31 matches found
CVE-2026-9501
A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has...
CVE-2025_9501-POC
C...
CVE-2025-9501
The W3 Total Cache WordPress plugin before 2.8.13 is vulnerable to command injection via the parsedynamicmfunc function, allowing unauthenticated users to execute PHP commands by submitting a comment with a malicious payload to a post...
CVE-2020-9501
Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. Cloud Key is used to authenticate the connection between the client tool and the platform. An attacker may use the leaked Cloud Key to impersonate the client to connect to the platform, resulting in...
Linux Distros Unpatched Vulnerability : CVE-2017-9501
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function LockSemaphoreInfo, which allows attackers to cause a denial of service via a crafted...
CVE-2019-9501
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlcwpasupeapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote,...
CVE-2024-9501
The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.0.7. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated...
WordPress Wp Social Plugin <= 3.0.7 is vulnerable to Broken Authentication
Software Wp Social Type Plugin Vulnerable versions = 3.0.7 Fixed in 3.0.8 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2024-9501 Patch priority High CVSS severity High 9.8 Developer Wpmet PSID 239b8bacd5e7 Credits wesley wcraft Required privilege...
CVE-2024-9501
creationtimestamp| type| source ---|---|--- 2024-10-26 15:39:15+00:00| seen| https://t.me/cvedetector/9034...
CVE-2024-9501 Wp Social Login and Register Social Counter <= 3.0.7 - Authentication Bypass via WordPress.com OAuth provider
The Wp Social Login and Register Social Counter plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.0.7. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated...
Exploit for CVE-2024-41628
CVE-2024-41628 Simple exploit script developed by Redshift Cy...
SUSE: Security Advisory (SUSE-SU-2017:2199-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-9501
Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. Cloud Key is used to authenticate the connection between the client tool and the platform. An attacker may use the leaked Cloud Key to impersonate the client to connect to the platform, resulting in...
CVE-2020-9501
Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. Cloud Key is used to authenticate the connection between the client tool and the platform. An attacker may use the leaked Cloud Key to impersonate the client to connect to the platform, resulting in...
CVE-2020-9501
Summary: CVE-2020-9501 concerns a vulnerability in the Dahua Web P2P control where attackers can obtain the Cloud Key, which authenticates the client–platform connection. A leaked Cloud Key could allow an attacker to impersonate the client and cause increased consumption of platform server resour...
CVE-2019-9501 Broadcom wl driver is vulnerable to heap buffer overflow
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlcwpasupeapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote,...
CVE-2019-9501
CVE-2019-9501 affects Broadcom wl WiFi driver via a heap buffer overflow triggered by a vendor information element with data length >32 bytes, causing a heap overflow in wlc_wpa_sup_eapol. In the worst case, a remote, unauthenticated attacker could execute arbitrary code on a vulnerable system...
Security Advisory - Two Heap Buffer Overflow Vulnerabilities in Broadcom WiFi Chipset Drivers
There are two heap buffer overflow vulnerabilities in Broadcom WiFi chipset drivers. A remote, unauthenticated attacker may send specially-crafted WiFi packets to exploit these vulnerabilities. Successfully exploit may cause Wi-Fi functions abnormal. Vulnerability ID: HWPSIRT-2019-04121 and...
CVE-2015-9501
creationtimestamp| type| source ---|---|--- 2019-10-23 02:47:10+00:00| seen| https://t.me/cibsecurity/7578...
CVE-2015-9501
CVE-2015-9501 affects the WordPress Artificial Intelligence theme up to version 1.2.3 (before 1.2.4). The root cause is Genericons HTML files being placed under the web root, enabling cross-site scripting (XSS). The vulnerability is a DOM/XSS class issue in the theme that can allow an attacker to...