RockyLinux 8 : php:8.2 (RLSA-2026:1412)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1412 advisory. php: pgsql extension does not check for errors during escaping CVE-2025-1735 php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace...

RHEL 8 : php:8.2 (RHSA-2026:1412)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1412 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: pgsql extension does not check fo...

CVE-2026-1412

creationtimestamp| type| source ---|---|--- 2026-01-26 03:37:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdccxrq3bu2r...

CVE-2026-1412 Sangfor Operation and Maintenance Security Management System HTTP POST Request get_clip_img command injection

A vulnerability has been found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. The impacted element is an unknown function of the file /fort/audit/getclipimg of the component HTTP POST Request Handler. Such manipulation of the argument frame/dirno leads to command...

CVE-2025-1412

Mattermost versions 9.11.x = 9.11.6, 10.4.x = 10.4.1 fail to invalidate all active sessions when converting a user to a bot, with allows the converted user to escalate their privileges depending on the permissions granted to the bot...

CVE-2025-1412 vulnerabilities

Vulnerabilities for packages: mattermost...

EUVD-2006-6330

Malware in sbrugna...

CVE-2024-20081

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412...

CVE-2023-1412

An unprivileged non-admin user can exploit an Improper Access Control vulnerability in the Cloudflare WARP Client for Windows = 2022.12.582.0 to perform privileged operations with SYSTEM context by working with a combination of opportunistic locks oplock and symbolic links which can both be creat...

CVE-1999-1412 vulnerabilities

Vulnerabilities for packages: apache2...

Linux Distros Unpatched Vulnerability : CVE-2010-1412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote...

CVE-2025-1412

creationtimestamp| type| source ---|---|--- 2025-02-24 10:26:09+00:00| seen| https://t.me/cvedetector/18790 2025-02-24 10:47:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3liw6d5ggxx2l...

CVE-2025-1412 Session Persistence After User-to-Bot Conversion

Mattermost versions 9.11.x = 9.11.6, 10.4.x = 10.4.1 fail to invalidate all active sessions when converting a user to a bot, with allows the converted user to escalate their privileges depending on the permissions granted to the bot...

CVE-2025-1412 Session Persistence After User-to-Bot Conversion

Mattermost versions 9.11.x = 9.11.6, 10.4.x = 10.4.1 fail to invalidate all active sessions when converting a user to a bot, with allows the converted user to escalate their privileges depending on the permissions granted to the bot...

CVE-2025-1412

CVE-2025-1412 affects Mattermost Server 9.11.x (up to 9.11.6) and 10.4.x (up to 10.4.1). The issue: when converting a user to a bot, active sessions are not invalidated, enabling the converted user to escalate privileges depending on the bot’s granted permissions. Documented impact: potential pri...

CVE-2024-20081

CVE-2024-20081 affects the gnss service. The issue is an out-of-bounds write caused by improper input validation, leading to local escalation of privilege with system execution privileges required. Exploitation is reported to require no user interaction. A fix is available as patch ID ALPS0871960...

CVE-2024-20081

In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08719602; Issue ID: MSV-1412...

CVE-2008-1412

creationtimestamp| type| source ---|---|--- 2024-03-25 11:49:23+00:00| seen| https://t.me/ETHICALHACKERSCOMMUNITY2/3889 2024-03-25 14:38:09+00:00| seen| Telegram/HKj6TR4hMohrGsEUcNFDijNGdim3MCZhggfzha3EYtXw 2024-03-25 14:38:09+00:00| seen| https://t.me/tengkorakcybercrewz/4400 2024-03-25...

WordPress Memberpress Plugin <= 1.11.26 is vulnerable to Cross Site Scripting (XSS)

Software Memberpress Type Plugin Vulnerable versions = 1.11.26 Fixed in 1.11.27 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1412 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 44159653a377 Credits Jamie Perrelet...

CVE-2019-1412

creationtimestamp| type| source ---|---|--- 2024-02-11 16:07:11+00:00| seen| https://t.me/ctinow/182827...