477 XSS in AirTies' Air4443 Firmware

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in AirTies Air4443 Firmware allows Cross-Site Scripting XSS. This issue affects Air4443 Firmware: through 14102024. NOTE: The vendor was contacted and it was learned that the product classified...

CVE-2024-9477

CVE-2024-9477 describes an XSS in AirTies Air4443 Firmware caused by improper input neutralization during web page generation. Affected product: AirTies Air4443 Firmware (versions through 14102024). Root cause identified as improper input handling in web page generation, enabling cross-site scrip...

CVE-2024-9477 XSS in AirTies' Air4443 Firmware

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in AirTies Air4443 Firmware allows Cross-Site Scripting XSS. This issue affects Air4443 Firmware: through 14102024. NOTE: The vendor was contacted and it was learned that the product classified...

CVE-2020-9477

CVE-2020-9477 concerns HUMAX HGA12R-02 BRGCAA 1.1.53 devices where a flaw in the web-based authentication allows an unauthenticated remote attacker to capture authentication packets and obtain the cleartext password. This enables the attacker to create a new user account or take control of the de...

CVE-2015-9477

creationtimestamp| type| source ---|---|--- 2019-10-10 20:31:20+00:00| seen| https://t.me/cibsecurity/7339...

CVE-2017-9477

The CVE-2017-9477 entry describes a vulnerability in Cisco DPC3939 firmware (CMST builds: dpc3939-P20-18-v303r20421733-160420a-CMCST and dpc3939-P20-18-v303r20421746-170221a-CMCST) where remote attackers can discover the CM MAC address by connecting to the device’s xfinitywifi hotspot. Affected p...

CVE-2016-9477

...

CVE-2016-9477

CVE-2016-9477 is rejected/not used; this CVE ID does not represent an active vulnerability entry.

CVE-2014-9477

Multiple cross-site scripting XSS vulnerabilities in the Listings extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 url parameter...

CVE-2014-9477

The CVE-2014-9477 entry refers to multiple XSS vulnerabilities in the MediaWiki Listings extension, exploitable via the (1) name or (2) url parameters to inject arbitrary web script or HTML. Affected component: Listings extension for MediaWiki; impact: potential remote script execution or HTML in...

SuSE 11.3 Security Update : glibc (SAT Patch Number 9477)

glibc has been updated to fix one security issue that could have resulted in free-after-use situations. More information can be found at http://seclists.org/oss-sec/2014/q2/519 This security issue has been fixed : - posixspawnfileactionsaddopen fails to copy the path argument CVE-2014-4043 Also a...

Solaris loadable kernel module directory traversal

Added: 06/22/2007 CVE: CVE-2004-1767 BID: 9477 OSVDB: 15128 Background Loadable kernel modules are programs which can be dynamically loaded into the kernel. Problem A directory traversal vulnerability in the vfsgetvfssw function in the Solaris kernel allows unprivileged users to load their own...