CVE-2025-12476

creationtimestamp| type| source ---|---|--- 2025-10-30 06:01:40+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m4fbxrm7jq27...

CVE-2025-12476 Resource Lacking AuthN

Resource Lacking AuthN.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

Linux Distros Unpatched Vulnerability : CVE-2017-12476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The AP4AvccAtom::InspectFields function in Core/Ap4AvccAtom.cpp in Bento4 mp4dump before 1.5.0-616 allows remote attackers to cause a denial of service NULL...

CVE-2024-12476

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure, impacts workstation integrity and potential remote code execution on the compromised computer, when specific crafted XML file is imported in the Web Designer configuration...

CVE-2024-12476

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure, impacts workstation integrity and potential remote code execution on the compromised computer, when specific crafted XML file is imported in the Web Designer configuration...

CVE-2024-12476

creationtimestamp| type| source ---|---|--- 2025-01-17 09:44:39+00:00| seen| https://infosec.exchange/users/cve/statuses/113843049497825607 2025-01-17 09:56:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2111 2025-01-17 10:15:29+00:00| seen|...

CVE-2024-12476

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure, impacts workstation integrity and potential remote code execution on the compromised computer, when specific crafted XML file is imported in the Web Designer configuration...

CVE-2024-12476

CVE-2024-12476 affects Schneider Electric Web Designer configuration tool. The defect is an XML External Entity (XXE) reference vulnerability (CWE-611) in the XML import path, leading to information disclosure, potential workstation integrity impact, and possible remote code execution on the comp...

CVE-2024-12476

CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure, impacts workstation integrity and potential remote code execution on the compromised computer, when specific crafted XML file is imported in the Web Designer configuration...

CVE-2018-12476

creationtimestamp| type| source ---|---|--- 2020-01-27 12:37:37+00:00| seen| https://t.me/cveNotify/441...

CVE-2018-12476

CVE-2018-12476 affects SUSE/OpenSUSE packages: obs-service-tar_scm in SLE-15/openSUSE Factory. The issue is a Relative Path Traversal via the outfilename parameter that could allow a remote attacker with repository control to overwrite files on the local user’s machine. Affected versions are OBS-...

CVE-2019-12476

An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. The attack uses a long sequence of crafted keyboa...

CVE-2019-12476

Zoho ManageEngine ADSelfService Plus prior to version 5.0.6 contains an authentication bypass in the password-reset flow that enables a local attacker with physical access to obtain a SYSTEM shell via the restricted thick client browser by supplying a crafted sequence of keyboard input. The issue...

openSUSE Security Update : obs-service-tar_scm (openSUSE-2019-326)

This update for obs-service-tarscm fixes the following issues : Security vulnerabilities addressed : - CVE-2018-12473: Fixed a path traversal issue, which allowed users to access files outside of the repository using relative paths bsc1105361 - CVE-2018-12474: Fixed an issue whereby crafted servi...

openSUSE: Security Advisory for obs-service-tar_scm (openSUSE-SU-2019:0326-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2017-12476

The vulnerability CVE-2017-12476 affects the Bento4 mp4dump tool (Core/Ap4AvccAtom.cpp, AP4_AvccAtom::InspectFields). A crafted MP4 file can trigger a NULL pointer dereference, leading to a denial of service or application crash. The description appears consistently across multiple sources (NVD, ...