100 matches found
CVE-2026-2037
CVE-2026-2037 affects GFI Archiver via the MArc.Core.Deserialization of Untrusted Data vulnerability in the MArc.Core.Remoting.exe component (listening on port 8017). The root cause: lack of proper validation during deserialization of untrusted data, allowing an attacker to execute arbitrary code...
CVE-2025-2037
creationtimestamp| type| source ---|---|--- 2025-03-06 19:38:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6739 2025-03-06 22:12:22+00:00| seen| https://t.me/cvedetector/19737 2025-08-18 13:31:23+00:00| seen| MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3 2025-08-19...
CVE-2025-2037
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userdashboard/deleterequester.php. The manipulation of the argument requesterid leads to sql injection. The attack can be initiated...
CVE-2025-2037 code-projects Blood Bank Management System delete_requester.php sql injection
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userdashboard/deleterequester.php. The manipulation of the argument requesterid leads to sql injection. The attack can be initiated...
CVE-2025-2037 code-projects Blood Bank Management System delete_requester.php sql injection
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /userdashboard/deleterequester.php. The manipulation of the argument requesterid leads to sql injection. The attack can be initiated...
Linux Distros Unpatched Vulnerability : CVE-2016-2037
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The cpiosafernamesuffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service out-of-bounds write via a crafted cpio file...
CVE-2022-2037
Excessive Attack Surface in GitHub repository tooljet/tooljet prior to v1.16.0...
SUSE: Security Advisory (SUSE-SU-2024:2037-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : cpio (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cpio: directory traversal through symlinks CVE-2015-1197 - cpio: out of bounds write CVE-2016-2037 Note...
RHEL 6 : cpio (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - cpio: improper input validation when writing tar header fields leads to unexpected tar generation...
Oracle Linux 8 : tigervnc (ELSA-2024-2037)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2037 advisory. - Fix crash caused by fix for CVE-2024-31083 Resolves: RHEL-30981 - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in...
BELL-CVE-2016-2037 CVE-2016-2037 does not affect BellSoft software
Bulletin has no description...
Amazon Linux 2 : golang (ALAS-2023-2037)
The version of golang installed on the remote host is prior to 1.18.9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2037 advisory. HTTP and MIME header parsing could allocate large amounts of memory, even when parsing small inputs. Certain unusual patterns of...
CVE-2023-2037
CVE-2023-2037 affects Campcodes Video Sharing Website 1.0, with the vulnerability located in watch.php where the code parameter can be manipulated to trigger a SQL injection. The issue is exploitable remotely and, according to the connected sources, the vulnerability has been disclosed publicly. ...
SUSE CVE-2013-2037
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary...
CVE-2022-20237
The CVE-2022-20237 entry affects Android kernel code, specifically the BuildDevIDResponse function in miscdatabuilder.cpp. A missing bounds check can cause an out-of-bounds write, which the provided documents state could enable remote code execution without extra privileges or user interaction. T...
CVE-2022-2037
Excessive Attack Surface in GitHub repository tooljet/tooljet prior to v1.16.0...
CVE-2022-2037 Excessive Attack Surface in tooljet/tooljet
Excessive Attack Surface in GitHub repository tooljet/tooljet prior to v1.16.0...
CVE-2022-2037
CVE-2022-2037 affects ToolJet (tooljet/tooljet) before v1.16.0. The vulnerability is described as an Excessive Attack Surface. Severity varies by source (NVD CVSS2/3.1 reports base scores up to 8.0/9.8 in CNA data). A fix exists in v1.16.0 and later; upgrade to 1.16.0+ to mitigate. Technical deta...
Huawei EulerOS: Security Advisory for cpio (EulerOS-SA-2022-1114)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...