24 matches found
Debian dsa-6350 : firefox-esr - security update
The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6350 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6350-1 [email protected] https://www.debian.org/securit...
CVE-2026-12309
creationtimestamp| type| source ---|---|--- 2026-06-17 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260618...
SUSE CVE-2026-12309
Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...
Linux Distros Unpatched Vulnerability : CVE-2026-12309
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12309...
DEBIAN-CVE-2026-12309
Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...
CVE-2024-12309
The Rate My Post – Star Rating Plugin by FeedbackWP plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.4 via the getpoststatus due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to...
CVE-2024-12309
The Rate My Post – Star Rating Plugin by FeedbackWP plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.4 via the getpoststatus due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to...
CVE-2024-12309
creationtimestamp| type| source ---|---|--- 2024-12-13 08:51:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113644659426186356 2024-12-13 10:45:10+00:00| seen| https://t.me/cvedetector/12846...
CVE-2024-12309
CVE-2024-12309 affects Rate My Post – Star Rating Plugin for WordPress (FeedbackWP). The vulnerability is an Insecure Direct Object Reference in get_post_status() due to missing validation on a user-controlled key, allowing unauthenticated voters to affect unpublished posts. The CVE entry notes v...
CVE-2024-12309 Rate My Post – Star Rating Plugin by FeedbackWP <= 4.2.4 - Unauthenticated Voting On Scheduled Posts
The Rate My Post – Star Rating Plugin by FeedbackWP plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.2.4 via the getpoststatus due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to...
CVE-2021-27245
This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 prior to Archer C7USV5210125 and Archer A7USV5200220 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IPv6 connections. The issue...
Authentication flaw
This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 prior to Archer C7USV5210125 and Archer A7USV5200220 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IPv6 connections. The issue...
CVE-2021-27245
This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 prior to Archer C7USV5210125 and Archer A7USV5200220 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IPv6 connections. The issue...
CVE-2021-27245
CVE-2021-27245 affects TP-Link Archer A7 family (A7 AC1750; Archer C7 US variants) prior to the specified V5 firmwares. Root cause: improper filtering of IPv6 SSH connections during IPv6 handling enables a firewall bypass by unauthenticated attackers, who could leverage this in conjunction with o...
CVE-2020-12309
Insufficiently protected credentialsin subsystem in some IntelR Client SSDs and some IntelR Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access...
CVE-2020-12309
Intel has published an advisory for CVE-2020-12309 noting insufficiently protected credentials in the subsystem of several Intel SSDs that could allow information disclosure with physical access. The Red Hat security note and Intel advisory enumerate affected products and required mitigations via...
CVE-2020-12309
Insufficiently protected credentialsin subsystem in some IntelR Client SSDs and some IntelR Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access...
Intel® SSD Advisory
Summary: Potential security vulnerabilities in multiple Intel® Solid State Drive SSD products may allow information disclosure. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVE ID: CVE-2020-12309 Description: Insufficiently protected...
Intel SSD Advisory - Lenovo Support US
No description provided...
CVE-2019-12309
creationtimestamp| type| source ---|---|--- 2019-05-23 20:48:40+00:00| seen| https://t.me/cvemitreorg/281...