Zoom Workplace < 6.5.0 Vulnerability (ZSB-25036)

The version of Zoom Workplace installed on the remote host is prior to 6.5.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-25036 advisory. - Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an unauthenticated user to conduct a disclosur...

CVE-2024-25036

IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user with local access to bypass security allowing users to circumvent restrictions imposed on input fields...

CVE-2020-25036

UCOPIA Wi-Fi appliances 6.0.5 allow authenticated remote attackers to escape the restricted administration shell CLI, and access a shell with admin user rights, via an unprotected less command...

CVE-2018-25036

A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/RgTime. The manipulation of the argument TimeServer1/TimeServer2/TimeServer3 with the input as part of POST Request leads to...

CVE-2025-25036

Jalios JPlatform is affected by CVE-2025-25036 (XML External Entity Reference leading to XML Injection) in all versions prior to 10.0.8 (SP8). The issue is due to improper restriction of external entities, enabling XML injections under network access. Reported impact focuses on confidentiality ri...

CVE-2025-25036 Jalios JPlatform 10 Authenticated XML External Entity Injection (XXE)

Improper Restriction of XML External Entity Reference vulnerability in Jalios JPlatform allows XML Injection.This issue affects all versions of JPlatform 10 before 10.0.8 SP8...

CVE-2024-25036

creationtimestamp| type| source ---|---|--- 2024-12-03 16:50:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113589919591622477...

CVE-2024-25036 IBM Cognos Controller authentication bypass

IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user with local access to bypass security allowing users to circumvent restrictions imposed on input fields...

CVE-2023-25036

creationtimestamp| type| source ---|---|--- 2023-07-18 16:31:10+00:00| seen| https://t.me/cibsecurity/66897...

CVE-2023-25036

Cross-Site Request Forgery CSRF vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin = 1.6 versions...

CVE-2023-25036

Cross-Site Request Forgery CSRF vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin = 1.6 versions...

CVE-2023-25036

CVE-2023-25036 affects the WordPress Social Media Icons Widget plugin (≤1.6). The CSRF vulnerability allows unauthenticated users to exploit but no patch is publicly available (patch status is unpatched per multiple sources; PatchStack lists no fix). Affected plugin versions should be considered ...

CVE-2023-25036 WordPress Social Media Icons Widget Plugin <= 1.6 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin = 1.6 versions...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2023-1299)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-25036

creationtimestamp| type| source ---|---|--- 2022-06-12 12:17:14+00:00| seen| https://t.me/cibsecurity/44239...

CVE-2018-25036

A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/RgTime. The manipulation of the argument TimeServer1/TimeServer2/TimeServer3 with the input alert1 as part of POST Request lead...

CVE-2018-25036 Thomson TCW710 RgTime Persistent cross site scriting

A vulnerability has been found in Thomson TCW710 ST5D.10.05 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/RgTime. The manipulation of the argument TimeServer1/TimeServer2/TimeServer3 with the input alert1 as part of POST Request lead...

CVE-2018-25036

Thomson TCW710 ST5D.10.05 is affected by CVE-2018-25036 due to an unknown-functionality issue in /goform/RgTime. The vulnerability enables persistent cross-site scripting (XSS) via crafted POST input on TimeServer1/TimeServer2/TimeServer3 (e.g., &gt;). The attack can be launched remotely and the ...

SUSE SLES15 Security Update : unbound (SUSE-SU-2022:0176-2)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0176-2 advisory. - DISPUTED Unbound before 1.9.5 allows configuration injection in createunboundadservers.sh upon a successful man-in-the-middle attack against ...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2022-1100)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...