CVE-2025-12400

creationtimestamp| type| source ---|---|--- 2025-11-04 06:23:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4rvjl3zvi2x...

CVE-2024-12400

The tourmaster WordPress plugin before 5.3.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...

Alibaba Cloud Linux 3 : 0015: nss (ALINUX3-SA-2021:0015)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0015 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-12400: When converting coordinate...

Linux Distros Unpatched Vulnerability : CVE-2019-12400

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of...

CVE-2024-12400

creationtimestamp| type| source ---|---|--- 2025-01-30 06:09:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113915812673966819 2025-01-30 06:15:53+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgwthuotr42j 2025-01-30 07:11:29+00:00| seen|...

CVE-2024-12400 Tourmaster < 5.3.5 - Reflected XSS

The tourmaster WordPress plugin before 5.3.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...

CVE-2024-12400

CVE-2024-12400 describes a reflected XSS in the Tour Master WordPress plugin prior to v5.3.5, caused by failing to escape generated URLs output in HTML attributes. The issue can be triggered by an attacker crafting a URL that injects malicious script, potentially affecting site visitors. Public d...

CVE-2024-12400 Tourmaster < 5.3.5 - Reflected XSS

The tourmaster WordPress plugin before 5.3.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting...

Debian dla-3327 : libnss3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3327 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3327-1 [email protected]...

K61267093: Multiple NSS vulnerabilities CVE-2020-6829, CVE-2020-12400, CVE-2020-12401, and CVE-2020-12402

Security Advisory Description CVE-2020-6829 When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the...

Debian: Security Advisory (DLA-3327-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3327-1] nss security update

Debian LTS Advisory DLA-3327-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany February 20, 2023 https://wiki.debian.org/LTS Package : nss Version : 2:3.42.1-1+deb10u6 CVE ID : CVE-2020-6829 CVE-2020-12400 CVE-2020-12401 CVE-2020-12403 CVE-2023-0767 Multiple...

SUSE CVE-2020-12400

When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel attack. This vulnerability affects Firefox 80 and Firefox for Android 80...

Security Bulletin: IBM Security Verify Governance is vulnerable to bypassing of security restrictions due to use of Apache Santuario XML Security (CVE-2019-12400, CVE-2021-40690)

Summary IBM Security Verify Governance uses Apache Santuario XML Security for Java which could allow a remote attacker to bypass security restrictions caused by a couple of vulnerabilities. This could allow the attacker to launch further attacks on the system CVE-2019-12400, CVE-2021-40690. The f...

Mageia: Security Advisory (MGASA-2020-0318)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2021-0121)

The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel...

Advisory ROSA-SA-2021-1835

Software: firefox 78.5.0 OS: Cobalt 7.9 CVE-ID: CVE-2020-12400 CVE-Crit: MEDIUM CVE-DESC: When converting coordinates from projective to affine, modular inversion was not performed in constant time, leading to a possible time-based side-channel attack. This vulnerability affects Firefox 80 and...

CentOS: Security Advisory for nss (CESA-2020:4076)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1640)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : nss (ELSA-2021-0538)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0538 advisory. - CVE-2020-12403 chacha-poly issues - CVE-2020-12400 constant time ECC. - CVE-2020-6829 constant time ECC. Tenable has extracted the preceding...