Lucene search
K

22 matches found

VulnCheck KEV
VulnCheck KEV
added 2026/04/15 12:0 a.m.7 views

VulnCheck KEV: CVE-2025-12548

A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration SSH keys, tokens, etc. from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API exposed on TCP port 3333...

9CVSS6.1AI score0.01164EPSS
In wildExploits2References6
Metasploit
Metasploit
added 2026/03/25 6:58 p.m.207 views

Eclipse Che machine-exec Unauthenticated RCE

This module exploits an unauthenticated remote code execution vulnerability in the Eclipse Che machine-exec service CVE-2025-12548. The machine-exec service, exposed on port 3333 within Red Hat OpenShift DevSpaces developer workspace containers, accepts WebSocket connections without authenticatio...

9CVSS6.6AI score0.01164EPSS
Exploits2
Circl
Circl
added 2026/01/13 6:13 p.m.3 views

CVE-2025-12548

creationtimestamp| type| source ---|---|--- 2026-01-13 18:13:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcd5t7r76g2f 2026-01-13 18:14:26+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcd5v4dvbv2v 2026-01-14 14:33:11+00:00| seen|...

9CVSS5.7AI score0.01164EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2025/12/02 9:45 p.m.7 views

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.1 Release.

Red Hat OpenShift Dev Spaces 3.23.1 has been released. This release addresses CVE-2025-12548 'Eclipse Che — unauthenticated RCE and secret exfiltration via TCP/3333'...

9CVSS5.7AI score0.01164EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2025/12/02 3:28 p.m.5 views

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.24.1 Release.

Red Hat OpenShift Dev Spaces 3.24.1 has been released. This release addresses CVE-2025-12548 'Eclipse Che — unauthenticated RCE and secret exfiltration via TCP/3333'...

9CVSS5.7AI score0.01164EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2025/12/02 3:22 p.m.7 views

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.22.1 Release.

Red Hat OpenShift Dev Spaces 3.22.1 has been released. This release addresses CVE-2025-12548 'Eclipse Che — unauthenticated RCE and secret exfiltration via TCP/3333'...

9CVSS5.7AI score0.01164EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/12/02 8:1 a.m.6 views

CVE-2025-12548

No description is available for this CVE. Mitigation Apply the security best practices from the Red Hat OpenShift Dev Spaces Administration Guide: https://docs.redhat.com/en/documentation/redhatopenshiftdevspaces/3.24/html/administrationguide/security-best-practices...

9CVSS6.7AI score0.01164EPSS
Exploits2References3
NVD
NVD
added 2025/02/11 8:15 p.m.12 views

CVE-2024-12548

Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability i...

3.3CVSS0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/11 7:24 p.m.18 views

CVE-2024-12548 Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability

Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability i...

3.3CVSS0.00338EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/11 7:24 p.m.13 views

CVE-2024-12548 Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability

Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability i...

3.3CVSS3.5AI score0.00338EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/07/24 12:0 a.m.28 views

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2024-12548)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12548 advisory. 4.14.35-2047.538.5.1 - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36660755 Tenable has extracted the preceding description block...

7.1CVSS6.9AI score0.00256EPSS
Exploits0References3
NVD
NVD
added 2022/12/30 10:15 p.m.5 views

CVE-2020-12548

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

Exploits0
CVE
CVE
added 2019/06/03 8:38 p.m.99 views

CVE-2019-12548

Bludit before 3.9.0 is vulnerable to remote code execution by an authenticated user who uploads a PHP file while changing the site logo via /admin/ajax/upload-logo. Root cause: an upload path/permission issue allows execution of injected PHP. A fix is available in Bludit 3.9.0 (as referenced by r...

8.8CVSS8.9AI score0.03044EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/01/31 8:29 p.m.19 views

CVE-2018-12548

In OpenJDK + Eclipse OpenJ9 version 0.11.0 builds, the public jdk.crypto.jniprovider.NativeCrypto class contains public static natives which accept pointer values that are dereferenced in the native code...

9.8CVSS9.3AI score0.01134EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/01/31 8:0 p.m.17 views

CVE-2018-12548

In OpenJDK + Eclipse OpenJ9 version 0.11.0 builds, the public jdk.crypto.jniprovider.NativeCrypto class contains public static natives which accept pointer values that are dereferenced in the native code...

9.3AI score0.01134EPSS
Exploits0References1
CVE
CVE
added 2019/01/31 8:0 p.m.37 views

CVE-2018-12548

CVE-2018-12548 affects OpenJDK + Eclipse OpenJ9 0.11.0 builds. The issue lies in the public jdk.crypto.jniprovider.NativeCrypto class, which exposes public static native methods that accept pointer values dereferenced in native code, leading to potential fault/impact described by the CVE. Connect...

9.8CVSS9.2AI score0.01134EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/07/04 12:0 a.m.3 views

Ansible Arbitrary Code Execution Vulnerability (CNVD-2018-12548)

Ansible is a computer system configuration manager from Ansible, Inc. that can be used to publish, manage and orchestrate computer systems. A security vulnerability exists in Ansible. An attacker can exploit this vulnerability to execute arbitrary code...

7.8CVSS7.1AI score0.00485EPSS
Exploits0References1
OSV
OSV
added 2018/02/15 10:29 p.m.4 views

CVE-2017-12548

A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found...

5.6CVSS6AI score0.00416EPSS
Exploits0References3
NVD
NVD
added 2018/02/15 10:29 p.m.18 views

CVE-2017-12548

A local arbitrary command execution vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found...

5.6CVSS5.7AI score0.00416EPSS
Exploits0References3
CVE
CVE
added 2018/02/15 10:0 p.m.80 views

CVE-2017-12548

CVE-2017-12548 affects HPE System Management Homepage (SMH) on Windows and Linux before version 7.6.1. The issue is a local arbitrary command execution vulnerability that can be exploited by an attacker with local access and sufficient privileges to run arbitrary OS commands within SMH. According...

5.6CVSS6.5AI score0.00416EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder