52 matches found
ECHO-9606-F9D9-FB8C
Bulletin has no description...
CVE-2026-9606
A vulnerability has been found in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /manageuser.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be...
CVE-2026-9606
creationtimestamp| type| source ---|---|--- 2026-05-27 01:58:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmsft3xj642p...
EUVD-2020-29696
Malware in sbrugna...
EUVD-2022-4469
Malicious code in bioql PyPI...
01os (>=0.0.1 <=0.0.13), agenta (>=0.14.1a0 <=0.14.7a1) +103 more potentially affected by CVE-2024-9606 via litellm (>=0.1.400 <=1.43.9)
litellm PYPI version =0.1.400, =0.0.1, =0.14.1a0, =0.0.5, =0.0.4, =1.0.3, =0.2.0, =0.29.0, =0.1.5, =0.1.0, =1.3.0, =0.1.0, =0.0.1, =0.1.10 and more Source cves: CVE-2024-9606 Source advisory: OSV:GHSA-G5PG-73FC-HJWQ...
CVE-2024-9606
In berriai/litellm before version 1.44.12, the litellm/litellmcoreutils/litellmlogging.py file contains a vulnerability where the API key masking code only masks the first 5 characters of the key. This results in the leakage of almost the entire API key in the logs, exposing a significant amount ...
CVE-2024-9606 Improper Output Neutralization for Logs in berriai/litellm
In berriai/litellm before version 1.44.12, the litellm/litellmcoreutils/litellmlogging.py file contains a vulnerability where the API key masking code only masks the first 5 characters of the key. This results in the leakage of almost the entire API key in the logs, exposing a significant amount ...
Deserialization of Untrusted Data in org.jboss.resteasy:resteasy-yaml-provider
It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via Yaml.load in YamlProvider. Mitigation: If the YamlProvider is enabled it's recommended to add authentication, and authorization to the endpoint expectin...
OESA-2021-1073 resteasy security update
RESTEasy contains a JBoss project that provides frameworks to help build RESTful Web Services and RESTful Java applications. It is a fully certified and portable implementation of the JAX-RS specification. Security Fixes: CVE-2016-9606...
CVE-2020-9606
CVE-2020-9606 affects Adobe Acrobat and Reader, with use-after-free in multiple builds (e.g., Acrobat/Reader 2020.006.20042 and earlier; 2017.011.30166 and earlier; 2015.006.30518 and earlier). Successful exploitation could lead to arbitrary code execution. Connected sources corroborate the vulne...
Adobe Acrobat and Reader Use-after-free (APSB20-24: CVE-2020-9606)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat < 2015.006.30523 / 2017.011.30171 / 2020.009.20063 Multiple Vulnerabilities (APSB20-24)
The version of Adobe Acrobat installed on the remote Windows host is a version prior to 2015.006.30523, 2017.011.30171, or 2020.009.20063. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier,...
CVE-2014-9606
Netsweeper CVE-2014-9606 involves multiple XSS vulnerabilities in Netsweeper releases: 3.1.10 and older 4.0.x (before 4.0.9) and 4.1.x (before 4.1.2). The XSS can be triggered by specially crafted inputs in five vectors: (1) server parameter to remotereporter/load_logfiles.php, (2) customctid to ...
CVE-2020-8854
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2020-8854
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2016-9606
It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy. Mitigati...
CVE-2019-9606
CVE-2019-9606 affects PHP Scripts Mall Personal Video Collection Script 4.0.4. The vulnerability is a Stored XSS in the Update profile feature. The available sources describe the affected product and the type of issue but do not provide detailed root cause analysis, exploit patterns, affected ver...
Moderate: Red Hat Security Advisory: Red Hat Decision Manager 7.1.0 bug fix and security update
An update is now available for Red Hat Decision Manager. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in...