Lucene search
K

23 matches found

Wolfi
Wolfi
added 2026/06/05 7:48 p.m.12 views

CVE-2026-9885 vulnerabilities

Vulnerabilities for packages: chromium...

8.3CVSS5.4AI score0.00228EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/30 2:19 a.m.17 views

SUSE CVE-2026-9885

Insufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00228EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-9885

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer...

8.3CVSS5.5AI score0.00228EPSS
Exploits0References2
NVD
NVD
added 2026/05/28 11:16 p.m.9 views

CVE-2026-9885

Insufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS0.00228EPSS
Exploits0References2
OSV
OSV
added 2026/05/28 11:16 p.m.5 views

DEBIAN-CVE-2026-9885

Insufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00228EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/10/03 1:22 a.m.4 views

WordPress MPWizard plugin <= 1.2.1 - Cross-Site Request Forgery to Arbitrary Post Deletion vulnerability

Cross-Site Request Forgery to Arbitrary Post Deletion vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin MPWizard versions = 1.2.1...

4.3CVSS6.8AI score0.00124EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-9885 Malicious code in @zalastax/nolb-_compai_ (npm)

The package @zalastax/nolb-compai was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:56 p.m.8 views

CVE-2020-9885

An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group could rejoin the group...

5.5CVSS6AI score0.0044EPSS
Exploits0References1
Circl
Circl
added 2024/10/30 4:59 a.m.7 views

CVE-2024-9885

creationtimestamp| type| source ---|---|--- 2024-10-30 04:59:41+00:00| seen| https://t.me/cvedetector/9390...

6.4CVSS4.8AI score0.00346EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/30 2:32 a.m.29 views

CVE-2024-9885 Widget or Sidebar Shortcode <= 0.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Widget or Sidebar Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sidebar' shortcode in all versions up to, and including, 0.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00346EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/30 2:32 a.m.10 views

CVE-2024-9885 Widget or Sidebar Shortcode <= 0.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Widget or Sidebar Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sidebar' shortcode in all versions up to, and including, 0.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00346EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/10/29 12:0 a.m.15 views

WordPress Widget or Sidebar Shortcode Plugin <= 0.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Widget or Sidebar Shortcode Type Plugin Vulnerable versions = 0.6.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9885 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 103d39e3e11c Credits theviper17y...

6.4CVSS6AI score0.00346EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/06/06 12:29 p.m.16 views

CGA-XHFV-9885-2MR8

Bulletin has no description...

6.5CVSS6.9AI score0.01165EPSS
Exploits0
NVD
NVD
added 2020/10/16 5:15 p.m.23 views

CVE-2020-9885

An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group could rejoin the group...

5.5CVSS0.0044EPSS
Exploits0References4
CVE
CVE
added 2020/10/16 4:36 p.m.81 views

CVE-2020-9885

CVE-2020-9885 concerns iMessage tapbacks handling. The issue allowed a removed user from an iMessage group to rejoin the group, and Apple fixed it by adding verification. Affected platforms include iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, and watchOS 6.2.8. Remediation is to...

5.5CVSS6.1AI score0.0044EPSS
Exploits0References4Affected Software5
NVD
NVD
added 2019/07/25 5:15 p.m.17 views

CVE-2019-9885

eClass platform ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenviewleft.php StudentID parameter...

9.8CVSS9.8AI score0.02624EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/25 4:25 p.m.23 views

CVE-2019-9885 eClass platform contains a SQL injection vulnerability

eClass platform ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenviewleft.php StudentID parameter...

9.8CVSS9.8AI score0.02624EPSS
Exploits1References3
CVE
CVE
added 2019/07/25 4:25 p.m.48 views

CVE-2019-9885

CVE-2019-9885 affects eClass platform prior to ip.2.5.10.2.1. The vulnerability is a SQL injection in the /admin/academic/studenview_left.php?StudentID parameter, caused by insufficient input validation in the web application. Exploitation would allow an attacker to execute arbitrary SQL commands...

9.8CVSS9.8AI score0.02624EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2017/07/05 7:0 p.m.60 views

CVE-2017-9885

CVE-2017-9885 affects IrfanView 4.44 (32‑bit) with FPX Plugin 4.46. A crafted .fpx file can trigger memory corruption in FPX_GetScanDevicePropertyGroup, with the vulnerability described as leading to a denial of service or possibly other impact (e.g., arbitrary code execution) per connected sourc...

7.8CVSS8AI score0.01639EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2017/01/06 10:0 p.m.37 views

CVE-2016-9885

The CVE-2016-9885 issue affects Pivotal GemFire for PCF (1.6.x &lt; 1.6.5 and 1.7.x

9.8CVSS9.5AI score0.01539EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder