CVE-2025-12575

creationtimestamp| type| source ---|---|--- 2026-02-11 13:55:15+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3melmweqeno2j...

CVE-2025-12575 Server-Side Request Forgery (SSRF) in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user with certain permissions to make unauthorized requests to internal network services throug...

CVE-2025-12575

GitLab has remediated an issue in GitLab EE affecting all versions from 18.0 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user with certain permissions to make unauthorized requests to internal network services throug...

CVE-2024-12575

creationtimestamp| type| source ---|---|--- 2025-08-16 03:04:20+00:00| seen| Telegram/xSyg2yeNVCc4LJo3xGkllcF5-5sMXRXapZvqMsspuvev2A...

CVE-2019-12575

A vulnerability in the London Trust Media Private Internet Access PIA VPN Client v82 for Linux could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The rootrunner.64 binary is setuid root. This binary executes /opt/pia/ruby/64/ruby, which in turn attempts t...

CVE-2020-12575

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

JVN#38248512: Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2

Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2 provided by NEC Corporation contain multiple vulnerabilities listed below. Aterm WF800HP: Cross-site Scripting CWE-79 - CVE-2021-20620 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N| Base Score: 6.1 CVSS...

CVE-2019-12575

CVE-2019-12575 affects the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux. The root_runner.64 binary is setuid root and executes /opt/pia/ruby/64/ruby, which loads libraries under /tmp/ruby-deploy.old/lib. A local unprivileged user can place a malicious library in that ...

CVE-2017-12575

CVE-2017-12575 affects NEC Aterm WG2600HP2 (and related WG2600HP variants). Connected sources describe an improper access control issue where web service APIs for the device configuration do not require authentication, allowing an attacker to retrieve sensitive data (e.g., DHCP clients, firmware ...

CVE-2018-12575

The CVE-2018-12575 entry concerns TP-Link TL-WR841N v13 devices (firmware 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n). Multiple connected records describe an authentication bypass in the router’s web interface: an unauthenticated attacker can send HTTP requests to CGI scripts to bypass login and ...

CVE-2018-12575

On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request...

QEMU Divide By Zero Denial of Service Vulnerability (CNVD-2016-12575)

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in QEMU Divide By Zero. An attacker exploiting this vulnerability could crash the Qemu process on the...

SuSE9 Security Update : pango (YOU Patch Number 12575)

A long glyph string can trigger a heap-based buffer overflow in pango. CVE-2009-1194 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid44591; scriptversion"1.10";...

Fedora Core 11 FEDORA-2009-12575 (cacti)

The remote host is missing an update to cacti announced via advisory FEDORA-2009-12575. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

CVE-2020-12575

The CVE-2020-12575 entry is rejected/not used and does not represent an active vulnerability entry.