Linux Distros Unpatched Vulnerability : CVE-2026-9549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stored cross-site scripting in the service discovery active check output in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an administrator...

CVE-2026-9549

Stored cross-site scripting in the service discovery active check output in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an administrator who can configure active or custom checks to inject malicious HTML or JavaScript into check output that executes in the browser of an adm...

CVE-2026-9549 Fix XSS in service discovery active check output

Stored cross-site scripting in the service discovery active check output in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an administrator who can configure active or custom checks to inject malicious HTML or JavaScript into check output that executes in the browser of an adm...

CVE-2025-9549

creationtimestamp| type| source ---|---|--- 2026-01-05 16:05:08+00:00| seen| Telegram/IEZ6cogSdNdT5EWieomNDj8YJiNp4nPJLapvMP3vG-VLxk...

MAL-2025-9549 Malicious code in @teamteanpm2024/similique-soluta-id (npm)

The package @teamteanpm2024/similique-soluta-id was found to contain malicious code...

CVE-2024-9549

creationtimestamp| type| source ---|---|--- 2024-10-06 07:20:47+00:00| seen| https://t.me/cvedetector/7113...

CVE-2024-9549 D-Link DIR-605L formEasySetupWizard formEasySetupWizard2 buffer overflow

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formEasySetupWizard/formEasySetupWizard2 of the file /goform/formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated...

CVE-2024-9549 D-Link DIR-605L formEasySetupWizard formEasySetupWizard2 buffer overflow

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA and classified as critical. This issue affects the function formEasySetupWizard/formEasySetupWizard2 of the file /goform/formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. The attack may be initiated...

CVE-2024-9549

CVE-2024-9549 affects D-Link DIR-605L devices. The vulnerability is in the formEasySetupWizard/formEasySetupWizard2 function (/goform/formEasySetupWizard), where improper validation of the curTime parameter causes a buffer overflow. This could enable remote exploitation with high impact (network ...

USN-5282-1: PDFResurrect vulnerabilities

It was discovered that PDFResurrect was incorrectly handling corrupted PDF files. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service, or arbitrary code execution. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2019-14267 It...

CVE-2015-9549

creationtimestamp| type| source ---|---|--- 2020-08-03 20:55:15+00:00| seen| https://t.me/cibsecurity/13837...

CVE-2015-9549

OcPortal 9.0.20 is affected by a reflected XSS in the OCF_EMOTICON_CELL.tpl FIELD_NAME used to data/emoticons.php. The vulnerability is triggered via user-supplied input reflected in the page; CVSS details cited include CVSS v2 base score 4.3 (MEDIUM) and CVSS v3.1 base score 6.1 (MEDIUM). The co...

Debian: Security Advisory (DLA-2134-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2020-9549

In PDFResurrect 0.12 through 0.19, gettype in pdf.c has an out-of-bounds write via a crafted PDF document...

CVE-2020-9549

In PDFResurrect 0.12 through 0.19, gettype in pdf.c has an out-of-bounds write via a crafted PDF document...

CVE-2020-9549

PDFResurrect vulnerability CVE-2020-9549 affects versions 0.12–0.19; get_type in pdf.c can trigger an out-of-bounds write when parsing crafted PDFs. Public advisories (Mageia MGASA-2020-0133, Ubuntu USN-4642-1, USN-5282-1, OSV MGASA/MGASA) describe potential denial of service or arbitrary code ex...

CVE-2019-9549

CVE-2019-9549 affects PopojiCMS v2.0.1 with a CSRF via po-admin/route.php?mod=user&act=addnew that can enable creation of an unauthorized level-1 account. CVSSv2 base 6.8 (MEDIUM) and CVSSv3 base 8.8 (HIGH) are noted. No remediation details are provided in the connected documents; exploitation st...

CVE-2018-9549

In lppTransposer of lpptran.cpp there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...

CVE-2018-9549

CVE-2018-9549 is a concrete Android vulnerability in the Media Framework (lppTransposer function in lpp_tran.cpp) caused by a missing bounds check that enables a remote code execution via a crafted file. It affects Android versions 7.0 (Nougat) through 9 (Pie). The Android bulletin identifies it ...