CVE-2026-22612 Fickling vulnerable to detection bypass due to "builtins" blindness

Fickling is a Python pickling decompiler and static analyzer. Prior to version 0.1.7, Fickling is vulnerable to detection bypass due to "builtins" blindness. This issue has been patched in version 0.1.7...

CVE-2026-22612

creationtimestamp| type| source ---|---|--- 2026-01-09 18:13:01+00:00| published-proof-of-concept| https://github.com/trailofbits/fickling/security/advisories/GHSA-h4rm-mm56-xf63 2026-01-10 03:02:28+00:00| seen| Telegram/S2KXutw1drBgRsxEuEIjByNvXPd-WruEjV0wL9OdN7BsNk 2026-01-10 04:01:28+00:00|...

CVE-2023-22612

creationtimestamp| type| source ---|---|--- 2025-02-14 10:03:11+00:00| seen| Telegram/o7c6hkB3SRARBV6nm5U7yze0T9ZeKAodvZERl16p5JEg5xw...

CVE-2025-22612

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.374, the missing authorization allows an authenticated user to retrieve any existing private keys on a coolify instance in plain text. If the server configuration of IP ...

CVE-2025-22612 Coolify Vulnerable to Private Key Enumeration on Onboarding resulting in Remote Command Execution (RCE)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.374, the missing authorization allows an authenticated user to retrieve any existing private keys on a coolify instance in plain text. If the server configuration of IP ...

CVE-2025-22612

CVE-2025-22612 affects Coolify prior to 4.0.0-beta.374. The issue is due to missing authorization, allowing an authenticated user to retrieve private keys in plain text and, if the victim’s server configuration (IP/domain, port, user) matches, to execute arbitrary commands on the remote server. V...

CVE-2025-22612 Coolify Vulnerable to Private Key Enumeration on Onboarding resulting in Remote Command Execution (RCE)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.374, the missing authorization allows an authenticated user to retrieve any existing private keys on a coolify instance in plain text. If the server configuration of IP ...

CVE-2020-22612

creationtimestamp| type| source ---|---|--- 2023-09-01 20:15:26+00:00| seen| https://t.me/cibsecurity/69675...

CVE-2020-22612

Installer RCE on settings file write in MyBB before 1.8.22...

CVE-2020-22612

Installer RCE on settings file write in MyBB before 1.8.22...

CVE-2020-22612

Installer RCE on settings file write in MyBB before 1.8.22...

CVE-2020-22612

CVE-2020-22612 affects MyBB prior to 1.8.22. The issue is an Installer Remote Code Execution (RCE) vulnerability caused by settings file writes during installation. Impact is high (RCE via installer) as described in multiple sources. The only remediation provided in the connected documents is to ...

CVE-2023-22612

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM...

CVE-2023-22612

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM...

CVE-2023-22612

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM...

CVE-2023-22612

CVE-2023-22612 affects InsydeH2O firmware’s IhisiSmm component. The issue exists on InsydeH2O builds with kernels 5.0–5.5, where a malicious host OS can invoke the Insyde SMI handler with malformed arguments, leading to memory corruption in System Management Mode (SMM). Connected sources describe...

CVE-2023-22612

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. A malicious host OS can invoke an Insyde SMI handler with malformed arguments, resulting in memory corruption in SMM...

CVE-2022-22612

A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to heap corruption...

CVE-2022-22612

CVE-2022-22612 involves a memory consumption issue that can lead to heap corruption when processing a maliciously crafted image. Affected products include Apple media frameworks across macOS Monterey 12.3, tvOS 15.4, iOS 15.4, iPadOS 15.4, watchOS 8.5, and iTunes 12.12.3 for Windows. The root cau...

Apple iTunes < 12.12.3 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes installed on the remote Windows host is prior to 12.12.3. It is, therefore, affected by multiple vulnerabilities as referenced in the HT213188 advisory. - Processing a maliciously crafted image may lead to arbitrary code execution CVE-2022-22611 - Processing a...