CVE-2026-6662 ericc-ch copilot-api Token Endpoint server.ts cors cross-domain policy

A vulnerability was found in ericc-ch copilot-api up to 0.7.0. The impacted element is the function cors of the file src/server.ts of the component Token Endpoint. Performing a manipulation results in permissive cross-domain policy with untrusted domains. It is possible to initiate the attack...

MiracleLinux 4 : mariadb55-mariadb-5.5.53-1.AXS4 (AXSA:2016-717:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-717:04 advisory. MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation...

MiracleLinux 4 : mysql-5.1.73-8.0.1.AXS4 (AXSA:2017-1284:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1284:01 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many...

MiracleLinux 7 : mariadb-5.5.52-1.el7 (AXSA:2016-1117:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-1117:03 advisory. MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation...

CVE-2025-6662

PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

CVE-2025-6662

PDF-XChange Editor is affected by a PRC file parsing vulnerability that causes an Out-Of-Bounds Read leading to information disclosure. The flaw stems from insufficient validation of user-supplied data during PRC file parsing, permitting a read past the end of an allocated object. Exploitation re...

CVE-2025-6662 PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

CVE-2025-6662 PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...

CVE-2025-6662

creationtimestamp| type| source ---|---|--- 2025-06-25 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-447/ 2025-06-26 00:36:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lshv2ravun2i...

CVE-2019-6662

On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data...

RHEL 6 / 7 : rh-mysql56-mysql (RHSA-2016:2749)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:2749 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The...

CVE-2024-6662

creationtimestamp| type| source ---|---|--- 2025-01-10 17:57:03+00:00| seen| https://infosec.exchange/users/cve/statuses/113805349516054986 2025-01-10 18:03:29+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1193 2025-01-10 18:16:03+00:00| seen|...

CVE-2024-6662 CSRF in MegaBIP

Websites managed by MegaBIP in versions below 5.15 are vulnerable to Cross-Site Request Forgery CSRF as the form available under "/edytor/index.php?id=7,7,0" lacks protection mechanisms. A user could be tricked into visiting a malicious website, which would send POST request to this endpoint. If...

RHEL 7 : python-setuptools (RHSA-2024:6662)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:6662 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

RHEL 5 : mysql55-mysql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mysql: generallog can write to configuration files, leading to privilege escalation CPU Oct 2016...

VulnCheck KEV: CVE-2016-6662

Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and...

RHEL 5 : mysql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mysql: generallog can write to configuration files, leading to privilege escalation CPU Oct 2016...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : OpenJDK 21 vulnerabilities (USN-6662-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6662-1 advisory. Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could...

Ubuntu: Security Advisory (USN-6662-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-6662

creationtimestamp| type| source ---|---|--- 2024-02-23 07:36:55+00:00| seen| https://t.me/ctinow/191497...