Lucene search
+L

22 matches found

cgr
cgr
added 2026/07/01 2:16 p.m.3 views

CVE-2025-12437 vulnerabilities

Vulnerabilities for packages: chromium...

7.5CVSS6.8AI score0.00226EPSS
Exploits0
wolfi
wolfi
added 2026/07/01 2:16 p.m.3 views

CVE-2026-12437 vulnerabilities

Vulnerabilities for packages: chromium...

8.3CVSS5.8AI score0.00279EPSS
Exploits0
wolfi
wolfi
added 2026/07/01 2:16 p.m.5 views

CVE-2025-12437 vulnerabilities

Vulnerabilities for packages: chromium...

7.5CVSS6.8AI score0.00226EPSS
Exploits0
nessus
nessus
added 2026/06/17 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-12437

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially...

8.3CVSS5.9AI score0.00279EPSS
Exploits0References2
circl
circl
added 2026/06/16 9:0 p.m.12 views

CVE-2026-12437

creationtimestamp| type| source ---|---|--- 2026-06-16 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1925 2026-06-17 01:56:44+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-google-chrome-56 2026-06-17 23:39:54+00:00| seen|...

8.3CVSS5.8AI score0.00279EPSS
Exploits0References6
circl
circl
added 2026/04/21 7:25 p.m.9 views

CVE-2018-12437

creationtimestamp| type| source ---|---|--- 2026-04-21 19:25:24+00:00| seen| Telegram/IV3XUTumqBvhxDGxYKmJv890gnK1hu13PgwZ6nuJXKkSo...

4.9CVSS5.8AI score0.0054EPSS
Exploits1
cvelist
cvelist
added 2026/04/21 3:34 p.m.32 views

CVE-2025-15638 Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt

Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt. Net::Dropbear versions before 0.14 includes versions of Dropbear 2019.78 or earlier. These include versions of libtomcrypt v1.18.1 or earlier, which is affected by CVE-2016-6129 and CVE-2018-12437...

0.0057EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/04/21 12:0 a.m.11 views

PT-2026-33994

Name of the Vulnerable Software and Affected Versions Net::Dropbear versions prior to 0.14 Description Net::Dropbear for Perl contains a vulnerable version of libtomcrypt, specifically including versions of Dropbear 2019.78 or earlier. Recommendations Update Net::Dropbear to version 0.14 or later...

10CVSS6.6AI score0.0057EPSS
Exploits0References8
redhatcve
redhatcve
added 2025/11/11 1:11 p.m.3 views

CVE-2025-12437

Use after free in PageInfo in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS6.8AI score0.00226EPSS
Exploits0References5
osv
osv
added 2025/11/10 8:15 p.m.1 views

DEBIAN-CVE-2025-12437

Use after free in PageInfo in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS7.5AI score0.00226EPSS
Exploits0References1
cve
cve
added 2025/11/10 8:0 p.m.27 views

CVE-2025-12437

The connected documents confirm a concrete vulnerability: Use-after-free in PageInfo in Google Chrome/chromium before 142.0.7444.59. A remote attacker could exploit heap corruption by persuading a user to perform specific UI gestures against a crafted HTML page. Affected software: Google Chrome/C...

7.5CVSS6.3AI score0.00226EPSS
Exploits0References2Affected Software1
circl
circl
added 2025/11/03 8:30 a.m.6 views

CVE-2025-12437

creationtimestamp| type| source ---|---|--- 2025-11-03 08:30:48+00:00| seen| https://gist.github.com/Darkcrai86/558c7a72853f275608e30f5bd70b5fc0...

7.5CVSS5.8AI score0.00226EPSS
Exploits0References1
mscve
mscve
added 2025/10/31 2:0 p.m.11 views

Chromium: CVE-2025-12437 Use after free in PageInfo

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

7.5CVSS6.4AI score0.00226EPSS
Exploits0
nvd
nvd
added 2025/01/07 7:15 a.m.19 views

CVE-2024-12437

The Marketplace Items plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'envato' shortcode in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00396EPSS
Exploits0References3
circl
circl
added 2025/01/07 6:46 a.m.7 views

CVE-2024-12437

creationtimestamp| type| source ---|---|--- 2025-01-07 06:46:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113785725707848489 2025-01-07 07:15:58+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf5445onan2m 2025-01-07 07:15:58+00:00| seen|...

6.4CVSS8.7AI score0.00396EPSS
Exploits0References4
cvelist
cvelist
added 2025/01/07 6:40 a.m.20 views

CVE-2024-12437 Marketplace Items <= 1.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Marketplace Items plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'envato' shortcode in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS0.00396EPSS
Exploits0References3
nessus
nessus
added 2020/07/30 12:0 a.m.57 views

GLSA-202007-53 : Dropbear: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202007-53 Dropbear: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Dropbear. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for...

6.5CVSS6.8AI score0.19295EPSS
Exploits1References4
cve
cve
added 2020/02/19 4:28 p.m.63 views

CVE-2019-12437

CVE-2019-12437 affects SilverStripe up to 4.3.3, where the prior fix for SS-2018-007 does not fully mitigate CSRF in GraphQL mutations. Connected sources (GHSA/OSV/Red Hat) indicate this CSRF protection was not complete and fixes exist in SilverStripe GraphQL at versions 2.0.5 and 3.1.2. Remediat...

8.8CVSS8.7AI score0.00742EPSS
Exploits0References3Affected Software1
friendsofphp
friendsofphp
added 2019/06/11 4:34 p.m.20 views

CVE-2019-12437: Cross Site Request Forgery (CSRF) Protection Bypass in GraphQL

More info at https://www.silverstripe.org/download/security-releases/cve-2019-12437...

8.8CVSS7.2AI score0.00742EPSS
Exploits0Affected Software1
openvas
openvas
added 2018/07/21 12:0 a.m.38 views

Fedora Update for libtomcrypt FEDORA-2018-39e0872379

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.19295EPSS
Exploits1References2
Rows per page
Query Builder