Linux Distros Unpatched Vulnerability : CVE-2017-9839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 via product/stats/card.php type parameter. CVE-2017-9839 Note that Nessus relies on the...

CVE-2020-9839

A race condition was addressed with improved state handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5. An application may be able to gain elevated privileges...

CVE-2018-9839

An issue was discovered in MantisBT through 1.3.14, and 2.0.0. Using a crafted request on bugreportpage.php modifying the 'mid' parameter, any user with REPORTER access or above is able to view any private issue's details summary, description, steps to reproduce, additional information when cloni...

Linux Distros Unpatched Vulnerability : CVE-2014-9839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service out-of-bounds access. CVE-2014-9839 Note that Nessus relie...

CVE-2024-9839

creationtimestamp| type| source ---|---|--- 2024-11-16 04:10:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113490671306133613 2024-11-16 06:02:23+00:00| seen| https://t.me/cvedetector/11209...

CVE-2024-9839 Uix Slideshow <= 1.6.5 - Unauthenticated Arbitrary Shortcode Execution

The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-9839

CVE-2024-9839 concerns the WordPress plugin Uix Slideshow . It is vulnerable to unauthenticated arbitrary shortcode execution in all versions up to and including 1.6.5 , caused by executing an action that does not properly validate values before running do_shortcode. Connected sources collapse th...

WordPress Uix Slideshow Plugin <= 1.6.5 is vulnerable to Arbitrary Code Execution

Software Uix Slideshow Type Plugin Vulnerable versions = 1.6.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary Code Execution CVE CVE-2024-9839 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID c288369c6e6c Credits Francesco Carlucci Required privilege...

Debian: Security Advisory (DLA-734-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

macOS cfprefsd Arbitrary File Write / Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'macOS cfprefsd Arbitrary File Write Local Privilege Escalation', 'Description' = %q This module exploits an arbitrary file write in cfprefsd on...

macOS cfprefsd Arbitrary File Write Local Privilege Escalation

This module exploits an arbitrary file write in cfprefsd on macOS use exploit/osx/local/cfprefsdracecondition msf exploitcfprefsdracecondition show targets ...targets... msf exploitcfprefsdracecondition set TARGET msf exploitcfprefsdracecondition show options ...show and set options... msf...

CVE-2020-9839

creationtimestamp| type| source ---|---|--- 2020-09-04 21:04:03+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/cfprefsdracecondition.rb 2020-09-08 11:12:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1712 2025-02-06...

CVE-2020-9839

CVE-2020-9839 is a race-condition vulnerability across Apple platforms that was fixed by state-handling improvements. Public details show impact as potential privilege escalation. Fixes were released in iOS/iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, and watchOS 6.2.5, with System Preferenc...

CVE-2018-9839

creationtimestamp| type| source ---|---|--- 2019-06-06 22:28:11+00:00| seen| https://t.me/cibsecurity/4738...

CVE-2018-9839

CVE-2018-9839 affects MantisBT up to versions 1.3.14 and 2.0.0. A crafted request to bug_report_page.php altering the m_id parameter can let a user with REPORTER access or higher view private issue details (summary, description, steps, additional information) when cloning. If the user selects Cop...

CVE-2019-9839

VFront 0.99.5 has Reflected XSS via the admin/menuregistri.php descrizioneg parameter or the admin/syncregtab.php azzera parameter...

VFront 0.99.5 Reflective Cross Site Scripting

Multiple Reflected Cross-site Scripting Vulnerabilities in VFront 0.99.5 Information -------------------- Advisory by Netsparker Name: Multiple Reflected Cross-site Scripting in VFront 0.99.5 Affected Software: VFront Affected Versions: 0.99.5 Homepage: http://www.vfront.org/ Vulnerability:...

CVE-2017-9839

Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 via product/stats/card.php type parameter...

CVE-2017-9839

Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 via product/stats/card.php type parameter...

CVE-2017-9839

Dolibarr ERP/CRM (CVE-2017-9839) is affected by an SQL injection in versions prior to 5.0.4 via the product/stats/card.php?type parameter. The issue originates from unsafely handling the type parameter, enabling potentially unauthenticated or remote attackers to manipulate SQL queries. Impact det...