CVE-2019-12577

A vulnerability in the London Trust Media Private Internet Access PIA VPN Client v82 for macOS could allow an authenticated, local attacker to run arbitrary code with elevated privileges. The macOS binary openvpnlauncher.64 is setuid root. This binary creates /tmp/piaupscript.sh when executed...

WordPress Listar – Directory Listing & Classifieds WordPress plugin plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Listing Update vulnerability

Missing Authorization to Authenticated Subscriber+ Listing Update vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Listar – Directory Listing & Classifieds versions = 3.0.0...

CVE-2024-12577

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

CVE-2024-12577

creationtimestamp| type| source ---|---|--- 2025-02-22 15:20:12+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5027 2025-02-22 17:56:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lirveiepsi23 2025-02-22 19:10:23+00:00| seen| https://t.me/cvedetector/18733...

CVE-2024-12577 GPU DDK - rgxfw_pcset_ungrab OOB write via psFWMemContext->uiPageCatBaseRegSet

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

CVE-2024-12577 GPU DDK - rgxfw_pcset_ungrab OOB write via psFWMemContext->uiPageCatBaseRegSet

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

CVE-2020-12577

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none...

CVE-2018-12577

creationtimestamp| type| source ---|---|--- 2021-01-26 20:49:27+00:00| seen| https://t.me/cibsecurity/22651...

CVE-2020-35576

A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 JP with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577...

CVE-2017-12577

An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password "admin:password" is used in the Android application that allows attackers to use a hidden API URL "/goform/SystemCommand" to execute any command with root permission...

CVE-2017-12577

CVE-2017-12577 affects PLANEX CS-QR20 (version 1.30). The Android app ships a hardcoded credential (admin:password) that can be used to access a hidden API URL /goform/SystemCommand, enabling an attacker to execute arbitrary commands with root privileges. This is tied to the Web UI component and ...

CVE-2018-12577

The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection...

CVE-2018-12577

CVE-2018-12577 affects TP-Link TL-WR841N v13 devices (firmware 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n). The Ping and Traceroute features are susceptible to authenticated blind command injection due to unsanitized user input being incorporated into commands. An authenticated attacker can execu...

CVE-2020-12577

CVE-2020-12577 entry is rejected/not used and does not represent an active vulnerability.