Lucene search
K

21 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-12564

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service...

6.5CVSS6.2AI score0.01066EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 6:53 a.m.6 views

CVE-2024-12564

Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to understand more things...

6.9CVSS6.7AI score0.00647EPSS
Exploits0References1
NVD
NVD
added 2024/12/12 8:15 a.m.17 views

CVE-2024-12564

Exposure of Sensitive Information to an Unauthorized Actor vulnerability was discovered in Open Design Alliance CDE inWEB SDK before 2025.3. Installing CDE Server with default settings allows unauthorized users to visit prometheus metrics page. This can allow attackers to understand more things...

6.9CVSS0.00647EPSS
Exploits0References1
Circl
Circl
added 2024/12/12 7:47 a.m.12 views

CVE-2024-12564

creationtimestamp| type| source ---|---|--- 2024-12-12 07:47:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113638746073551647 2024-12-12 09:39:00+00:00| seen| https://t.me/cvedetector/12753...

6.9CVSS4.8AI score0.00647EPSS
Exploits0References2
CVE
CVE
added 2024/12/12 7:41 a.m.56 views

CVE-2024-12564

CVE-2024-12564 affects Open Design Alliance CDE inWEB SDK prior to 2025.3. The vulnerability arises from default CDE Server settings that allow unauthorized users to access the Prometheus metrics page, exposing information about the target application. Impact is described as exposure of sensitive...

6.9CVSS6.4AI score0.00647EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/07/03 12:0 a.m.34 views

Oracle Linux 8 : kubernetes (ELSA-2023-12564)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12564 advisory. - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.25.11 - CVE-2023-27496 - CVE-2023-27488 - CVE-2023-27493 - CVE-2023-27492 - CVE-2023-27491 -...

10CVSS6.8AI score0.02701EPSS
Exploits9References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:41 a.m.4 views

SUSE CVE-2017-12564

In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service...

5.3CVSS6.6AI score0.01066EPSS
Exploits0References5
NVD
NVD
added 2022/12/30 10:15 p.m.12 views

CVE-2020-12564

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

Exploits0
Cvelist
Cvelist
added 2019/06/02 11:7 p.m.23 views

CVE-2019-12564

In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the database backup file via a brute-force guessing approach for data/backup/DyyyymmddThhmmss.sql filenames...

9.4AI score0.02011EPSS
Exploits1References1
CVE
CVE
added 2019/06/02 11:7 p.m.47 views

CVE-2019-12564

CVE-2019-12564 affects DouCo DouPHP v1.5 Release 20190516. The issue allows remote attackers to view database backups by brute-forcing filenames data/backup/DyyyymmddThhmmss.sql, leading to partial/backup data exposure. Connected Red Hat and NVD entries corroborate the vulnerability description; ...

9.8CVSS9.3AI score0.02011EPSS
Exploits1References1Affected Software1
OpenVAS
OpenVAS
added 2018/07/09 12:0 a.m.20 views

Debian: Security Advisory (DLA-1404-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.01504EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/06/29 12:0 a.m.29 views

Debian DLA-1404-1 : lava-server security update

CVE-2018-12564 Using the feature to add URLs in the submit page, a user might be able to read any file on the server that is readable by lavaserver and consists of valid yaml. So with this patch the feature is disabled again. For Debian 8 'Jessie', these problems have been fixed in version...

6.5CVSS6.5AI score0.01504EPSS
Exploits0References3
Debian
Debian
added 2018/06/28 8:7 p.m.31 views

[SECURITY] [DLA 1404-1] lava-server security update

Package : lava-server Version : 2014.09.1-1+deb8u1 CVE ID : CVE-2018-12564 CVE-2018-12564 Using the feature to add URLs in the submit page, a user might be able to read any file on the server that is readable by lavaserver and consists of valid yaml. So with this patch the feature is disabled...

6.5CVSS7AI score0.01504EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/06/25 12:0 a.m.26 views

Debian DSA-4234-1 : lava-server - security update

Two vulnerabilities were discovered in LAVA, a continuous integration system for deploying operating systems for running tests, which could result in information disclosure of files readable by the lavaserver system user or the execution of arbitrary code via a XMLRPC call. C Tenable Network...

8.8CVSS7.3AI score0.02471EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2018/06/19 9:38 p.m.12 views

uscutter.com XSS vulnerability

Open Bug Bounty ID: OBB-634144 Description| Value ---|--- Affected Website:| uscutter.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
CVE
CVE
added 2018/06/19 5:0 a.m.75 views

CVE-2018-12564

CVE-2018-12564 affects LAVA (lava-server) where support for URLs in the submit page can be abused to force lava-server-gunicorn to read arbitrary server files readable by lavaserver and containing valid YAML. Impact per the sources is information disclosure (no explicit compromise of integrity/av...

6.5CVSS6.4AI score0.01504EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/01/19 12:0 a.m.45 views

SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:0130-1)

This update for ImageMagick fixes several issues. These security issues were fixed : - CVE-2018-5246: Fixed memory leak vulnerability in ReadPATTERNImage in coders/pattern.c bsc1074973 - CVE-2017-18022: Fixed memory leak vulnerability in MontageImageCommand in MagickWand/montage.c bsc1074975 -...

8.8CVSS6.3AI score0.03688EPSS
Exploits5References64
OSV
OSV
added 2018/01/18 10:37 a.m.8 views

SUSE-SU-2018:0132-1 Security update for ImageMagick

This update for ImageMagick fixes several issues. These security issues were fixed: - CVE-2017-12672: Fixed a memory leak vulnerability in the function ReadMATImage in coders/mat.c, which allowed attackers to cause a denial of service bsc1052720. - CVE-2017-13060: Fixed a memory leak vulnerabilit...

8.8CVSS7.1AI score0.03688EPSS
Exploits10References63
UbuntuCve
UbuntuCve
added 2017/08/05 6:29 p.m.25 views

CVE-2017-12564

In ImageMagick 7.0.6-2, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allows attackers to cause a denial of service...

6.5CVSS6.6AI score0.01066EPSS
Exploits0References1
CVE
CVE
added 2017/08/05 6:0 p.m.84 views

CVE-2017-12564

CVE-2017-12564 is an ImageMagick memory-leak vulnerability in ReadMATImage (coders/mat.c) that can lead to denial of service. The linked OpenVAS/OSV entries indicate this CVE was addressed in ImageMagick updates (notably SUSE openSUSE/SLE/SLES advisories) with fixes across the MAT handling path, ...

6.5CVSS6.8AI score0.01066EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder