13 matches found
CVE-2020-12532
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...
Default credentials
A vulnerability has been identified in Solid Edge SE2020 All versions SE2020MP13, Solid Edge SE2021 All Versions SE2021MP4. Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the end of an allocated structure...
CVE-2019-12532
Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version 3.025.28,...
CVE-2019-12532
Insyde software tools (H2OFFT 3.02–5.28; 100.00.00.00–100.00.08.23; 200.00.00.01–200.00.00.05; H2OOAE <200.00.00.02; H2OSDE <200.00.00.07; H2OUVE <200.00.02.02; H2OPCM <100.00.06.00; H2OELV
CVE-2018-12532
JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language EL variable mapper and execute arbitrary Java code via a MediaOutputResource's resource request, aka RF-14309...
CVE-2018-12532
JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language EL variable mapper and execute arbitrary Java code via a MediaOutputResource's resource request, aka RF-14309...
CVE-2018-12532
JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language EL variable mapper and execute arbitrary Java code via a MediaOutputResource's resource request, aka RF-14309...
CVE-2018-12532
JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language EL variable mapper and execute arbitrary Java code via a MediaOutputResource's resource request, aka RF-14309...
CVE-2018-12532
CVE-2018-12532 affects JBoss RichFaces 4.5.3 through 4.5.17. It allows unauthenticated remote attackers to inject an arbitrary Expression Language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResource’s resource request (RF-14309). This is a server-side code execution ris...
CVE-2017-12532
HPE Intelligent Management Center PLAT 7.3 (E0504) contains a remote code execution vulnerability due to Expression Language injection in faultInfo_content.jsf (beanName handling). This allows an attacker to execute arbitrary code on the target, with network access and low privileges. The issue i...
CVE-2025-12532
...
CVE-2025-12532
CVE-2025-12532 is rejected and not used as stated.
CVE-2020-12532
CVE-2020-12532 is rejected/not used; this candidate number is unused by its CNA.