ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +135 more potentially affected by CVE-2025-12110 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.2.2)

org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.0.2 - com.kleegroup.accelerator:accelerator-security-keycloakmfa =1.0.1 and more Source cves: CVE-2025-12110 Source advisory:...

CVE-2025-12110

creationtimestamp| type| source ---|---|--- 2025-10-23 14:58:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m3umpovj322o...

CVE-2020-12110

creationtimestamp| type| source ---|---|--- 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:23+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd...

CVE-2024-12110 Gold Addons for Elementor <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) License Activation/Deactivation

The Gold Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate and deactivate functions in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2024-12110 Gold Addons for Elementor <= 1.3.2 - Missing Authorization to Authenticated (Subscriber+) License Activation/Deactivation

The Gold Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate and deactivate functions in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2019-12110

An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c...

Ubuntu: Security Advisory (USN-4542-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : MiniUPnPd vulnerabilities (USN-4542-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4542-1 advisory. It was discovered that MiniUPnPd did not properly validate callback addresses. A remote attacker could possibly use this issue to expose sensitive...

TP-Link Cloud Cameras NCXXX Bonjour Command Injection

TP-Link cloud cameras NCXXX series NC200, NC210, NC220, NC230, NC250, NC260, NC450 are vulnerable to an authenticated command injection. In all devices except NC210, despite a check on the name length in swSystemSetProductAliasCheck, no other checks are in place in order to prevent shell...

CVE-2020-12110

Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304...

CVE-2020-12110

TP-Link NCXXX Cloud Cameras (NC200, NC210, NC220, NC230, NC250, NC260, NC450) are affected by a hardcoded encryption key used to encrypt/decrypt config backups. The issue arises in swSystemBackup/swSystemRestoreFile using DES-ECB with modified s-boxes/permutation tables, enabling potential compro...

ManageEngine EventLog Analyzer 10.0 - Information Disclosure

Exploit Title: ManageEngine EventLog Analyzer 10.0 - Information Disclosure Date: 2020-02-23 Author:Scott Goodwin Vendor: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/eventlog/ CVE: CVE-2019-19774 Vulnerability Name: Authenticated Information Disclosure in...

ManageEngine EventLog Analyzer 10.0 - Information Disclosure

ManageEngine EventLog Analyzer 10.0 - Information Disclosure Exploit Title: ManageEngine EventLog Analyzer 10.0 - Information Disclosure Date: 2020-02-23 Author:Scott Goodwin Vendor: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/eventlog/ CVE: CVE-2019-19774...

ManageEngine EventLog Analyzer 10.0 - Information Disclosure Vulnerability

Exploit for java platform in category web applications Exploit Title: ManageEngine EventLog Analyzer 10.0 - Information Disclosure Author: Scott Goodwin Vendor: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/eventlog/ CVE: CVE-2019-19774 Vulnerability Name:...

Fedora 31 : miniupnpd (2019-0a26e06dd5)

Security patches. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

CVE-2019-12110

CVE-2019-12110 concerns MiniUPnPd (miniupnpd) upnpredirect.c with a NULL pointer dereference causing a Denial of Service via AddPortMapping; the issue affects MiniUPnPd up to version 2.1. Public advisories from Debian (DLA-1811) indicate a fix was released for Debian 8 Jessie as miniupnpd 1.8.201...

CVE-2018-12110

portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter...

CVE-2018-12110

portfolioCMS 1.0.5 is vulnerable to SQL Injection via the admin/portfolio.php preview parameter (and related evidence cites the same issue in CNVD-2018-11358). The root cause is improper handling of the preview parameter, allowing an attacker to execute arbitrary SQL commands remotely. Impact per...

[SECURITY] [DSA 4173-1] r-cran-readxl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4173-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 16, 2018 https://www.debian.org/security/faq -...

libxls xls_appendSST Code Execution Vulnerability(CVE-2017-12110)

Summary An exploitable integer overflow vulnerability exists in the xlsappendSST function of libxls 1.4. A specially crafted XLS file can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability. Tested Versions libxls 1.4...