ROOT-OS-DEBIAN-13-CVE-2026-23412 CVE-2026-23412 in rootio-linux - Patched by Root

Root has patched CVE-2026-23412 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

CVE-2026-23412

creationtimestamp| type| source ---|---|--- 2026-04-24 17:19:06+00:00| seen| Telegram/JJSTAL9Od5belnpNTeT7EllHotzG8ircS1PMboCiKcbiY...

DEBIAN-CVE-2026-23412

In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: defer hook memory release until rcu readers are done Yiming Qian reports UaF when concurrent process is dumping hooks via nfnetlinkhooks: BUG: KASAN: slab-use-after-free in nfnlhookdumpone.isra.0+0xe71/0x10f0 Read...

CVE-2026-23412

In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: defer hook memory release until rcu readers are done Yiming Qian reports UaF when concurrent process is dumping hooks via nfnetlinkhooks: BUG: KASAN: slab-use-after-free in nfnlhookdumpone.isra.0+0xe71/0x10f0 Read...

CVE-2025-23412

When BIG-IP APM Access Profile is configured on a virtual server, undisclosed request can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-23412

When BIG-IP APM Access Profile is configured on a virtual server, undisclosed request can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-23412

When BIG-IP APM Access Profile is configured on a virtual server, undisclosed request can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2025-23412 BIG-IP APM access profile vulnerability

When BIG-IP APM Access Profile is configured on a virtual server, undisclosed request can cause TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 Networks BIG-IP : BIG-IP APM access profile vulnerability (K000141003)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.5 / 17.1.2. It is, therefore, affected by a vulnerability as referenced in the K000141003 advisory. When a BIG-IP APM access profile is configured on a virtual server, undisclosed requests can cause the Traffic...

CVE-2024-23412

creationtimestamp| type| source ---|---|--- 2025-01-01 00:18:12+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lenbxcugva25...

CVE-2023-23412

CVE-2023-23412 is a Windows local elevation-of-privilege issue (Attack Vector: LOCAL, Privileges Required: LOW, UI: NONE) with HIGH impact on confidentiality, integrity, and availability per CVSS 3.1 metrics. Microsoft security updates released March 14, 2023 (e.g., KB5023705, KB5023764, KB502376...

CVE-2023-23412 Windows Accounts Picture Elevation of Privilege Vulnerability

...

@auto-canary/all-contributors (>=9.16.1-canary.undefined.13449.0 <=9.34.2-canary.1241.15885.0), @auto-canary/auto (>=9.16.1-canary.undefined.13449.0 <=9.34.2-canary.1241.15885.0) +23 more potentially affected by CVE-2021-23412 via gitlogplus (=3.1.7)

gitlogplus NPM version =3.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on gitlogplus and may be impacted: - @auto-canary/all-contributors =9.16.1-canary.undefined.13449.0, =9.16.1-canary.undefined.13449.0, =9.23.0-canary.1099.14362.0,...

CVE-2021-23412

creationtimestamp| type| source ---|---|--- 2021-07-23 20:37:47+00:00| seen| https://t.me/cibsecurity/26442...

CVE-2021-23412 Command Injection

All versions of package gitlogplus are vulnerable to Command Injection via the main functionality, as options attributes are appended to the command to be executed without sanitization...

CVE-2021-23412

CVE-2021-23412 affects the Node.js package gitlogplus . The root cause is that the library appends user-controlled options to shell commands without sanitization, enabling a command injection vulnerability. This can be triggered remotely over the network without authentication, with impact on con...

@auto-canary/all-contributors (>=9.16.1-canary.undefined.13449.0 <=9.34.2-canary.1241.15885.0), @auto-canary/auto (>=9.16.1-canary.undefined.13449.0 <=9.34.2-canary.1241.15885.0) +23 more potentially affected by CVE-2021-23412 via gitlogplus (=3.1.7)

gitlogplus NPM version =3.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on gitlogplus and may be impacted: - @auto-canary/all-contributors =9.16.1-canary.undefined.13449.0, =9.16.1-canary.undefined.13449.0, =9.23.0-canary.1099.14362.0,...

Roxio CinePlayer ActiveX Control Buffer Overflow

require 'msf/core' class Metasploit3 'Roxio CinePlayer ActiveX Control Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow in SonicPlayer ActiveX control SonicMediaPlayer.dll 3.0.0.1 installed by Roxio CinePlayer 3.2. By setting an overly long value to...