23 matches found
CVE-2017-12584
There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. Also, an entire user profile including the password can be updated without sending the current password. This allows remote attackers to trick a user into changing to an attacker-controlled password, a complete account takeover, via the...
CVE-2025-12584
The Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.17 via the 'wqvpopupcontent' AJAX endpoint due to insufficient restrictions on which products can be included. This makes it possible for unauthenticated attackers t...
Linux Distros Unpatched Vulnerability : CVE-2018-12584
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of servi...
MAL-2025-12584 Malicious code in @zalastax/nolb-node-- (npm)
The package @zalastax/nolb-node-- was found to contain malicious code...
CVE-2019-12584
Apcupsd 0.3.915, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsdstatus.php...
CVE-2024-12584
creationtimestamp| type| source ---|---|--- 2025-01-08 06:43:24+00:00| seen| https://infosec.exchange/users/cve/statuses/113791376022240183 2025-01-08 06:47:09+00:00| seen| https://infosec.exchange/users/cve/statuses/113791390788597629 2025-01-08 07:15:50+00:00| seen|...
CVE-2024-12584 140+ Widgets | Xpro Addons For Elementor – FREE <= 1.4.6.2 - Authenticated (Contributor+) Post Disclosure via Post Duplication
The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6.2 via the 'duplicate' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to...
CVE-2024-12584
CVE-2024-12584 affects the WordPress plugin 140+ Widgets | Xpro Addons For Elementor – FREE. The vulnerability is in the duplicate function and affects all versions up to 1.4.6.2, allowing authenticated attackers with Contributor-level access or higher to expose sensitive information from draft, ...
Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12584)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12584 advisory. - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879157 CVE-2024-41090 CVE-2024-41091 Tenable has extracted the preceding descripti...
Moderate: Red Hat Bug Fix Advisory: Multicluster Engine for Kubernetes 2.5.5 bug fix updates
Multicluster Engine for Kubernetes 2.5.5 General Availability release images, which fix bugs and update container images. Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data...
Debian: Security Advisory (DLA-2865-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2865-1 : resiprocate - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2865 advisory. - The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service memory...
CVE-2019-12584
Apcupsd 0.3.915, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsdstatus.php...
CVE-2018-12584
creationtimestamp| type| source ---|---|--- 2018-08-09 00:39:34+00:00| published-proof-of-concept| https://t.me/VulnerabilityNews/575...
reSIProcate 1.10.2 Heap Overflow Exploit
Exploit for multiple platform in category dos / poc CVE ID: CVE-2018-12584 TIMELINE Bug report with test code sent to main reSIProcate developers: 2018-06-15 Patch created by Scott Godin: 2018-06-18 CVE ID assigned: 2018-06-19 Patch committed to reSIProcate repository: 2018-06-21 Advisory first...
reSIProcate 1.10.2 - Heap Overflow
reSIProcate 1.10.2 - Heap Overflow ''' CVE ID: CVE-2018-12584 TIMELINE Bug report with test code sent to main reSIProcate developers: 2018-06-15 Patch created by Scott Godin: 2018-06-18 CVE ID assigned: 2018-06-19 Patch committed to reSIProcate repository: 2018-06-21 Advisory first published on...
reSIProcate 1.10.2 Heap Overflow
CVE ID: CVE-2018-12584 TIMELINE Bug report with test code sent to main reSIProcate developers: 2018-06-15 Patch created by Scott Godin: 2018-06-18 CVE ID assigned: 2018-06-19 Patch committed to reSIProcate repository: 2018-06-21 Advisory first published on website: 2018-06-22 Advisory sent to...
[SECURITY] [DLA 1439-1] resiprocate security update
Package : resiprocate Version : 1:1.9.7-5+deb8u1 CVE ID : CVE-2017-11521 CVE-2018-12584 CVE-2018-12584 A flaw in function ConnectionBase::preparseNewBytes of resip/stack/ConnectionBase.cxx has been detected, that allows remote attackers to cause a denial of service buffer overflow or possibly...
Debian: Security Advisory (DLA-1439-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-12584
The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service buffer overflow or possibly execute arbitrary code when TLS communication is enabled...