Skip to main content
CVE-2012-0025 MEDIUM POC THREAT This Month

Double free vulnerability in the Free_All_Memory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 22.4%.

Denial Of Service Flashpix Plugin
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
22.4%
CVE-2012-4486 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the Subuser module before 6.x-1.8 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that switch the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Subuser
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-4487 MEDIUM PATCH This Month

The Subuser module before 6.x-1.8 for Drupal does not properly check "switch subuser" permissions, which allows remote authenticated parent users to change their role by switching to a subuser they. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Subuser
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy