Debian dsa-6350 : firefox-esr - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6350 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6350-1 [email protected] https://www.debian.org/securit...

CVE-2026-12298

creationtimestamp| type| source ---|---|--- 2026-06-17 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260618...

SUSE CVE-2026-12298

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

Linux Distros Unpatched Vulnerability : CVE-2026-12298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12298...

CVE-2026-12298

CVE-2026-12298 is a memory safety bug that Mozilla has fixed in Thunderbird 152 and Firefox 152 (and Firefox ESR 140.12; Thunderbird 140.12). Affected products mentioned in the provided sources include Thunderbird and Firefox variants; Debian/OSV/Nessus references confirm the same fix exists acro...

CVE-2026-12298

Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

CVE-2018-12298

Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's container via a URL path...

CVE-2019-12298

Leanify 0.4.3 allows remote attackers to trigger an out-of-bounds write 1024 bytes via a modified input file...

CVE-2025-12298 code-projects Simple Food Ordering System editcategory.php cross site scripting

A vulnerability was identified in code-projects Simple Food Ordering System 1.0. This affects an unknown part of the file /editcategory.php. The manipulation of the argument pname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and...

CVE-2024-12298

The CVE-2024-12298 issue is an XXE vulnerability (CWE-611) in Omron NB-series NX-Designer / NB-Designer. The root cause is improper restriction of XML external entity references, enabling disclosure of confidential data on the host when a specially crafted file is opened. Affected software includ...

CVE-2024-12298 Vulnerability Report on Improper Restriction of XML External Entity Reference in NB-Designer

We found a vulnerability Improper Restriction of XML External Entity Reference CWE-611 in NB-series NX-Designer. Attackers may be able to abuse this vulnerability to disclose confidential data on a computer...

CVE-2024-12298 Vulnerability Report on Improper Restriction of XML External Entity Reference in NB-Designer

We found a vulnerability Improper Restriction of XML External Entity Reference CWE-611 in NB-series NX-Designer. Attackers may be able to abuse this vulnerability to disclose confidential data on a computer...

Oracle Linux 8 : cloud-init (ELSA-2023-12298)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-12298 advisory. 22.1-6.0.4.el87.2 - Fix log file permissions Orabug: 35302985 22.1-6.0.3.el87.2 - Fix CVE-2023-1786 Orabug: 35302985 Tenable has extracted the preceding...

CVE-2020-12298

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

CVE-2019-12298

creationtimestamp| type| source ---|---|--- 2019-05-23 14:48:21+00:00| seen| https://t.me/cvemitreorg/183...

CVE-2019-12298

The CVE-2019-12298 entry concerns Leanify 0.4.3, where a vulnerability allows remote attackers to trigger an out-of-bounds write of 1024 bytes by supplying a modified input file. The issue is caused by input handling that can write beyond allocated memory, potentially impacting availability and i...

CVE-2018-12298

creationtimestamp| type| source ---|---|--- 2019-05-13 16:26:17+00:00| seen| https://t.me/cibsecurity/4265...

CVE-2018-12298

Directory Traversal in filebrowser in Seagate NAS OS 4.3.15.1 allows attackers to read files within the application's container via a URL path...

CVE-2018-12298

CVE-2018-12298: Directory traversal in Seagate NAS OS filebrowser (v4.3.15.1) allows reading files inside the app container via crafted URL paths. Root cause appears to be improper URL path handling. Affects filebrowser component; impact includes partial confidentiality (C in CVSS). CVSS data pre...

CVE-2017-12298

CVE-2017-12298 affects Cisco WebEx Meeting Center. The issue is cross-site scripting (XSS) caused by insufficient input validation in parameters passed to the web server, allowing an unauthenticated, remote attacker to trick a user into following a malicious link or inject code into requests. Exp...