CVE-2026-9947 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-9947 vulnerabilities

Vulnerabilities for packages: chromium...

Chromium: CVE-2026-9947 Use after free in XML

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Linux Distros Unpatched Vulnerability : CVE-2026-9947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in XML in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

CVE-2026-9947

creationtimestamp| type| source ---|---|--- 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260529 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260529 2026-05-29...

CVE-2019-9947

creationtimestamp| type| source ---|---|--- 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/...

Siemens SIMATIC S7-1500 Improper Neutralization of CRLF Sequences (CVE-2019-9947)

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the path component of a URL that...

WordPress Custom 404 Pro plugin <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter vulnerability

Authenticated Administrator+ SQL Injection via path Parameter vulnerability discovered by jamaal in WordPress Plugin Custom 404 Pro versions = 3.12.0...

ECHO-9EF5-8B3D-9947

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2020-9947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9,...

K000151516: Python urllib vulnerability CVE-2019-9947

Security Advisory Description An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the...

Linux Distros Unpatched Vulnerability : CVE-2019-9947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a ur...

CVE-2024-9947

creationtimestamp| type| source ---|---|--- 2024-10-23 09:51:41+00:00| seen| https://t.me/cvedetector/8675...

CVE-2024-9947 ProfilePress - Pro <= 4.11.1 - Authentication Bypass via WordPress.com OAuth provider

The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.11.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any...

CVE-2024-9947 ProfilePress - Pro <= 4.11.1 - Authentication Bypass via WordPress.com OAuth provider

The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.11.1. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any...

WordPress ProfilePress Pro Plugin <= 4.11.1 is vulnerable to Broken Authentication

Software ProfilePress Pro Type Plugin Vulnerable versions = 4.11.1 Fixed in 4.11.2 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9947 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID adce137ed816 Credits wesl...

Ubuntu: Security Advisory (USN-6891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 / 7 : rh-python36-python (RHSA-2019:3725)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3725 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high leve...

Oracle Linux 8 : python3 (ELSA-2019-3520)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3520 advisory. - Fix for CVE-2019-10160 Resolves: rhbz1689318 - Security fix for CVE-2019-9948 Resolves: rhbz1714643 - Fixes CVE-2019-9740 and CVE-2019-9947 Resolves:...

Mageia: Security Advisory (MGASA-2021-0181)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...