CVE-2025-12397

creationtimestamp| type| source ---|---|--- 2025-11-10 09:38:06+00:00| seen| https://bsky.app/profile/potato.software/post/3m5bd6w4g3u2i 2025-11-10 09:58:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5bedhqwb22x 2025-11-10 12:11:07+00:00| seen|...

CVE-2025-12397

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

CVE-2025-12397

CVE-2025-12397 is a SQL injection vulnerability in Looker Studio that affects reports using BigQuery as the data source. A Looker Studio user with report view access could inject malicious SQL that runs with the report owner’s permissions. The issue’s impact is tied to the data source and report ...

CVE-2025-12397 SQL Injection in Looker Studio

A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...

Security Bulletin: Vulnerabilities in Quarkus-HTTP affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Quarkus-HTTP has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-12397 DESCRIPTION: A...

at.meks.quarkiverse.axonframework-extension:quarkus-axon-metrics-deployment (>=0.1.0-RC2 <=0.1.0-quarkus-3.15-RC4), br.com.labbs:quarkus-monitor-deployment (>=0.1.5 <=0.3.0) +453 more potentially affected by CVE-2024-12397 via io.quarkus.http:quarkus-http-core (>=3.0.0.Alpha1 <=5.3.3)

io.quarkus.http:quarkus-http-core MAVEN version =3.0.0.Alpha1, =0.1.0-RC2, =0.1.5, =1.0.4, =1.8.0, =1.6.9, =1.5.0, =1.0.0, =1.1.0, =1.1.0, =1.0.0, =0.0.10, =1.0.0, =24.6.0-alpha2 and more Source cves: CVE-2024-12397 Source advisory: OSV:GHSA-CXRX-Q234-M22M...

CVE-2024-12397 vulnerabilities

Vulnerabilities for packages: apicurio-registry, keycloak, keycloak-fips...

CVE-2024-12397 vulnerabilities

Vulnerabilities for packages: keycloak, apicurio-registry...

CVE-2024-12397

creationtimestamp| type| source ---|---|--- 2024-12-12 09:08:18+00:00| seen| https://infosec.exchange/users/cve/statuses/113639063433232775 2024-12-12 11:19:28+00:00| seen| https://t.me/cvedetector/12759 2025-03-19 17:20:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8096 2025-05-02...

CVE-2024-12397 Io.quarkus.http/quarkus-http-core: quarkus http cookie smuggling

A flaw was found in Quarkus-HTTP, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorize...

CVE-2024-12397

CVE-2024-12397 describes a flaw in Quarkus-HTTP where cookies with certain value-delimiting characters are parsed incorrectly in incoming requests. This can allow an attacker to craft a cookie value to exfiltrate HttpOnly cookies or spoof additional cookie values, impacting data confidentiality a...

Mageia: Security Advisory (MGASA-2020-0209)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Security Advisory (MFSA2018-26) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

SUSE: Security Advisory (SUSE-SU-2018:3656-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3749-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 6.01 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0036)

The remote NewStart CGSL host, running version MAIN 6.01, has thunderbird packages installed that are affected by multiple vulnerabilities: - By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This...

CVE-2020-12397

creationtimestamp| type| source ---|---|--- 2020-05-27 07:55:40+00:00| seen| https://t.me/cibsecurity/12305...

Ubuntu: Security Advisory (USN-4373-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4373-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, or execute arbitrary code. CVE-2020-6831, CVE-2020-12387, CVE-2020-12395 It wa...

CVE-2020-12397

By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird 68.8.0...