Chromium: CVE-2026-9985 Insufficient validation of untrusted input in Media

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Linux Distros Unpatched Vulnerability : CVE-2026-9985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the...

CVE-2026-9985

The CVE-2026-9985 entry affects Google Chrome on ChromeOS, leveraging the Media component in Chromium. The root cause is insufficient validation of untrusted input within Media, allowing a remote attacker that already compromised the renderer process to read potentially sensitive memory contents ...

CVE-2026-9985

creationtimestamp| type| source ---|---|--- 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260529 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260529 2026-05-29...

MINI-Q428-9985-56FW

Bulletin has no description...

VulnCheck KEV: CVE-2025-9985

The Featured Image from URL FIFU plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.7 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the...

CVE-2025-9985

creationtimestamp| type| source ---|---|--- 2025-11-05 08:15:15+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-9985.yaml 2025-11-05 22:20:44+00:00| published-proof-of-concept| https://t.me/realcodeb0ss/146 2025-11-06 21:02:29+00:00| seen|...

WordPress Featured Image from URL (FIFU) plugin <= 5.2.7 - Unauthenticated Information Exposure via Log File vulnerability

Unauthenticated Information Exposure via Log File vulnerability discovered by ifoundbug in WordPress Plugin Featured Image from URL versions = 5.2.7...

MAL-2025-9985 Malicious code in @zalastax/nolb-_expo-google- (npm)

The package @zalastax/nolb-expo-google- was found to contain malicious code...

CVE-2024-9985

creationtimestamp| type| source ---|---|--- 2024-10-15 11:55:11+00:00| seen| https://t.me/cvedetector/7893...

CVE-2024-9985 Ragic Enterprise Cloud Database - Arbitrary File Upload

Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server...

CVE-2024-9985 Ragic Enterprise Cloud Database - Arbitrary File Upload

Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server...

CVE-2024-9985

CVE-2024-9985 involves the Ragic Enterprise Cloud Database. The vulnerability arises from improper validation of uploaded file types, enabling attackers with regular privileges to upload a webshell and execute arbitrary code on the remote server. Multiple sources (NVD and national/ regional advis...

CVE-2020-9985

CVE-2020-9985 is a buffer overflow in Apple’s USD file processing that could cause an application to terminate or execute arbitrary code. It affects multiple Apple platforms and was addressed by memory-management improvements. The fixed versions are iOS 13.6/iPadOS 13.6, macOS Catalina 10.15.6, a...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1523)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users t...

CVE-2014-9985

CVE-2014-9985 affects Android on Qualcomm Snapdragon platforms (MDM9635M, SD 400, SD 800). The vulnerability arises from a TOCTOU race condition that can bypass error-condition checks, causing undefined behavior in the affected components. Based on the initial and linked references, the issue is ...

CVE-2018-9985

The CVE-2018-9985 issue affects MetInfo 6.0 where the front page permits cross-site scripting (XSS) by submitting a feedback message to an administrator. Documented sources (NVD/CNVD) confirm an XSS vulnerability in MetInfo 6.0’s front page, but no specific exploit details, affected file paths, o...

USN-3469-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3469-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.0...

CVE-2017-9985

CVE-2017-9985 is a local double-fetch vulnerability in the Linux kernel (snd_msndmidi_input_read in sound/isa/msnd/msnd_midi.c) affecting up to version 4.11.7. Exploitation can cause denial of service (over-boundary access) with potential unspecified impact. Public references in Nessus/OpenVAS/U-...

CVE-2017-9985

The sndmsndmidiinputread function in sound/isa/msnd/msndmidi.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary access or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that...