CVE-2025-12475

creationtimestamp| type| source ---|---|--- 2025-10-30 07:49:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4fhz6zrhr2s...

Linux Distros Unpatched Vulnerability : CVE-2018-12475

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service- downloadfiles of openSUSE Open Build Service allows authenticate...

CVE-2024-12475

The WP Multi Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inje...

CVE-2024-12475

The WP Multi Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inje...

CVE-2024-12475

creationtimestamp| type| source ---|---|--- 2025-01-04 11:21:10+00:00| seen| https://infosec.exchange/users/cve/statuses/113769818837566127 2025-01-04 12:15:42+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lew3hdtofh2m 2025-01-04 12:42:25+00:00| seen|...

CVE-2018-12475

creationtimestamp| type| source ---|---|--- 2020-09-01 16:55:28+00:00| seen| https://t.me/cibsecurity/14404...

CVE-2018-12475

A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...

CVE-2018-12475 obs-service-download_files allows downloading from localhost or intranet hosts

A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-downloadfiles of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there. This issue affects:...

CVE-2018-12475

The CVE-2018-12475 entry concerns an Externally Controlled Reference to a Resource in Another Sphere in openSUSE Open Build Service’s obs-service-download_files component. The vulnerability allows authenticated users to generate HTTP requests targeting internal networks, potentially leading to da...

CVE-2020-12475

TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tplink.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar...

CVE-2020-12475

The connected sources confirm a concrete vulnerability in TP-Link Omada Controller Software 3.2.6: a directory traversal flaw in com.tp_link.eap.web.portal.PortalController.getAdvertiseFile within /opt/tplink/EAPController/lib/eap-web-3.2.6.jar allows reading arbitrary files. This is a local atta...

CVE-2019-12475

In MicroStrategy Web before 10.4.6, there is stored XSS in metric due to insufficient input validation...

CVE-2019-12475

CVE-2019-12475 affects MicroStrategy Web prior to 10.4.6, with a stored XSS in the metric caused by insufficient input validation. The vulnerability is described as a cross-site scripting issue that could occur in authenticated contexts, with CVSS v3.0 base score 6.1 (NETWORK, LOW ATTACKER PRS, U...

CVE-2017-12475

The AP4Processor::Process function in Core/Ap4Processor.cpp in Bento4 mp4encrypt before 1.5.0-616 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted mp4 file...

CVE-2017-12475

CVE-2017-12475 affects Bento4 mp4encrypt prior to 1.5.0-616. The AP4_Processor::Process function in Core/Ap4Processor.cpp is vulnerable. A crafted MP4 file can trigger a NULL pointer dereference, leading to an application crash (denial of service). The description specifies the vulnerability path...

Fedora Update for python-oauth2 FEDORA-2014-12475

Check the version of python-oauth2 SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868433";...

CVE-2010-1999

creationtimestamp| type| source ---|---|--- 2010-05-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/12475...