CVE-2026-21436

creationtimestamp| type| source ---|---|--- 2026-01-01 18:46:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbf236pkvp2c 2026-01-02 07:57:36+00:00| seen| https://gist.github.com/Darkcrai86/f89dc440ab9ed43511a31d3c5c29cd09...

CVE-2026-21436

eopkg is a Solus package manager implemented in python3. In versions prior to 4.4.0, a malicious package could escape the directory set by --destdir. This requires the installation of a package from a malicious or compromised source. Files in such packages would not be installed in the path given...

CVE-2026-21436 eopkg has Path Traversal: '../filedir' vulnerability

eopkg is a Solus package manager implemented in python3. In versions prior to 4.4.0, a malicious package could escape the directory set by --destdir. This requires the installation of a package from a malicious or compromised source. Files in such packages would not be installed in the path given...

EUVD-2023-45059

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-21436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Agents are able to see and link Config Items without permissions, which are defined in General Catalog. This issue affects: OTRS AG OTRSCIsInCustomerFrontend...

Linux Distros Unpatched Vulnerability : CVE-2022-21436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily...

CVE-2025-21436 Use After Free in DSP Service

Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads...

CVE-2025-21436 Use After Free in DSP Service

Memory corruption may occur while initiating two IOCTL calls simultaneously to create processes from two different threads...

CVE-2025-21436

CVE-2025-21436 describes a memory corruption vulnerability in Qualcomm/SoC kernel code triggered when two IOCTL calls are initiated concurrently from two different threads to create processes. The issue is characterized by local attack vector with low privileges required and no user interaction, ...

CVE-2023-40488 Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2024-21436

creationtimestamp| type| source ---|---|--- 2024-03-12 18:32:21+00:00| seen| https://t.me/ctinow/205969 2024-03-12 20:22:04+00:00| seen| https://t.me/ctinow/206099...

CVE-2024-21436

Windows Installer Elevation of Privilege Vulnerability...

CVE-2024-21436

CVE-2024-21436 is a Windows Installer elevation of privilege vulnerability. The CVE entry reports a CVSS v3.1 base score of 7.8 (high) with local attack vector, low attack complexity, requiring low privileges and no user interaction; impact is high on confidentiality, integrity, and availability....

CVE-2024-21436 Windows Installer Elevation of Privilege Vulnerability

...

KLA65123 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code, obtain sensitive information, bypass security restrictions. Below is a complete list of...

SUSE CVE-2022-21436

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-21436

creationtimestamp| type| source ---|---|--- 2023-02-09 22:26:15+00:00| seen| https://t.me/cibsecurity/57864...

CVE-2023-21436

CVE-2023-21436 affects Samsung Contacts prior to SMR Feb-2023 Release 1, due to improper usage of implicit intents that allows a local attacker to obtain an account ID. Connected sources indicate the issue impacts Samsung Mobile devices and that updates addressing it were included in SMR Feb-2023...

CVE-2023-21436

Improper usage of implicit intent in Contacts prior to SMR Feb-2023 Release 1 allows attacker to get account ID...

RHEL 8 : mysql:8.0 (RHSA-2022:7119)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7119 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and...