CVE-2021-0336

In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission check, with User execution privileges needed. User interaction is not needed for exploitation.Product...

TencentOS Server 3: libtiff (TSSA-2024:0336)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0336 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2020-0336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In SurfaceFlinger, there is possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges...

CVE-2025-0336

A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/teacher.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2020-0336

In SurfaceFlinger, there is possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153467444...

CVE-2025-0336

A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/teacher.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-0336

creationtimestamp| type| source ---|---|--- 2025-01-09 06:36:00+00:00| seen| https://infosec.exchange/users/cve/statuses/113797009226742454 2025-01-09 07:16:08+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfc52bplxf2e 2025-01-09 09:23:32+00:00| seen|...

CVE-2025-0336 Codezips Project Management System teacher.php sql injection

A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/teacher.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2025-0336 Codezips Project Management System teacher.php sql injection

A vulnerability was found in Codezips Project Management System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/forms/teacher.php. The manipulation of the argument name leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

CVE-2022-0336 affecting package samba for versions less than 4.18.3-1

CVE-2022-0336 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...

CentOS 7 : kernel (RHSA-2021:0336)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0336 advisory. - Use-after-free vulnerability in fs/blockdev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by...

Photon OS 4.0: Postgresql10 PHSA-2023-4.0-0336

An update of the postgresql10 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0336. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2024-0336

Missing Authentication for Critical Function vulnerability in EMTA Grup PDKS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDKS: from V3.04 before 20240603. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

CVE-2024-0336

CVE-2024-0336 affects EMTA Grup PDKS (V3.04 and earlier, before 20240603). The root cause is Missing Authentication for Critical Function due to Incorrectly Configured Access Control, described as an improper access-control misconfiguration that enables unauthorized access to sensitive functions....

WordPress OoohBoi Steroids for Elementor Plugin <= 2.1.4 is vulnerable to Arbitrary File Deletion

Software OoohBoi Steroids for Elementor Type Plugin Vulnerable versions = 2.1.4 Fixed in 2.1.5 OWASP Top 10 A5: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2023-0336 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID 0eee208c0039 Credits Lana Codes...

CVE-2023-0336

creationtimestamp| type| source ---|---|--- 2023-03-27 20:50:00+00:00| seen| https://t.me/cibsecurity/60803...

CVE-2023-0336 OoohBoi Steroids for Elementor < 2.1.5 - Subscriber+ Attachment Deletion

The OoohBoi Steroids for Elementor WordPress plugin before 2.1.5 has CSRF and broken access control vulnerabilities which leads user with role as low as subscriber to delete attachment...

Important Photon OS Security Update - PHSA-2023-4.0-0336

Updates of 'kafka', 'postgresql10' packages of Photon OS have been released...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2022-2589)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : samba (EulerOS-SA-2022-2589)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - All versions of Samba prior to 4.13.16 are vulnerable to a malicious client using an SMB1 or NFS race to allow a directory to be...