23 matches found
CVE-2026-9885 vulnerabilities
Vulnerabilities for packages: chromium...
SUSE CVE-2026-9885
Insufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
Linux Distros Unpatched Vulnerability : CVE-2026-9885
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer...
CVE-2026-9885
Insufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
DEBIAN-CVE-2026-9885
Insufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
WordPress MPWizard plugin <= 1.2.1 - Cross-Site Request Forgery to Arbitrary Post Deletion vulnerability
Cross-Site Request Forgery to Arbitrary Post Deletion vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin MPWizard versions = 1.2.1...
MAL-2025-9885 Malicious code in @zalastax/nolb-_compai_ (npm)
The package @zalastax/nolb-compai was found to contain malicious code...
CVE-2020-9885
An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group could rejoin the group...
CVE-2024-9885
creationtimestamp| type| source ---|---|--- 2024-10-30 04:59:41+00:00| seen| https://t.me/cvedetector/9390...
CVE-2024-9885 Widget or Sidebar Shortcode <= 0.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Widget or Sidebar Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sidebar' shortcode in all versions up to, and including, 0.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-9885 Widget or Sidebar Shortcode <= 0.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Widget or Sidebar Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sidebar' shortcode in all versions up to, and including, 0.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Widget or Sidebar Shortcode Plugin <= 0.6.1 is vulnerable to Cross Site Scripting (XSS)
Software Widget or Sidebar Shortcode Type Plugin Vulnerable versions = 0.6.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9885 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 103d39e3e11c Credits theviper17y...
CGA-XHFV-9885-2MR8
Bulletin has no description...
CVE-2020-9885
An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group could rejoin the group...
CVE-2020-9885
CVE-2020-9885 concerns iMessage tapbacks handling. The issue allowed a removed user from an iMessage group to rejoin the group, and Apple fixed it by adding verification. Affected platforms include iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, and watchOS 6.2.8. Remediation is to...
CVE-2019-9885
eClass platform ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenviewleft.php StudentID parameter...
CVE-2019-9885 eClass platform contains a SQL injection vulnerability
eClass platform ip.2.5.10.2.1 allows an attacker to execute SQL command via /admin/academic/studenviewleft.php StudentID parameter...
CVE-2019-9885
CVE-2019-9885 affects eClass platform prior to ip.2.5.10.2.1. The vulnerability is a SQL injection in the /admin/academic/studenview_left.php?StudentID parameter, caused by insufficient input validation in the web application. Exploitation would allow an attacker to execute arbitrary SQL commands...
CVE-2017-9885
CVE-2017-9885 affects IrfanView 4.44 (32‑bit) with FPX Plugin 4.46. A crafted .fpx file can trigger memory corruption in FPX_GetScanDevicePropertyGroup, with the vulnerability described as leading to a denial of service or possibly other impact (e.g., arbitrary code execution) per connected sourc...
CVE-2016-9885
The CVE-2016-9885 issue affects Pivotal GemFire for PCF (1.6.x < 1.6.5 and 1.7.x