CVE-2026-12459

creationtimestamp| type| source ---|---|--- 2026-06-17 01:56:44+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-google-chrome-56 2026-06-17 05:53:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mohmq33udf22...

CVE-2024-12459

creationtimestamp| type| source ---|---|--- 2024-12-14 07:40:05+00:00| seen| https://t.me/cvedetector/12932...

CVE-2024-12459

The Ganohrs Toggle Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'toggle' shortcode in all versions up to, and including, 0.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-12459 Ganohrs Toggle Shortcode <= 0.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Ganohrs Toggle Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'toggle' shortcode in all versions up to, and including, 0.2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-12459

CVE-2024-12459 – WordPress Ganohrs Toggle Shortcode : A stored XSS vulnerability exists in the Ganohrs Toggle Shortcode plugin for WordPress, affecting versions up to 0.2.4. The issue stems from insufficient input sanitization and output escaping on user-supplied attributes used by the plugin’s t...

AlmaLinux 8 : grafana (ALSA-2020:4682)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4682 advisory. - Grafana 5.3.1 has XSS via a column style on the Dashboard Table Panel screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099...

CentOS 8 : grafana (CESA-2020:4682)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4682 advisory. - grafana: XSS vulnerability via a column style on the Dashboard Table Panel screen CVE-2018-18624 - grafana: arbitrary file read via MySQL data source...

Moderate: Red Hat Security Advisory: grafana security, bug fix, and enhancement update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

RHEL 7 / 8 : Red Hat OpenShift Service Mesh (RHSA-2020:2362)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2362 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Service Mesh security update

An update for jaeger, kiali, and servicemesh-grafana is now available for OpenShift Service Mesh 1.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Fedora 31 : grafana (2020-d109a1d1d9)

rebase to upstream Grafana 6.7.3 - including fix for CVE-2020-12458 and CVE-2020-12459 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

CVE-2020-12459

In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml which contain a secretkey and a bindpassword are world readable...

CVE-2020-12459

In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml which contain a secretkey and a bindpassword are world readable...

CVE-2020-12459

CVE-2020-12459 affects Grafana when installed in Red Hat-family and related distributions where /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (containing secret_key and bind_password) were world-readable. Connected advisories (e.g., RHSA/CESA and ALINUX3 ALSA entries) document that these co...

CVE-2019-12459

FileRun 2019.05.21 allows customizables/plugins/audioplayer Directory Listing. This issue has been fixed in FileRun 2019.06.01...

CVE-2018-12459

An inconsistent bits-per-sample value in the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service...

CVE-2018-12459

CVE-2018-12459 affects FFmpeg 4.0: an inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function (libavcodec/mpeg4videodec.c) may trigger an assertion violation when converting a crafted AVI file to MPEG4, leading to a denial of service. The connected documents provide this...

CVE-2017-12459

The bfdmachoreadsymtabstrtab function in bfd/mach-o.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file...

CVE-2017-12459

The bfdmachoreadsymtabstrtab function in bfd/mach-o.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file...

CVE-2017-12459

The bfdmachoreadsymtabstrtab function in bfd/mach-o.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file...