SUSE: Security Advisory (SUSE-SU-2026:1292-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2026-1292)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-1292

Tanium addressed an insertion of sensitive information into log file vulnerability in Trends...

CVE-2026-1292

Affects Tanium Trends (log handling). The CVE-2026-1292 entry describes an issue classified as a log-file insertion vulnerability impacting confidentiality (C High) with no integrity/availability impact, base score 6.5 (CVSS 3.1, Network, Low attack complexity, Privileges required Low, User inter...

CVE-2026-1292 Tanium addressed an insertion of sensitive information into log file vulnerability in Trends.

Tanium addressed an insertion of sensitive information into log file vulnerability in Trends...

MiracleLinux 4 : firefox-45.7.0-1.0.1.AXS4 (AXSA:2017-1292:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-1292:01 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this...

EUVD-2026-1292

The Post Like Dislike plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...

Amazon Linux 2023 : fetchmail (ALAS2023-2025-1292)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1292 advisory. In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context. CVE-2025-61962 Tenable has extracted the preceding description block...

TencentOS Server 2: openssl (TSSA-2025:0549)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0549 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

CVE-2024-1292

The WPB Show Core WordPress plugin before 2.7 does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-1292

A vulnerability has been found in SourceCodester Sales Tracker Management System 1.0 and classified as critical. This vulnerability affects the function deleteclient of the file classes/Master.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. T...

CVE-2019-1292

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'...

CVE-2012-1292

Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the MessagingSystem Performance Data via unspecified vectors...

CVE-2025-1292

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the NVRead functionality during the Challenge-Response process...

CVE-2025-1292

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the NVRead functionality during the Challenge-Response process...

CVE-2025-1292

creationtimestamp| type| source ---|---|--- 2025-04-15 19:55:29+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11896 2025-04-15 20:10:09+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114343792428511571 2025-04-16 00:08:33+00:00| seen| https://t.me/cvedetector/23013...

CVE-2025-1292 TPM2 Out-Of-Bounds Write Leading to Potential Operating System Verification Bypass in ChromeOS

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the NVRead functionality during the Challenge-Response process...

CVE-2025-1292

CVE-2025-1292 describes an out-of-bounds write in the TPM2 Reference Library used by Google ChromeOS 122.0.6261.132 on Cr50 boards. The root cause is an NV_Read path leveraged during the Challenge-Response process, allowing an attacker with root access to gain persistence and bypass operating-sys...

CVE-2025-1292 TPM2 Out-Of-Bounds Write Leading to Potential Operating System Verification Bypass in ChromeOS

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the NVRead functionality during the Challenge-Response process...

Advisory ROSA-SA-2025-2715

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1.1k-12.0.1 CVE-ID: CVE-2022-1292 BDU-ID: 2022-03181 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the OpenSSL library's crehash script implementation is related to failure to take measures to neutralize shell...