MINI-9686-33PJ-MQJP

Bulletin has no description...

MAL-2025-9686 Malicious code in @womorg/ipsam-sint-eaque (npm)

The package @womorg/ipsam-sint-eaque was found to contain malicious code...

CVE-2020-9686

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2024-9686

creationtimestamp| type| source ---|---|--- 2024-10-25 07:53:05+00:00| seen| https://t.me/cvedetector/8887...

CVE-2024-9686

The Order Notification for Telegram plugin for WordPress is vulnerable to unauthorized test message sending due to a missing capability check on the 'nktgnfwsendtestmessage' function in versions up to, and including, 1.0.1. This makes it possible for unauthenticated attackers to send a test messa...

WordPress Order Notification for Telegram Plugin <= 1.0.1 is vulnerable to Broken Access Control

Software Order Notification for Telegram Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9686 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID c9ae0bfdb3a8 Credits István Márton...

Adobe Photoshop CC 20.x < 20.0.10 / 21.x < 21.2.1 Multiple Vulnerabilities (macOS APSB20-45)

The version of Adobe Photoshop CC or Photoshop installed on the remote macOS or Mac OS X host is prior to 20.0.10/21.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb20-45 advisory. - Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an...

Adobe Photoshop CC 20.x < 20.0.10 / 21.x < 21.2.1 Multiple Vulnerabilities (APSB20-45)

The version of Adobe Photoshop CC or Photoshop installed on the remote Windows host is prior to 20.0.10/21.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb20-45 advisory. - Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds...

CVE-2020-9686

Adobe Photoshop CC 2019 and Photoshop 2020 are affected by an out-of-bounds read vulnerability (CVE-2020-9686) that could lead to arbitrary code execution. The issue is triggered in the Photoshop code paths handling certain inputs (as detailed in APSB20-45). Affected versions are prior to 20.0.10...

Puppet Enterprise 2015.x < 2016.4.0 Denial of Service Vulnerability

According to its self-reported version number, the Puppet install running on the remote host is version 5.5.x prior to 2017.2.2. It is, therefore, affected by a denial of service DoS vulnerability which exists in the puppet communications protocol broker due to incorrect validation of message...

CVE-2019-1010309

CVE-2019-1010309 is a reserved duplicate of CVE-2019-9686 and should not be used as an active vulnerability entry. Connected data confirms the underlying issue: pacman before 5.1.3 allows directory traversal when installing a remote package via a URL (pacman -U ) due to an unsanitized Content-Dis...

CVE-2019-9686

CVE-2019-9686 affects pacman before 5.1.3. The issue arises when installing a remote package via a URL (pacman -U ): the unsanitized Content-Disposition filename can contain slashes and is used in rename(), enabling a remote attacker to place the file anywhere in the filesystem and potentially ac...

[ASA-201903-7] pacman: arbitrary code execution

Arch Linux Security Advisory ASA-201903-7 ========================================= Severity: High Date : 2019-03-11 CVE-ID : CVE-2019-9686 Package : pacman Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-921 Summary ======= The package pacman before version...

CVE-2017-9686

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging is used...

CVE-2017-9686

The CVE-2017-9686 issue affects the Qualcomm SPS driver in Android environments (CAF/Linux kernel variants that include Android for MSM/CAF). Root cause is a double free/use-after-free in the SPS driver when debugfs logging is enabled. Reported impact includes local access with partial confidenti...

CVE-2014-9686

The Googlemaps plugin 3.2 and earlier for Joomla! allows remote attackers with control of a sub-domain belonging to a victim domain to cause a denial of service via the 'url' parameter to plugingooglemap3kmlprxy.php. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7428...

CVE-2014-9686

CVE-2014-9686 relates to the Joomla! Googlemaps plugin (versions 3.2 and earlier). An attacker who controls a sub-domain of the victim’s domain can trigger a denial of service by supplying a crafted value to the file plugin_googlemap3_kmlprxy.php via the url parameter. The issue is noted as a con...

Puppet Enterprise < 2016.4.3 / 2016.5 < 2016.5.2 DoS Vulnerability

Puppet Enterprise is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-9686

CVE-2016-9686 affects the Puppet Communications Protocol (PCP) Broker in Puppet Enterprise. The root cause is incorrect validation of message header sizes, allowing an attacker to crash the PCP Broker and prevent commands from reaching agents, resulting in a partial availability impact. The vulne...