CVE-2026-9916

Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-9916

CVE-2026-9916 affects the ANGLE component in Google Chrome prior to 148.0.7778.216. The issue is an out-of-bounds write in ANGLE that could allow a remote attacker who has already compromised the renderer process to attempt a sandbox escape via a crafted HTML page. The vulnerability is documented...

MAL-2025-9916 Malicious code in @zalastax/nolb-_devc (npm)

The package @zalastax/nolb-devc was found to contain malicious code...

CVE-2020-9916

A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A malicious attacker may be able to conceal the...

CVE-2024-9916

creationtimestamp| type| source ---|---|--- 2024-10-13 22:16:19+00:00| seen| https://t.me/cvedetector/7789 2025-02-12 09:28:20+00:00| seen| https://infosec.exchange/users/shadowserver/statuses/113990205373134629 2025-02-12 09:29:27+00:00| seen|...

CVE-2024-9916

A vulnerability, which was classified as critical, has been found in HuangDou UTCMS V9. Affected by this issue is some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipulation of the argument o leads to os command injection. The attack may be launched remotely. The...

CVE-2024-9916 HuangDou UTCMS cli.php os command injection

A vulnerability, which was classified as critical, has been found in HuangDou UTCMS V9. Affected by this issue is some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipulation of the argument o leads to os command injection. The attack may be launched remotely. The...

CVE-2024-9916 HuangDou UTCMS cli.php os command injection

A vulnerability, which was classified as critical, has been found in HuangDou UTCMS V9. Affected by this issue is some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipulation of the argument o leads to os command injection. The attack may be launched remotely. The...

Oracle Linux 9 : pki-core (ELSA-2024-4165)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-4165 advisory. 11.5.0-2.0.1 - Replaced upstream graphical references Orabug: 33952704 11.5.0-2 - RHEL-9916 CVE-2023-4727 pki-core: dogtag ca: token authentication bypass...

CVE-2021-21723

Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of service. This affect...

CVE-2021-21723

Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of service. This affect...

Input validation

Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of service. This affect...

CVE-2021-21723

Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of service. This affect...

CVE-2021-21723

CVE-2021-21723 affects several ZXR10 models (9904, 9908, 9916, 9904-S, 9908-S). The vulnerability stems from improper handling of memory release in certain scenarios, allowing a remote attacker to trigger a memory leak that may lead to device denial of service. Affected versions are all up to V1....

CVE-2020-9916

CVE-2020-9916 is a WebKit Page Loading vulnerability describing a URL Unicode encoding issue that could allow an attacker to conceal the destination of a URL. According to Apple advisories, this was addressed in Safari/WebKit, with fixes implemented in Safari 13.1.2 and related OS updates (iOS 13...

[SECURITY] [DLA 1497-1] qemu security update

Package : qemu Version : 1:2.1+dfsg-12+deb8u7 CVE ID : CVE-2015-8666 CVE-2016-2198 CVE-2016-6833 CVE-2016-6835 CVE-2016-8576 CVE-2016-8667 CVE-2016-8669 CVE-2016-9602 CVE-2016-9603 CVE-2016-9776 CVE-2016-9907 CVE-2016-9911 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 CVE-2016-9921 CVE-2016-9922...

CVE-2017-9916

IrfanView version 4.44 32bit with TOOLS Plugin 4.50 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, related to "Data from Faulting Address controls Branch Selection starting at ntdll77df0000!RtlFreeHandle+0x00000000000001b6."...

CVE-2017-9916

CVE-2017-9916 affects IrfanView 4.44 (32-bit) with TOOLS Plugin 4.50. A crafted file can trigger a denial of service, with potential for arbitrary code execution via Data from Faulting Address controls Branch Selection (noted in ntdll and related modules). Exploitation details indicate multiple v...

CVE-2014-9916

Multiple cross-site scripting XSS vulnerabilities in Bilboplanet 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 tribename or 2 tags parameter in a tribes page request to user/ or the 3 userid or 4 fullname parameter to signup.php...

CVE-2014-9916

CVE-2014-9916 affects Bilboplanet 2.0 with multiple cross-site scripting (XSS) vulnerabilities. The issues allow remote attackers to inject arbitrary web script or HTML via the following parameters: (1) tribe_name or (2) tags in a tribes page request to user/, and (3) user_id or (4) fullname in s...