CVE-2020-12828

An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file with SYSTE...

CVE-2019-12828

An issue was discovered in Electronic Arts Origin before 10.5.39. Due to improper sanitization of the origin:// and origin2:// URI schemes, it is possible to inject additional arguments into the Origin process and ultimately leverage code execution by loading a backdoored Qt plugin remotely via t...

MAL-2025-12828 Malicious code in @zalastax/nolb-omz (npm)

The package @zalastax/nolb-omz was found to contain malicious code...

CVE-2024-12828

creationtimestamp| type| source ---|---|--- 2024-12-20 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-24-1725/ 2024-12-24 05:08:26+00:00| seen| https://bsky.app/profile/dinosn.bsky.social/post/3ldzoh4acss2i 2024-12-24 08:15:46+00:00| seen|...

CVE-2020-12828

creationtimestamp| type| source ---|---|--- 2024-10-31 02:10:22+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1349...

CVE-2020-12828

CVE-2020-12828 affects the AnchorFree VPN SDK prior to 1.3.3.218. The vulnerable component is the VPN SDK service, which binds a socket on localhost and uses a provided path to a executable file, leading to execution of that malicious file with SYSTEM privileges. The connected Red Hat and CNVD en...

CVE-2020-12828

An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file with SYSTE...

Electronic Arts Origin Client URI Handler Remote Code Execution (CVE-2019-12828)

A remote code execution vulnerability exists in the Electronic Arts Origin Client. The vulnerability is due to improper sanitization of user-supplied data which may be passed to the application as an option regarding the DLL loading path. A remote attacker could exploit the vulnerability by...

CVE-2019-6745

CVE-2019-6745 entry is rejected and not used.

EA Origin < 10.5.38 - Remote Code Execution Vulnerability

Exploit Title: EA Origin 10.5.38 Remote Code Execution Date: 05/22/2019 Exploit Author: Dominik Penner @zer0pwn Vendor Homepage: https://www.origin.com Software Link: https://www.origin.com/can/en-us/store/download Version: 10.5.38 and below Tested on: Windows 7, Windows 8, Windows 10 CVE :...

EA Origin Remote Code Execution

Exploit Title: EA Origin 10.5.38 Remote Code Execution Date: 05/22/2019 Exploit Author: Dominik Penner @zer0pwn Vendor Homepage: https://www.origin.com Software Link: https://www.origin.com/can/en-us/store/download Version: 10.5.38 and below Tested on: Windows 7, Windows 8, Windows 10 CVE :...

EA Origin 10.5.38 - Remote Code Execution

EA Origin 10.5.38 - Remote Code Execution Exploit Title: EA Origin 10.5.38 Remote Code Execution Date: 05/22/2019 Exploit Author: Dominik Penner @zer0pwn Vendor Homepage: https://www.origin.com Software Link: https://www.origin.com/can/en-us/store/download Version: 10.5.38 and below Tested on:...

EA Origin &lt; 10.5.38 - Remote Code Execution

Exploit Title: EA Origin 10.5.38 Remote Code Execution Date: 05/22/2019 Exploit Author: Dominik Penner @zer0pwn Vendor Homepage: https://www.origin.com Software Link: https://www.origin.com/can/en-us/store/download Version: 10.5.38 and below Tested on: Windows 7, Windows 8, Windows 10 CVE :...

CVE-2019-12828

CVE-2019-12828 affects Electronic Arts Origin prior to 10.5.39. The issue arises from improper sanitization of origin:// and origin2:// URI schemes, allowing injection of additional arguments into the Origin process and enabling remote code execution by loading a backdoored Qt plugin via the plat...

CVE-2017-12828

CVE-2017-12828 is rejected/not used and does not represent an active vulnerability entry.

CVE-2017-12828

...

UBUNTU-CVE-2018-12828

Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation...

CVE-2018-12828

Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation...

Updated flash-player-plugin packages fix security vulnerabilities

Updated flash-player-plugin packages fix security vulnerabilities: Out-of-bounds read that can lead to Information Disclosure CVE-2018-12824, CVE-2018-12826, CVE-2018-12827 Security bypass that can lead to Security Mitigation Bypass CVE-2018-12825 Use of a component with a known vulnerability can...

RHEL 6 : flash-plugin (RHSA-2018:2435)

An update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...