Linux Distros Unpatched Vulnerability : CVE-2026-9828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection albei...

MINI-MQXM-9828-9JG8

Bulletin has no description...

CVE-2026-9828

Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection albeit heavily restricted. More precisely, an attacker able to influence serialized data sent to SimpleSocketServer or SimpleSSLSocketServer c...

CVE-2025-9828

creationtimestamp| type| source ---|---|--- 2025-09-02 20:09:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lxuwcph4mp27...

MAL-2025-9828 Malicious code in @zalastax/nolb-_bin (npm)

The package @zalastax/nolb-bin was found to contain malicious code...

CVE-2020-9828

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to leak sensitive user information...

CVE-2017-9828

'/cgi-bin/admin/testserver.cgi' of the web service in most of the VIVOTEK Network Cameras is vulnerable to shell command injection, which allows remote attackers to execute any shell command as root via a crafted HTTP request. This vulnerability is already verified on VIVOTEK Network Camera...

Linux Distros Unpatched Vulnerability : CVE-2014-9828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file. CVE-2014-9828 Note that Nessus relies on the presence of...

CVE-2024-9828

The Taskbuilder WordPress plugin before 3.0.5 does not sanitize user input into the 'loadorders' parameter and uses it in a SQL statement, allowing high privilege users such as admin to perform SQL Injection attacks...

CVE-2024-9828 Taskbuilder < 3.0.5 - Admin+ SQL Injection

The Taskbuilder WordPress plugin before 3.0.5 does not sanitize user input into the 'loadorders' parameter and uses it in a SQL statement, allowing high privilege users such as admin to perform SQL Injection attacks...

CVE-2024-9828 Taskbuilder < 3.0.5 - Admin+ SQL Injection

The Taskbuilder WordPress plugin before 3.0.5 does not sanitize user input into the 'loadorders' parameter and uses it in a SQL statement, allowing high privilege users such as admin to perform SQL Injection attacks...

CVE-2024-9828

CVE-2024-9828 affects the Taskbuilder WordPress plugin before 3.0.5. The root cause is failure to sanitize the load_orders input, which is used in a SQL statement, enabling high-privilege users (e.g., admins) to perform SQL Injection. The vulnerability enables partial impact because only input ha...

WordPress Taskbuilder Plugin < 3.0.5 is vulnerable to SQL Injection

Software Taskbuilder Type Plugin Vulnerable versions 3.0.5 Fixed in 3.0.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9828 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 2a9c798f6792 Credits Ryoma Yamada Required privilege Administrator Published ...

Debian: Security Advisory (DLA-799-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2014-9828

coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9828)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9828 advisory. - netfilter: nftables: do not allow RULEID to refer to another chain Thadeu Lima de Souza Cascardo Orabug: 34495567 CVE-2022-2586 - netfilter:...

CVE-2020-9828

CVE-2020-9828 is an out-of-bounds read in the CoreBluetooth component of macOS (Catalina family). The vulnerability was addressed by Apple via input-validation enhancements, with a fixed release in macOS Catalina 10.15.4 Security Update 2020-002. The Apple entry attributes the issue to Jianjun Da...

CVE-2020-10889

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-10889

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-10889

Foxit PhantomPDF 9.7.0.29478 is affected by CVE-2020-10889. The issue lies in the DuplicatePages command handling within the communication API, caused by improper validation of user-supplied data leading to a type confusion. This allows remote code execution in the context of the current process ...