34 matches found
CVE-2025-12697
creationtimestamp| type| source ---|---|--- 2026-03-12 14:15:24+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mgull4qogo2n 2026-03-12 16:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/gitlab-multiple-vulnerabilities20260313...
CVE-2025-12697
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user with maintainer-role permissions to reveal Datadog API credentials under certain conditions...
CVE-2025-12697 Improper Encoding or Escaping of Output in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.5 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user with maintainer-role permissions to reveal Datadog API credentials under certain conditions...
Adobe Substance 3D Stager suffers from an out-of-bounds write vulnerability (CNVD-2026-12697)
Substance 3D Stager is the United States of America Ordoby Adobe company launched a dedicated to the 3D scene set, lighting settings and high-quality rendering of professional software. An out-of-bounds write vulnerability exists in Adobe Substance 3D Stager, which can be exploited by attackers t...
Linux Distros Unpatched Vulnerability : CVE-2018-12697
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference aka SEGV on unknown address 0x000000000000 was discovered in workstuffcopytofrom in cplus-dem.c in GNU libiberty, as distributed in G...
CVE-2024-12697
creationtimestamp| type| source ---|---|--- 2024-12-21 07:15:48+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ldse67bfbr25 2024-12-21 07:44:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113689695572309033 2024-12-21 08:38:36+00:00| seen|...
CVE-2024-12697
CVE-2024-12697 concerns the real.Kit WordPress plugin. Connected sources confirm a Stored Cross-Site Scripting vulnerability due to insufficient input sanitization and output escaping, affecting all versions up to 5.1.1. The issue requires authenticated access (Contributor+) to inject scripts tha...
CVE-2024-12697 real.Kit <= 5.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The real.Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary w...
CVE-2024-12697 real.Kit <= 5.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The real.Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary w...
Oracle Linux 7 : binutils (ELSA-2019-2075)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2075 advisory. 2.27-41.base.0.1 - Complete the backport of upstream commit a5def14f1ca70e14d9433cb229c9369fa3051598 Add a test for R386GOT32/R386GOT32X IFUNC reloc...
SUSE CVE-2018-12697
A NULL pointer dereference aka SEGV on unknown address 0x000000000000 was discovered in workstuffcopytofrom in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump...
Fix of 14 CVEs
CVE-2018-9138: Fix stack exhaustion - CVE-2018-12641: Fix stack exhaustion - CVE-2018-12697: Fix NULL pointer dereference - CVE-2018-12698: Fix memory consumption - CVE-2018-12699: Fix heap-based buffer overflow - CVE-2018-12700: Fix infinite recursion - CVE-2018-17794: Fix NULL pointer...
CVE-2020-12697
The directmail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries...
CVE-2020-12697
The CVE-2020-12697 entry affects the TYPO3 Direct Mail extension (direct_mail) up to version 5.2.3. Root cause: a logging mechanism for link clicks has no cap on log entry generation, enabling an attacker to cause excessive log writes and trigger a denial of service. Impact is described as DoS vi...
CVE-2020-12697
The directmail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries...
Multiple vulnerabilities in extension "Direct Mail" (direct_mail)
Denial of Service CVE-2020-12697 The extension provides a functionality to log clicks on links in sent newsletters. This functionality does not limit the amount of log entries generated per link, so it is possible to use a valid link to fill the log table with a huge amount of records...
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1790)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1887)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.05 / MAIN 5.05 : binutils Multiple Vulnerabilities (NS-SA-2019-0228)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has binutils packages installed that are affected by multiple vulnerabilities: - An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangli...
Medium: binutils
Issue Overview: An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demanglearmhptemplate, demangleclassname, demanglefundtype,...