17 matches found
CVE-2018-12642
Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user...
CVE-2020-12642
An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import...
CVE-2025-12642
creationtimestamp| type| source ---|---|--- 2025-11-03 21:59:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4qzeaxwsa2x...
CVE-2025-12642
lighttpd1.4.80 incorrectly merged trailer fields into headers after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggling attacks. Successful exploitation may allow an attacker to: Bypass access control rules Inject unsafe input into backend logic that trusts reque...
CVE-2025-12642 HTTP Header Smuggling via Trailer Merge
lighttpd1.4.80 incorrectly merged trailer fields into headers after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggling attacks. Successful exploitation may allow an attacker to: Bypass access control rules Inject unsafe input into backend logic that trusts reque...
Linux Distros Unpatched Vulnerability : CVE-2017-12642
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\mpc.c. CVE-2017-12642 Note that Nessus relies on the presence of the package as...
CVE-2024-12642
creationtimestamp| type| source ---|---|--- 2024-12-16 08:58:50+00:00| seen| https://t.me/cvedetector/12969...
CVE-2024-12642
TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could use these APIs...
CVE-2024-12642 Chunghwa Telecom TenderDocTransfer - Arbitrary File Write
TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could use these APIs...
CVE-2024-12642 Chunghwa Telecom TenderDocTransfer - Arbitrary File Write
TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could use these APIs...
CVE-2024-12642
TenderDocTransfer from Chunghwa Telecom is affected by an Arbitrary File Write vulnerability, with a Relative Path Traversal in one API. The issue arises from CSRF protection gaps allowing unauthenticated remote attackers to abuse APIs (e.g., via phishing) and write arbitrary files to paths on a ...
Reolink Rlc-410W Denial of Service Vulnerability (CNVD-2022-12642)
Reolink Rlc-410W is a Wifi security camera from Reolink China.A security vulnerability exists in Reolink RLC-410W, which can be exploited by attackers to cause a reboot via a crafted HTTP request...
CVE-2020-12642
A vulnerability (CVE-2020-12642) affects Report Portal’s service-api prior to 4.3.12 and 5.x prior to 5.1.1. The issue is an XML External Entity (XXE) vulnerability in the JUnit XML launch import feature, enabling secrets disclosure and server-side request forgery (SSRF). Impact details are that ...
CVE-2018-12642
Froxlor up to version 0.9.39.5 contains an Incorrect Access Control issue where tickets can be accessed by users who do not own them. The connected Red Hat, SUSE, GHSA, OSV, and CVE records corroborate this vulnerability family. The description does not provide root-cause details or a vendor patc...
SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:0055-1)
This update for ImageMagick fixes several issues. These security issues were fixed : - CVE-2017-1000476: A CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allowed attackers to cause a denial of service bsc1074610. - CVE-2017-9409: The ReadMPCImage functio...
Fedora Update for techne FEDORA-2017-8f27031c8f
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE9 Security Update : libpng (YOU Patch Number 12642)
Specially crafted png files could cause crashes or even execution of arbitrary code in applications using libpng to process such files. CVE-2010-1205, CVE-2010-2249 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...