28 matches found
CVE-2026-9980 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-9980 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-9980
An insufficient validation of untrusted input flaw was found in the Printing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=511776372...
Linux Distros Unpatched Vulnerability : CVE-2026-9980
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Printing in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer proce...
CVE-2026-9980
In Google Chrome (Chromium) Printing component, the vulnerability CVE-2026-9980 is caused by insufficient validation of untrusted input, allowing a remote attacker who has compromised the renderer process to bypass site isolation via a crafted HTML page. Impact is described as high severity; reme...
CVE-2026-9980
Insufficient validation of untrusted input in Printing in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2025-9980
creationtimestamp| type| source ---|---|--- 2025-10-23 11:00:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m3u7ghn6zc2o...
CVE-2025-9980
QuickCMS is vulnerable to multiple Stored XSS in page editor functionality pages-form. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. By default admin user is not able to add JavaScript into the...
CVE-2025-9980
QuickCMS is vulnerable to multiple Stored XSS in page editor functionality pages-form. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. By default admin user is not able to add JavaScript into the...
CVE-2025-9980
CVE-2025-9980 describes a Stored XSS vulnerability in QuickCMS, specifically in the page editor (pages-form). The issue allows a malicious actor with admin privileges to inject arbitrary HTML/JavaScript that is rendered/executed when visiting the edited page. The public material notes that only v...
MAL-2025-9980 Malicious code in @zalastax/nolb-_evk (npm)
The package @zalastax/nolb-evk was found to contain malicious code...
CVE-2020-9980
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted font file may lead to arbitrary code execution...
CVE-2024-9980
creationtimestamp| type| source ---|---|--- 2024-10-15 11:04:58+00:00| seen| https://t.me/cvedetector/7887...
CVE-2024-9980
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents...
CVE-2024-9980 FormosaSoft ee-class - SQL Injection
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents...
CVE-2024-9980 FormosaSoft ee-class - SQL Injection
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents...
Command injection
Green Packet WiMax DV-360 2.10.14-g1.0.6.1 devices allow Command Injection, with unauthenticated remote command execution, via a crafted payload to the HTTPS port, because lighttpd listens on all network interfaces including the external Internet by default. NOTE: this may overlap CVE-2017-9980...
CVE-2018-14067
CVE-2018-14067 affects Green Packet WiMax DV-360 devices running 2.10.14-g1.0.6.1. The issue is a command injection vulnerability causing unauthenticated remote command execution when a crafted payload is sent to the HTTPS port. The underlying cause cited is that lighttpd listens on all network i...
CVE-2020-9980
CVE-2020-9980 is an out-of-bounds write vulnerability in FontParser that could allow arbitrary code execution when parsing a malicious font file. The connected Apple advisories show affected components across multiple Apple platforms (macOS, iOS/iPadOS, tvOS, watchOS) and specify the fix in iOS 1...
About the security content of watchOS 6.2.8
About the security content of watchOS 6.2.8 This document describes the security content of watchOS 6.2.8. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...