@openinc/parse-server-opendash (>=4.0.0 <=4.0.10) potentially affected by CVE-2026-34595 via parse-server (>=9.6.0-alpha.37 <=9.6.1)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.10 Source cves: CVE-2026-34595 Source advisory: OSV:GHSA-MMG8-87C5-JRC2...

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-34595 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-34595 Source advisory: OSV:GHSA-MMG8-87C5-JRC2...

@openinc/parse-server-opendash (>=4.0.0 <=4.0.10) potentially affected by CVE-2026-34595 via parse-server (>=9.6.0-alpha.37 <=9.6.1)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.10 Source cves: CVE-2026-34595 Source advisory: SNYK:JS-PARSESERVER-15864450...

CVE-2026-34595

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.70 and 9.7.0-alpha.18, an authenticated user with find class-level permission can bypass the protectedFields class-level permission setting on LiveQuery subscriptions. By...

CVE-2024-34595

Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities...

CVE-2024-34595

Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities...

CVE-2024-34595

Improper access control in clickAdapterItem of SystemUI prior to SMR Jul-2024 Release 1 allows local attackers to launch privileged activities...

Tenda Routers Command Injection (CVE-2022-24170; CVE-2022-24171; CVE-2022-28572; CVE-2022-34595; CVE-2022-34596; CVE-2022-34597)

A command injection vulnerability exists in Tenda Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

CVE-2022-34595

creationtimestamp| type| source ---|---|--- 2022-07-06 20:14:28+00:00| seen| https://t.me/cibsecurity/45679...

CVE-2022-34595

The CVE-2022-34595 entry concerns Tenda AX1803, specifically version 1.0.0.1_2890, which is vulnerable to command injection via the setipv6status function. The Red Hat, CNVD, CNNVD, EUVD, CVELIST, PRION, and PT-Security references corroborate a router-level vulnerability described as a command in...

CVE-2021-34595

The CVE-2021-34595 issue affects CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT versions prior to V2.4.7.56. A crafted request with invalid offsets can trigger an out-of-bounds read or write, leading to a denial-of-service condition or local memory overwrite. The issue’s impact is reflected ...

Command injection

The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 34595...

CVE-2025-34595

This CVE entry is rejected/not used and does not represent an active vulnerability.