25 matches found
CVE-2026-9875 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-9875
An out of bounds read flaw was found in the WebGL component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=507508103...
Linux Distros Unpatched Vulnerability : CVE-2026-9875
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted...
CVE-2026-9875
Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
WordPress TicketSpot plugin <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Gilang - DJ in WordPress Plugin TicketSpot versions = 1.0.2...
CVE-2025-9875
CVE-2025-9875 affects the WordPress plugin Event Tickets, RSVPs, Calendar (TicketSpot shortcode). The vulnerability is a Stored Cross‑Site Scripting (XSS) flaw caused by insufficient input sanitization and output escaping on user‑supplied attributes, present in all versions up to and including 1....
MAL-2025-9875 Malicious code in @zalastax/nolb-_chj (npm)
The package @zalastax/nolb-chj was found to contain malicious code...
CVE-2020-9875
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead t...
CVE-2019-9875
Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter...
CVE-2019-9875
creationtimestamp| type| source ---|---|--- 2025-03-26 18:45:15+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3llcgyim6af2v 2025-03-26 19:05:08+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3llci42bxm52u 2025-03-26 21:39:21+00:00| seen|...
CVE-2024-9875
creationtimestamp| type| source ---|---|--- 2024-11-20 22:30:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113517645539252046...
SUSE CVE-2007-1804
PulseAudio 0.9.5 allows remote attackers to cause a denial of service daemon crash via 1 a PAPSTREAMDESCRIPTORLENGTH value of FRAMESIZEMAXALLOW sent on TCP port 9875, which triggers a p-export assertion failure in doread; 2 a PAPSTREAMDESCRIPTORLENGTH value of 0 sent on TCP port 9875, which...
CVE-2020-9875
CVE-2020-9875 concerns an integer overflow that was addressed by improving input validation. The published details indicate the issue affects Apple’s ImageIO (and related image-processing paths) across macOS/iOS/watchOS/tvOS platforms and associated Windows/iCloud components. The vulnerability co...
CVE-2019-9875
Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter...
CVE-2019-9875
Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter...
CVE-2019-9875
CVE-2019-9875 affects Sitecore CMS/XP, specifically the anti CSRF module. The vulnerability allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter to the Sitecore anti CSRF handler, through versions up to 9.1. The root cause is des...
CVE-2019-9875
Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...
CVE-2017-9875
IrfanView version 4.44 32bit with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "User Mode Write AV starting at FPX!DEDecode+0x0000000000000cdb."...
CVE-2017-9875
CVE-2017-9875 affects IrfanView 4.44 (32‑bit) with FPX Plugin 4.46. The FPX decoding path allows buffer/heap overflows via specially crafted FPX files, enabling arbitrary code execution or DoS. Related advisories (CNVD-2017-15681; Kaspersky KLA11064) describe FPX plugin‑related overflows and conf...
CVE-2016-9875
...