SUSE CVE-2018-7712

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service assertion failure because size.height = 120 may be false. Note: “OpenCV CVAssert is not an assertion C-like assert, it is regular C++ exception which can...

CVE-2026-7712

A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vend...

CVE-2026-7712

creationtimestamp| type| source ---|---|--- 2026-05-04 00:00:41+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mkyejjpcik2p 2026-05-04 00:00:49+00:00| seen| https://infosec.exchange/users/offseq/statuses/116513363610813393 2026-05-04 01:08:37+00:00| seen|...

CVE-2026-7712

A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vend...

CVE-2019-7712

An issue was discovered in handleripcomshellpwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is used as the first argument to printf without a proper check. An attacker may thus forge a path containin...

CVE-2020-7712 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce...

CVE-2025-7712

creationtimestamp| type| source ---|---|--- 2025-07-17 03:28:18+00:00| seen| Telegram/AVeVfVpQh5-0FmL4aK25eRV6HRMqzbA23m40anp59WHIaBE...

CVE-2025-7712 Madara - Core <= 2.2.3 - Unauthenticated Arbitrary File Deletion

The Madara - Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wpmangadeletezip function in all versions up to, and including, 2.2.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, whic...

WordPress Madara plugin <= 2.2.3 - Unauthenticated Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion vulnerability discovered by Thái An in WordPress Plugin Madara – Responsive Manga Site versions = 2.2.3...

Oracle Siebel Server <= 22.5 (April 2023 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the April 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: Loging Apache ZooKeeper. Supported versions that are affected are 22.5 and prior...

Rocky Linux 9 : tracker-miners (RLSA-2023:7712)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:7712 advisory. - A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the...

Oracle Linux 9 : tracker-miners (ELSA-2023-7712)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-7712 advisory. 3.1.2-4 - Backport stricter seccomp jail Resolves: RHEL-12469 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Primavera Unifier (Oct 2022 CPU)

The versions of Primavera Unifier installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2022 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Document Management Apache Solr. Supported...

Command injection in json

Overview In versions of json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function. Recommendation Upgrade to version 10.0.0 or later References - CVE - GitHub Advisory...

logviewer (=1.0.0), samuel (>=0.0.1 <=0.0.227) potentially affected by CVE-2020-7712 via json (>=0.0.12 <=0.0.14)

json NPM version =0.0.12, =0.0.1, =0.0.227 Source cves: CVE-2020-7712 Source advisory: OSV:GHSA-3C6G-PVG8-GQW2...

CVE-2020-7712

This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function...

CVE-2020-7712

This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function...

CVE-2020-7712

CVE-2020-7712—Initial public details: the vulnerability in json package prior to 10.0.0 enables arbitrary command injection via parseLookup. Connected data from a Nessus plugin (Oracle Siebel Server &lt;= 22.5) cites the CVE and describes a vulnerability in Siebel CRM (component: Loging/APache Zo...

CVE-2020-7712 Command Injection

This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function...

CVE-2019-7712

The CVE-2019-7712 issue affects Green Hills INTEGRITY RTOS 5.0.4, specifically the Interpeak IPCOMShell TELNET server. When a user runs pwd, the current working directory path is passed as the first argument to printf() without proper validation, enabling an attacker to craft a path with format s...