35 matches found
ECHO-9668-9837-C058
Bulletin has no description...
Security Bulletin: CockroachDB PostgreSQL for IBM VPC is vulnerable to SQL injection when executing special statements (CVE-2026-9837)
Summary CockroachDB PostgreSQL for IBM VPC is vulnerable to SQL injection when executing special statements CVE-2026-9837 Vulnerability Details CVEID:CVE-2026-9837 DESCRIPTION: CockroachDB PostgreSQL for IBM VPC is vulnerable to SQL injection when executing special statements. CWE:CWE-89: Imprope...
CGA-X6HP-Q479-9837
Bulletin has no description...
CGA-8G4R-9W9G-9837
Bulletin has no description...
CVE-2025-9837
A vulnerability was determined in itsourcecode Student Information Management System 1.0. This issue affects some unknown processing of the file /admin/modules/student/index.php. This manipulation of the argument studentId causes sql injection. The attack may be initiated remotely. The exploit ha...
CVE-2025-9837 itsourcecode Student Information Management System index.php sql injection
A vulnerability was determined in itsourcecode Student Information Management System 1.0. This issue affects some unknown processing of the file /admin/modules/student/index.php. This manipulation of the argument studentId causes sql injection. The attack may be initiated remotely. The exploit ha...
MAL-2025-9837 Malicious code in @zalastax/nolb-_byq (npm)
The package @zalastax/nolb-byq was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2014-9837
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service crash via a crafted png file. CVE-2014-9837 Note that...
CVE-2024-9837
creationtimestamp| type| source ---|---|--- 2024-10-15 11:05:01+00:00| seen| https://t.me/cvedetector/7890...
CVE-2024-9837 AADMY – Add Auto Date Month Year Into Posts <= 2.0.1 - Unauthenticated Arbitrary Shortcode Execution
The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...
CVE-2024-9837 AADMY – Add Auto Date Month Year Into Posts <= 2.0.1 - Unauthenticated Arbitrary Shortcode Execution
The The AADMY – Add Auto Date Month Year Into Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode...
CVE-2024-9837
CVE-2024-9837 – AADMY WordPress plugin : The plugin “Add Auto Date Month Year Into Posts” is vulnerable in all versions up to 2.0.1 due to improper validation before running do_shortcode, enabling unauthenticated arbitrary shortcode execution. Impact: attackers can run arbitrary shortcodes, poten...
WordPress AADMY Plugin <= 2.0.1 is vulnerable to Content Injection
Software AADMY Type Plugin Vulnerable versions = 2.0.1 Fixed in 2.0.2 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-9837 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e1df1286c7c4 Credits Francesco Carlucci Required privilege...
CVE-2020-9837
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5. A remote attacker may be able to leak memory...
CVE-2020-9837
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5. A remote attacker may be able to leak memory...
CVE-2020-9837
CVE-2020-9837 is an out-of-bounds read vulnerability that could allow a remote attacker to leak memory. The issue is fixed in Apple platforms: iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, and tvOS 13.4.5. The public description across connected sources confirms the root cause as an out-of-bo...
CVE-2019-9837
The CVE-2019-9837 issue affects Doorkeeper::OpenidConnect (OpenID Connect extension for Doorkeeper) versions 1.4.x and 1.5.x prior to 1.5.4. An open redirect can occur via the redirect_uri field in an OAuth authorization request when the request includes the 'openid' scope and prompt=none, potent...
Joomla! 3.0.x < 3.6.5 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JFilterInput::isFileSafe function due to improper validation of file types and extensions of uploaded files before placing them in a user-accessible pat...
Joomla! 3.4.x < 3.6.5 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JFilterInput::isFileSafe function due to improper validation of file types and extensions of uploaded files before placing them in a user-accessible pat...
Joomla! 3.3.x < 3.6.5 Multiple Vulnerabilities
According to its self-reported version number, the detected Joomla! application is affected by multiple vulnerabilities : - A flaw exists in the JFilterInput::isFileSafe function due to improper validation of file types and extensions of uploaded files before placing them in a user-accessible pat...