28 matches found
CVE-2025-12550
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes OchaHouse ochahouse allows PHP Local File Inclusion.This issue affects OchaHouse: from n/a through = 2.2.8...
CVE-2025-12550
creationtimestamp| type| source ---|---|--- 2026-01-08 11:11:56+00:00| seen| https://gist.github.com/Darkcrai86/8bd26f29023f2b4588c10b6d8be07eba 2026-01-08 20:17:03+00:00| published-proof-of-concept| Telegram/RkjRPVBdFl3Hoeg9hsolv65psYfRscti9PTfLQmu6kcQFxo...
CVE-2024-12550
Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerabili...
CVE-2024-12550
The CVE-2024-12550 issue affects Tungsten Automation Power PDF, arising from the JP2 parsing module. It is a read past end of an allocated object (out-of-bounds read) that can disclose sensitive information. Exploitation requires user interaction (visit a page or open a file). Some sources sugges...
CVE-2024-12550 Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerabili...
CVE-2024-12550 Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerabili...
Mozilla Firefox Code Execution Vulnerability (CNVD-2024-12550)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A code execution vulnerability exists in Mozilla Firefox, which can be exploited by attackers to execute arbitrary code or cause a denial of service on a vulnerable system using unknown attack vectors...
BELL-CVE-2018-12550 CVE-2018-12550 does not affect BellSoft software
Bulletin has no description...
SUSE CVE-2018-12550
When Eclipse Mosquitto version 1.0 to 1.5.5 inclusive is configured to use an ACL file, and that ACL file is empty, or contains only comments or blank lines, then Mosquitto will treat this as though no ACL file has been defined and use a default allow policy. The new behaviour is to have an empty...
CVE-2020-12550
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...
Debian: Security Advisory (DLA-1972-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1972-1] mosquitto security update
Package : mosquitto Version : 1.3.4-2+deb8u4 CVE ID : CVE-2017-7655 CVE-2018-12550 CVE-2018-12551 CVE-2019-11779 Several issues have been found in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker. CVE-2017-7655 A Null dereference vulnerability in the Mosquitto library could lead to...
CVE-2019-12550
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET...
CVE-2019-12550
CVE-2019-12550 affects WAGO Industrial Managed Switches 852-303, 852-1305, and 852-1505. The vulnerability is due to use of hard-coded credentials that allow an attacker to log in with root privileges over SSH/TELNET, enabling full OS compromise. Affected firmware branches are: 852-303 before FW0...
WAGO Industrial Managed Switches 852-303, 852-1305, and 852-1505
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : WAGO Equipment : Industrial Managed Switches 852-303, 852-1305, and 852-1505 Vulnerabilities : Use of Hard-coded Credentials, Use of Hard-coded Cryptographic Key, Using Components with Known...
WAGO 852 Industrial Managed Switch Series Code Execution / Hardcoded Credentials
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: WAGO 852 Industrial Managed Switch Series vulnerable version: 852-303: v1.2.2.S0 852-1305: v1.1.6.S0 852-1505: v1.1.5.S0 fixed version:...
CVE-2018-12550
When Eclipse Mosquitto version 1.0 to 1.5.5 inclusive is configured to use an ACL file, and that ACL file is empty, or contains only comments or blank lines, then Mosquitto will treat this as though no ACL file has been defined and use a default allow policy. The new behaviour is to have an empty...
CVE-2018-12550
When Eclipse Mosquitto version 1.0 to 1.5.5 inclusive is configured to use an ACL file, and that ACL file is empty, or contains only comments or blank lines, then Mosquitto will treat this as though no ACL file has been defined and use a default allow policy. The new behaviour is to have an empty...
CVE-2018-12550
CVE-2018-12550 affects Eclipse Mosquitto 1.0–1.5.5 when an ACL file is configured but empty or only comments/blank lines, causing the broker to treat the file as defined and switch from a default deny to a default allow policy. Public disclosures in connected docs confirm the vulnerability behavi...
openSUSE Security Update : mosquitto (openSUSE-2019-233)
This update for mosquitto fixes the following issues : Security issues fixed : - CVE-2018-12546: Fixed an issue with revoked access to topics bsc1125019. - CVE-2018-12551: Fixed an issue which allowed malformed data in the password file to be treated as valid bsc1125020. - CVE-2018-12550: Fixed a...