Exploit for CVE-2025-9485

CVE-2025...

CVE-2026-9485 SourceCodester Student Grades Management System students.php cross site scripting

A vulnerability was identified in SourceCodester Student Grades Management System 1.0. Affected by this issue is some unknown functionality of the file students.php. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack is possible. The exploit ...

CVE-2018-9485

In l2cbleprocesssigcmd of l2cble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2019-9485 vulnerabilities

Vulnerabilities for packages: gitlab-operator-fips...

CVE-2025-9485

creationtimestamp| type| source ---|---|--- 2025-10-04 03:03:02+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m2dlugcc5e2m 2026-05-30 19:00:10+00:00| seen| Telegram/11w8RI0cRJ2Y5Y75akm2L08lgCZSwunoJ6IZ7hlmRoONww 2026-05-30 21:00:04+00:00| seen|...

CVE-2025-9485

CVE-2025-9485 is an authentication-bypass flaw in the WordPress plugin “OAuth Single Sign On – SSO (OAuth Client)” up to v6.26.12. The root cause is improper verification of cryptographic signatures due to unsafe JWT handling in get_resource_owner_from_id_token, enabling unauthenticated attackers...

WordPress OAuth Single Sign On – SSO (OAuth Client) plugin <= 6.26.12 - Authentication Bypass via get_resource_owner_from_id_token() vulnerability

Authentication Bypass via getresourceownerfromidtoken vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin OAuth Single Sign On – SSO OAuth Client versions = 6.26.12...

MAL-2025-9485 Malicious code in @taktikangea/tempore-nisi (npm)

The package @taktikangea/tempore-nisi was found to contain malicious code...

CVE-2020-9485

An issue was found in Apache Airflow versions 1.10.10 and below. A stored XSS vulnerability was discovered in the Chart pages of the the "classic" UI...

CVE-2015-9485

The ThemeMakers Accio Responsive Parallax One Page Site Template component through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information such as userlogin, userpass, and useremail values via a direct request for the wp-content/uploads/tmmdbmigrate/wpusers.dat URI...

CVE-2018-9485

In l2cbleprocesssigcmd of l2cble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9485

creationtimestamp| type| source ---|---|--- 2024-11-20 17:51:40+00:00| seen| https://infosec.exchange/users/cve/statuses/113516550517391650 2024-11-20 19:36:16+00:00| seen| https://t.me/cvedetector/11641...

CVE-2018-9485

In l2cbleprocesssigcmd of l2cble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9485

CVE-2018-9485 affects the Android Bluetooth stack: in l2cble_process_sig_cmd of l2c_ble.cc there is an out-of-bounds read caused by a missing bounds check. This could lead to remote information disclosure over Bluetooth with no user interaction or extra privileges required. Attack vector is adjac...

Oracle Linux 7 : microcode_ctl (ELSA-2022-9485)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-9485 advisory. 2:2.1-73.13.0.3 - update 06-55-04 to 0x2006d05 - update 06-55-07 to 0x5003302 - update 06-6a-04 to 0xb000280 - update 06-6a-06 to 0xd000375...

CVE-2020-9485

An issue was found in Apache Airflow versions 1.10.10 and below. A stored XSS vulnerability was discovered in the Chart pages of the the "classic" UI...

CVE-2020-9485

An issue was found in Apache Airflow versions 1.10.10 and below. A stored XSS vulnerability was discovered in the Chart pages of the the "classic" UI...

CVE-2020-9485

CVE-2020-9485 is a stored XSS issue affecting Apache Airflow 1.10.10 and earlier, specifically in the Chart pages of the classic UI. The vulnerability is the result of unvalidated input being reflected in the UI, enabling an attacker to inject script via the affected chart rendering. The provided...

CVE-2015-9485

The CVE-2015-9485 entry concerns ThemeMakers Accio Responsive Parallax One Page Site Template for WordPress (pre-2015-05-15). Affected component/processes allow remote attackers to retrieve sensitive credentials by directly requesting wp-content/uploads/tmm_db_migrate/wp_users.dat, leading to exp...

CVE-2019-9485

CVE-2019-9485 affects GitLab Community and Enterprise Edition prior to specific fixed versions: before 11.6.10, before 11.7.6 (11.7.x), and before 11.8.1 (11.8.x). Root cause: insecure permissions. Impact is described as high (CVSS v3.0: 9.8; Confidentiality, Integrity, Availability all High). Re...