Linux Distros Unpatched Vulnerability : CVE-2026-12505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a...

CVE-2026-12505

creationtimestamp| type| source ---|---|--- 2026-06-18 20:39:41+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3moloqiiwuc2g...

UBUNTU-CVE-2026-12505

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

SUSE CVE-2026-12505

A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low privileged attacker can exploit this by using a crafted requestkey payload to trick the root-own...

CVE-2019-12505

Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP1001 v1.3C is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target system is unattended. In...

CVE-2025-12505

creationtimestamp| type| source ---|---|--- 2025-12-06 05:09:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7cad4ynyv2q...

CVE-2025-12505

CVE-2025-12505 weDocs (WordPress) : The weDocs plugin

WordPress weDocs plugin <= 2.1.14 - Missing Authorization to Settings Update vulnerability

Missing Authorization to Settings Update vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin weDocs versions = 2.1.14...

CVE-2024-12505 Trackserver <= 5.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Trackserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tsmap' shortcode in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-12505 Trackserver <= 5.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Trackserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tsmap' shortcode in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-12505

CVE-2024-12505 affects Trackserver plugin for WordPress; stored XSS via the tsmap shortcode in all versions up to 5.0.2 due to insufficient input sanitization and output escaping on user attributes. Exploitation requires authenticated access (contributor+); an attacker can inject scripts that run...

Wago 750-8XX series Improper Authentication (CVE-2020-12505)

Improper Authentication vulnerability in WAGO 750-8XX series with FW version = FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO...

CVE-2020-12505

creationtimestamp| type| source ---|---|--- 2020-09-30 20:52:09+00:00| seen| https://t.me/cibsecurity/14958...

CVE-2020-12505

The CVE-2020-12505 entry describes an Improper Authentication vulnerability in the WAGO 750-8XX series where FW versions

CVE-2019-12505

CVE-2019-12505 affects Inateck WP1001 wireless presenter (Rev. v1.3C). The issue arises from unencrypted and unauthenticated data communication over the 2.4 GHz link, enabling a remote attacker to perform keystroke injection and send arbitrary keystrokes to a victim’s computer when the target is ...

CVE-2017-12505

A Remote Code Execution vulnerability in HPE Intelligent Management Center iMC PLAT version PLAT 7.3 E0504 was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 E0506 or any subsequent version...

CVE-2017-12505

CVE-2017-12505 is an RCE in HPE iMC PLAT 7.3 (E0504) that allows remote code execution via vulnerable handling in iMC’s components; HP fixed it in PLAT v7.3 (E0506) or later. Connected sources (e.g., ZDI-17-668) describe an iccSelectCommand expression language issue that requires authentication (...

SuSE9 Security Update : mutt (YOU Patch Number 12505)

This update of mutt improves the handling of the \0 character in SSL certificates. CVE-2009-2408 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41326;...