EUVD-2026-1712

A Command Injection Vulnerability has been discovered in the DHCP daemon service of D-Link DIR895LA1 v102b07. The vulnerability exists in the lease renewal processing logic where the DHCP hostname parameter is directly concatenated into a system command without proper sanitization. When a DHCP...

CVE-2025-1712

Argument injection in special agent configuration in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files...

Siemens SIMATIC S7-1500 Use After Free (CVE-2020-1712)

A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by...

EUVD-2018-1712

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-1712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Argument injection in special agent configuration in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files...

Linux Distros Unpatched Vulnerability : CVE-2020-1712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. ...

TencentOS Server 3: systemd (TSSA-2022:0039)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0039 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2022-1712

The LiveSync for WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

CVE-2025-1712

Argument injection in special agent configuration in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files...

CVE-2025-1712 Arbitrary file write with vcrtrace

Argument injection in special agent configuration in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files...

CVE-2025-1712 Arbitrary file write with vcrtrace

Argument injection in special agent configuration in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files...

CVE-2025-1712

CVE-2025-1712 affects Checkmk: argument/injection in a special agent configuration across versions <2.4.0p1, <2.3.0p32,

Alibaba Cloud Linux 3 : 0039: systemd (ALINUX3-SA-2022:0039)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0039 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-3842: In systemd before v242-rc4,...

Linux Distros Unpatched Vulnerability : CVE-2011-1712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The txXPathNodeUtils::getXSLTId function in txMozillaXPathTreeWalker.cpp and txStandaloneXPathTreeWalker.cpp in Mozilla Firefox before 3.5.19, 3.6.x before...

CVE-2024-1712

The Carousel Slider WordPress plugin before 2.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-1712 Carousel Slider < 2.2.7 - Editor+ Stored XSS

The Carousel Slider WordPress plugin before 2.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Carousel Slider Plugin < 2.2.7 is vulnerable to Cross Site Scripting (XSS)

Software Carousel Slider Type Plugin Vulnerable versions 2.2.7 Fixed in 2.2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1712 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID be0c9e02881f Credits Dmitrii Ignatyev Required...

Amazon Linux AMI : emacs (ALAS-2023-1712)

The version of emacs installed on the remote host is prior to 24.3-20.25. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1712 advisory. GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file,...

SUSE: Security Advisory (SUSE-SU-2023:1712-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1712

creationtimestamp| type| source ---|---|--- 2023-03-30 14:26:22+00:00| seen| https://t.me/cibsecurity/61164...