CVE-2026-9514 Totolink CA750-PoE Setting cstecgi.cgi setNetworkDiag os command injection

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. Impacted is the function setNetworkDiag of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument NetDiagHost/NetDiagPingNum/NetDiagPingSize/NetDiagPingTimeOut/NetDiagTracertHop is...

RHCOS 4 : OpenShift Container Platform 4.1 (RHSA-2019:3265)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3265 advisory. - HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9512 - HTTP/2: flood using HEADERS frames results in...

RHCOS 4 : OpenShift Container Platform 4.2 (RHSA-2019:3245)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3245 advisory. - HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9512 - HTTP/2: flood using HEADERS frames results in...

RHCOS 4 : Red Hat OpenShift Container Platform 4.1 openshift RPM (RHSA-2019:2661)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2661 advisory. - HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9512 - HTTP/2: flood using HEADERS frames results in...

go-toolset:ol8 security and bug fix update

go-toolset 1.11.13-1 - Bump version to 1.11.13 - Related: rhbz1743204 - Related: rhbz1743206 golang 1.11.13-2 - Improve error message when using non-FIPS API in FIPS mode. - Fixes CVE-2019-9512. - Fixes CVE-2019-9514. - Resolves: rhbz1745711 - Resolves: rhbz1745705 1.11.6-3 - Updates to be less...

CVE-2025-9514

A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is said to be...

MAL-2025-9514 Malicious code in @teamteanpm2024/earum-ipsam-aspernatur (npm)

The package @teamteanpm2024/earum-ipsam-aspernatur was found to contain malicious code...

CVE-2015-9514

The Easy Digital Downloads EDD Free Downloads extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...

Linux Distros Unpatched Vulnerability : CVE-2019-9514

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an...

CentOS 7 : containernetworking-plugins (RHSA-2020:0406)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0406 advisory. - Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/...

CVE-2024-9514 D-Link DIR-605L formSetDomainFilter buffer overflow

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been declared as critical. This vulnerability affects the function formSetDomainFilter of the file /goform/formSetDomainFilter. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely...

CVE-2024-9514 D-Link DIR-605L formSetDomainFilter buffer overflow

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been declared as critical. This vulnerability affects the function formSetDomainFilter of the file /goform/formSetDomainFilter. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely...

Synology DSM HTTP/2 Implementations Allocation of Resources Without Limits or Throttling (CVE-2019-9514)

Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RSTSTREAM frames from the peer. Depending on how the peer queues the...

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.7 on RHEL 7 (RHSA-2024:5856)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5856 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

CVE-2019-9514 affecting package python-tensorboard for versions less than 2.16.2-1

CVE-2019-9514 affecting package python-tensorboard for versions less than 2.16.2-1. An upgraded version of the package is available that resolves this issue...

RHEL 7 : skydive (RHSA-2019:2796)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2796 advisory. Skydive is an open source real-time network topology and protocols analyzer. Security Fixes: HTTP/2: flood using PING frames results in...

BeerHolderBot (>=0.1.0 <=0.3.6), GetPDB (>=0.1.0 <=1.0.1) +4589 more potentially affected by CVE-2019-9514 via h2 (>=0.1.26 <=0.3.21)

h2 CARGO version =0.1.26, =0.1.0, =0.1.0, =0.0.2, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.2.0-alpha.0 and more Source cves: CVE-2019-9514 Source advisory: OSV:RUSTSEC-2024-0003...

areq (=0.1.0-alpha), bws-web-server (>=0.1.0 <=0.1.1) +26 more potentially affected by CVE-2019-9514 via h2 (=0.4.14)

h2 CARGO version =0.4.14 is affected by a known vulnerability. The following packages have a transitive dependency on h2 and may be impacted: - areq =0.1.0-alpha - bws-web-server =0.1.0, =0.5.2, =0.1.0, =1.0.0, =1.5.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.6.0 and more Source cves: CVE-2019-9514...

Rocky Linux 8 : container-tools:1.0 (RLSA-2019:4273)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:4273 advisory. - Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2...

Rocky Linux 8 : nodejs:10 (RLSA-2019:2925)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2019:2925 advisory. - In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before 10.15.2, and 11.x before 11.10.1, an attacker can cause a Denial of Service DoS...