Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : follow-redirects vulnerabilities (USN-8217-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8217-1 advisory. It was discovered that follow-redirects did not properly protect sensitive user information during redirects. An attacker could...

MiracleLinux 3 : glibc-2.5-58.2.0.1.AXS3 (AXSA:2011-151:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-151:01 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...

CVE-2021-0536

In dropFile of WiFiInstaller, there is a way to delete files accessible to CertInstaller due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

EUVD-2026-0536

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

Linux Distros Unpatched Vulnerability : CVE-2017-0536

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission...

CVE-2025-0536

A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/editaction.php. The manipulation of the argument attendanceid leads to sql injection. The attack can be initiated remotely. The...

Linux Distros Unpatched Vulnerability : CVE-2022-0536

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8. CVE-2022-0536 Note that Nessus relies on the...

CVE-2025-0536

A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/editaction.php. The manipulation of the argument attendanceid leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-0536

creationtimestamp| type| source ---|---|--- 2025-01-17 19:35:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113845371586207484 2025-01-17 20:16:09+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfxmeg2kgp2n 2025-01-17 20:57:48+00:00|...

CVE-2025-0536 1000 Projects Attendance Tracking Management System edit_action.php sql injection

A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/editaction.php. The manipulation of the argument attendanceid leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-0536 1000 Projects Attendance Tracking Management System edit_action.php sql injection

A vulnerability classified as critical was found in 1000 Projects Attendance Tracking Management System 1.0. This vulnerability affects unknown code of the file /admin/editaction.php. The manipulation of the argument attendanceid leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-0536

CVE-2025-0536 affects 1000 Projects Attendance Tracking Management System 1.0. A vulnerability in /admin/edit_action.php allows manipulating the attendance_id parameter to cause SQL injection. The attack is remotely executable, and the exploit has been disclosed publicly. NVD lists a high/critica...

Photon OS 4.0: Vim PHSA-2024-4.0-0689

An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0689. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20696...

Photon OS 4.0: Openssh PHSA-2023-4.0-0536

An update of the openssh package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0536. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities

Summary There are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. Node.js follow-redirects module could allow a remote authenticated attacker to obtain sensitive information CVE-2024-28849,...

CVE-2024-0536

creationtimestamp| type| source ---|---|--- 2024-01-15 05:26:40+00:00| seen| https://t.me/ctinow/168143 2024-02-03 09:46:30+00:00| seen| https://t.me/ctinow/178450...

CVE-2024-0536

A vulnerability, which was classified as critical, has been found in Tenda W9 1.0.0.74456. Affected by this issue is the function setWrlAccessList of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack may be launched remotely. The...

CVE-2024-0536

CVE-2024-0536 affects Tenda W9 (firmware 1.0.0.7/4456) with a vulnerability in httpd.setWrlAccessList. The root cause is a stack-based buffer overflow triggered by manipulating the ssidIndex argument, enabling a remote attacker to potentially execute arbitrary code. Public disclosure of the explo...

CVE-2023-0536

The Wp-D3 WordPress plugin through 2.4.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-0536

CVE-2023-0536 affects the Wp-D3 WordPress plugin prior to 2.4.2 (