Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:25 p.m.15 views

CVE-2018-12642

Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user...

7.5CVSS6.9AI score0.01398EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:57 a.m.8 views

CVE-2020-12642

An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import...

7.5CVSS6.8AI score0.01349EPSS
Exploits0References1
Circl
Circl
added 2025/11/03 9:59 p.m.6 views

CVE-2025-12642

creationtimestamp| type| source ---|---|--- 2025-11-03 21:59:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4qzeaxwsa2x...

9.1CVSS5.8AI score0.00338EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/11/03 8:17 p.m.3 views

CVE-2025-12642

lighttpd1.4.80 incorrectly merged trailer fields into headers after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggling attacks. Successful exploitation may allow an attacker to: Bypass access control rules Inject unsafe input into backend logic that trusts reque...

9.1CVSS5.9AI score0.00338EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/03 7:36 p.m.3 views

CVE-2025-12642 HTTP Header Smuggling via Trailer Merge

lighttpd1.4.80 incorrectly merged trailer fields into headers after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggling attacks. Successful exploitation may allow an attacker to: Bypass access control rules Inject unsafe input into backend logic that trusts reque...

6.9CVSS6.6AI score0.00338EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-12642

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick 7.0.6-1 has a memory leak vulnerability in ReadMPCImage in coders\mpc.c. CVE-2017-12642 Note that Nessus relies on the presence of the package as...

8.8CVSS7AI score0.01443EPSS
Exploits3References3
Circl
Circl
added 2024/12/16 8:58 a.m.8 views

CVE-2024-12642

creationtimestamp| type| source ---|---|--- 2024-12-16 08:58:50+00:00| seen| https://t.me/cvedetector/12969...

8.1CVSS4.8AI score0.00348EPSS
Exploits0References1
NVD
NVD
added 2024/12/16 7:15 a.m.16 views

CVE-2024-12642

TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could use these APIs...

8.1CVSS0.00348EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/16 6:30 a.m.6 views

CVE-2024-12642 Chunghwa Telecom TenderDocTransfer - Arbitrary File Write

TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could use these APIs...

8.1CVSS7.3AI score0.00348EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/16 6:30 a.m.15 views

CVE-2024-12642 Chunghwa Telecom TenderDocTransfer - Arbitrary File Write

TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection for the APIs, unauthenticated remote attackers could use these APIs...

8.1CVSS0.00348EPSS
Exploits0References2
CVE
CVE
added 2024/12/16 6:30 a.m.70 views

CVE-2024-12642

TenderDocTransfer from Chunghwa Telecom is affected by an Arbitrary File Write vulnerability, with a Relative Path Traversal in one API. The issue arises from CSRF protection gaps allowing unauthenticated remote attackers to abuse APIs (e.g., via phishing) and write arbitrary files to paths on a ...

8.1CVSS8.3AI score0.00348EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/02/09 12:0 a.m.20 views

Reolink Rlc-410W Denial of Service Vulnerability (CNVD-2022-12642)

Reolink Rlc-410W is a Wifi security camera from Reolink China.A security vulnerability exists in Reolink RLC-410W, which can be exploited by attackers to cause a reboot via a crafted HTTP request...

8.6CVSS2.8AI score0.01207EPSS
Exploits1References1
CVE
CVE
added 2020/05/04 3:14 p.m.67 views

CVE-2020-12642

A vulnerability (CVE-2020-12642) affects Report Portal’s service-api prior to 4.3.12 and 5.x prior to 5.1.1. The issue is an XML External Entity (XXE) vulnerability in the JUnit XML launch import feature, enabling secrets disclosure and server-side request forgery (SSRF). Impact details are that ...

7.5CVSS7.4AI score0.01349EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/06/22 12:0 p.m.43 views

CVE-2018-12642

Froxlor up to version 0.9.39.5 contains an Incorrect Access Control issue where tickets can be accessed by users who do not own them. The connected Red Hat, SUSE, GHSA, OSV, and CVE records corroborate this vulnerability family. The description does not provide root-cause details or a vendor patc...

7.5CVSS7.6AI score0.01398EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/01/10 12:0 a.m.53 views

SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2018:0055-1)

This update for ImageMagick fixes several issues. These security issues were fixed : - CVE-2017-1000476: A CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allowed attackers to cause a denial of service bsc1074610. - CVE-2017-9409: The ReadMPCImage functio...

8.8CVSS6.7AI score0.03389EPSS
Exploits5References31
OpenVAS
OpenVAS
added 2017/09/20 12:0 a.m.37 views

Fedora Update for techne FEDORA-2017-8f27031c8f

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.13393EPSS
Exploits15References2
Tenable Nessus
Tenable Nessus
added 2010/09/12 12:0 a.m.47 views

SuSE9 Security Update : libpng (YOU Patch Number 12642)

Specially crafted png files could cause crashes or even execution of arbitrary code in applications using libpng to process such files. CVE-2010-1205, CVE-2010-2249 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

9.8CVSS7.4AI score0.43382EPSS
Exploits7References4
Rows per page
Query Builder