Chromium: CVE-2026-12440 Use after free in DigitalCredentials

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-12440

An use after free flaw was found in the DigitalCredentials component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=519731619...

DEBIAN-CVE-2026-12440

Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2025-12440

Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

Chromium: CVE-2025-12440 Inappropriate implementation in Autofill

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Linux Distros Unpatched Vulnerability : CVE-2025-12440

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gesture...

CVE-2019-12440

The Sitecore Rocks plugin before 2.1.149 for Sitecore allows an unauthenticated threat actor to inject malicious commands and code via the Sitecore Rocks Hard Rocks Service...

Oracle Linux 8 : glibc (ELSA-2024-12440)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12440 advisory. - CVE-2024-33599: nscd: buffer overflow in netgroup cache RHEL-34264 - CVE-2024-33600: nscd: null pointer dereferences in netgroup cache RHEL-34267 -...

RHEL 7 : openstack-aodh (RHSA-2018:0315)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0315 advisory. openstack-aodh provides the ability to trigger actions based on defined rules against metric or event data collected by OpenStack Telemetry ceilomete...

RHEL 7 : openstack-aodh (RHSA-2017:3227)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3227 advisory. openstack-aodh provides the ability to trigger actions based on defined rules against metric or event data collected by OpenStack Telemetry ceilomete...

CVE-2020-12440

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2020-12440

CVE-2020-12440 is rejected/not used; this CVE ID does not represent an active vulnerability entry.

CVE-2020-12440

...

CVE-2020-12440

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none Recent assessments: gwillcox-r7 at April 06, 2021 7:24pm UTC reported: At the very least I’d debate the...

CVE-2019-12440

The Sitecore Rocks plugin for Sitecore is affected (pre-2.1.149). An unauthenticated attacker can inject malicious commands and code via the Sitecore Rocks Hard Rocks Service, potentially compromising the host. References indicate the fix is in version 2.1.149 (release notes). No additional explo...

CVE-2018-12440

BoringSSL (through 2018-06-14) is affected by a memory-cache side-channel vulnerability against DSA signatures, known as the Return Of the Hidden Number Problem (ROHNP). Attack prerequisites: local access or co-residency on the same physical host (local VM). The vulnerability description in conne...

Moderate: Red Hat Security Advisory: openstack-aodh security update

An update for openstack-aodh is now available for Red Hat OpenStack Platform 11.0 Ocata. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: openstack-aodh security update

An update for openstack-aodh is now available for Red Hat OpenStack Platform 10.0 Newton. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

SUSE-SU-2017:2627-1 Security update for openstack-aodh

This update for openstack-aodh fixes the following security issues: - CVE-2017-12440: Aodh did not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allowed remote authenticated users with knowledge of trust IDs where Aodh is the trustee to obta...

CVE-2017-12440

Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allows remote authenticated users with knowledge of trust ID...