Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:37 a.m.9 views

CVE-2017-12584

There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. Also, an entire user profile including the password can be updated without sending the current password. This allows remote attackers to trick a user into changing to an attacker-controlled password, a complete account takeover, via the...

8.8CVSS7AI score0.0093EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/28 11:9 a.m.9 views

CVE-2025-12584

The Quick View for WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.17 via the 'wqvpopupcontent' AJAX endpoint due to insufficient restrictions on which products can be included. This makes it possible for unauthenticated attackers t...

5.3CVSS6AI score0.00223EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-12584

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of servi...

9.8CVSS7.2AI score0.24589EPSS
Exploits5References2
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-12584 Malicious code in @zalastax/nolb-node-- (npm)

The package @zalastax/nolb-node-- was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:32 a.m.5 views

CVE-2019-12584

Apcupsd 0.3.915, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsdstatus.php...

6.1CVSS6.1AI score0.02558EPSS
Exploits0References1
Circl
Circl
added 2025/01/08 6:43 a.m.23 views

CVE-2024-12584

creationtimestamp| type| source ---|---|--- 2025-01-08 06:43:24+00:00| seen| https://infosec.exchange/users/cve/statuses/113791376022240183 2025-01-08 06:47:09+00:00| seen| https://infosec.exchange/users/cve/statuses/113791390788597629 2025-01-08 07:15:50+00:00| seen|...

6.5CVSS8.7AI score0.00355EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/01/08 6:41 a.m.30 views

CVE-2024-12584 140+ Widgets | Xpro Addons For Elementor – FREE <= 1.4.6.2 - Authenticated (Contributor+) Post Disclosure via Post Duplication

The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6.2 via the 'duplicate' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

4.3CVSS0.00355EPSS
Exploits0References2
CVE
CVE
added 2025/01/08 6:41 a.m.48 views

CVE-2024-12584

CVE-2024-12584 affects the WordPress plugin 140+ Widgets | Xpro Addons For Elementor – FREE. The vulnerability is in the duplicate function and affects all versions up to 1.4.6.2, allowing authenticated attackers with Contributor-level access or higher to expose sensitive information from draft, ...

6.5CVSS4.5AI score0.00355EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/08/13 12:0 a.m.61 views

Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12584)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12584 advisory. - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879157 CVE-2024-41090 CVE-2024-41091 Tenable has extracted the preceding descripti...

9.8CVSS7.3AI score0.02701EPSS
Exploits2References52
RedHat Linux
RedHat Linux
added 2024/07/10 3:0 p.m.14 views

Moderate: Red Hat Bug Fix Advisory: Multicluster Engine for Kubernetes 2.5.5 bug fix updates

Multicluster Engine for Kubernetes 2.5.5 General Availability release images, which fix bugs and update container images. Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data...

7.5CVSS6.6AI score0.01471EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2021/12/30 12:0 a.m.17 views

Debian: Security Advisory (DLA-2865-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.24589EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2021/12/29 12:0 a.m.35 views

Debian DLA-2865-1 : resiprocate - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2865 advisory. - The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service memory...

9.8CVSS8.4AI score0.24589EPSS
Exploits5References8
Debian CVE
Debian CVE
added 2019/06/03 2:27 a.m.20 views

CVE-2019-12584

Apcupsd 0.3.915, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an XSS issue in apcupsdstatus.php...

6.1CVSS6.6AI score0.02558EPSS
Exploits0
Circl
Circl
added 2018/08/09 12:39 a.m.7 views

CVE-2018-12584

creationtimestamp| type| source ---|---|--- 2018-08-09 00:39:34+00:00| published-proof-of-concept| https://t.me/VulnerabilityNews/575...

9.8CVSS8.6AI score0.24589EPSS
Exploits5References1
0day.today
0day.today
added 2018/08/09 12:0 a.m.69 views

reSIProcate 1.10.2 Heap Overflow Exploit

Exploit for multiple platform in category dos / poc CVE ID: CVE-2018-12584 TIMELINE Bug report with test code sent to main reSIProcate developers: 2018-06-15 Patch created by Scott Godin: 2018-06-18 CVE ID assigned: 2018-06-19 Patch committed to reSIProcate repository: 2018-06-21 Advisory first...

0.1AI score0.24589EPSS
Exploits5
exploitpack
exploitpack
added 2018/08/09 12:0 a.m.59 views

reSIProcate 1.10.2 - Heap Overflow

reSIProcate 1.10.2 - Heap Overflow ''' CVE ID: CVE-2018-12584 TIMELINE Bug report with test code sent to main reSIProcate developers: 2018-06-15 Patch created by Scott Godin: 2018-06-18 CVE ID assigned: 2018-06-19 Patch committed to reSIProcate repository: 2018-06-21 Advisory first published on...

7.5CVSS0.7AI score0.24589EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/08/08 12:0 a.m.51 views

reSIProcate 1.10.2 Heap Overflow

CVE ID: CVE-2018-12584 TIMELINE Bug report with test code sent to main reSIProcate developers: 2018-06-15 Patch created by Scott Godin: 2018-06-18 CVE ID assigned: 2018-06-19 Patch committed to reSIProcate repository: 2018-06-21 Advisory first published on website: 2018-06-22 Advisory sent to...

5CVSS0.6AI score0.24589EPSS
Exploits5
Debian
Debian
added 2018/07/24 8:13 p.m.59 views

[SECURITY] [DLA 1439-1] resiprocate security update

Package : resiprocate Version : 1:1.9.7-5+deb8u1 CVE ID : CVE-2017-11521 CVE-2018-12584 CVE-2018-12584 A flaw in function ConnectionBase::preparseNewBytes of resip/stack/ConnectionBase.cxx has been detected, that allows remote attackers to cause a denial of service buffer overflow or possibly...

9.8CVSS9.6AI score0.24589EPSS
Exploits5
OpenVAS
OpenVAS
added 2018/07/24 12:0 a.m.24 views

Debian: Security Advisory (DLA-1439-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.24589EPSS
Exploits5References3
Cvelist
Cvelist
added 2018/07/16 8:0 p.m.45 views

CVE-2018-12584

The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service buffer overflow or possibly execute arbitrary code when TLS communication is enabled...

9.8AI score0.24589EPSS
Exploits5References7
Rows per page
Query Builder