CVE-2025-13712

Tencent HunyuanDiT merge Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent HunyuanDiT. User interaction is required to exploit this vulnerability in that the target must...

CVE-2025-13712

Tencent HunyuanDiT merge Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent HunyuanDiT. User interaction is required to exploit this vulnerability in that the target must...

CVE-2025-13712

creationtimestamp| type| source ---|---|--- 2025-12-01 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1028/...

Linux Distros Unpatched Vulnerability : CVE-2017-13712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering...

CVE-2024-13712

creationtimestamp| type| source ---|---|--- 2025-02-19 08:16:50+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lijdkli5662n 2025-02-19 12:03:16+00:00| seen| https://t.me/cvedetector/18428...

CVE-2024-13712 Pollin <= 1.01.1 - Authenticated (Admin+) SQL Injection

The Pollin plugin for WordPress is vulnerable to SQL Injection via the 'question' parameter in all versions up to, and including, 1.01.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2020-13712

A command injection is possible through the user interface, allowing arbitrary command execution as the root user. oMG2000 running MGOS 3.15.1 or earlier is affected. MG90 running MGOS 4.2.1 or earlier is affected...

CVE-2020-13712

creationtimestamp| type| source ---|---|--- 2024-12-20 21:44:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113687334273533598 2024-12-20 22:15:49+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ldrfymubdm2a 2024-12-21 00:16:50+00:00| seen|...

CVE-2020-13712

The CVE-2020-13712 issue affects Sierra Wireless MGOS/Omg2000 devices: oMG2000 version 3.15.1 and earlier, and MG90 version 4.2.1 and earlier. A command injection via the user interface allows arbitrary command execution as root. Root-cause and impact are described across CVE records; affected co...

CVE-2020-13712 MGOS Command Injection

A command injection is possible through the user interface, allowing arbitrary command execution as the root user. oMG2000 running MGOS 3.15.1 or earlier is affected. MG90 running MGOS 4.2.1 or earlier is affected...

Ubuntu 16.04 ESM : LAME vulnerabilities (USN-4780-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4780-1 advisory. It was discovered that LAME incorrectly handled certain audio files. A remote attacker could possibly use this issue to cause a denial of service. Eight...

Ubuntu: Security Advisory (USN-4780-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0434)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-34868

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Design/Logic Flaw

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

CVE-2021-34868

Parallels Desktop 16.1.3-49160 contains a local privilege-escalation flaw in the Toolgate component. The issue stems from improper validation of user-supplied data, causing uncontrolled memory allocation, and enabling an attacker with low-privilege, local code execution on the guest to escalate p...

CVE-2021-34868

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

CVE-2017-13712

NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument...

CVE-2017-13712

NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument...

CVE-2017-13712

NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument...