16 matches found
MAL-2025-35681 Malicious code in test-mlw2-lieus-barfs-raits-bidon (npm)
The package test-mlw2-lieus-barfs-raits-bidon was found to contain malicious code...
CVE-2024-35681
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18...
CVE-2023-35681
In eattl2capreconfigcompleted of eattimpl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-35681
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18...
CVE-2024-35681 WordPress wpDiscuz plugin <= 7.6.18 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18...
CVE-2024-35681 WordPress wpDiscuz plugin <= 7.6.18 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18...
CVE-2024-35681
CVE-2024-35681 pertains to wpDiscuz (gVectors Team) and is a Stored XSS vulnerability described as Improper Neutralization of Input During Web Page Generation. Affected: wpDiscuz versions from n/a through 7.6.18. The vulnerability type is Cross-site Scripting with Stored payloads; exploitation co...
CVE-2023-35681
CVE-2023-35681 affects Android’s Bluetooth stack (eatt_impl.h: eatt_l2cap_reconfig_completed). Public sources describe a possible out-of-bounds write caused by an integer overflow, which could allow remote code execution with no additional privileges and without user interaction. The available co...
CVE-2023-35681
creationtimestamp| type| source ---|---|--- 2023-09-07 09:36:42+00:00| seen| https://t.me/truesecator/4818 2023-09-24 15:30:19+00:00| seen| https://t.me/malwaresupport/40...
feature-toggle-manager (>=0.0.1 <=0.0.2), hazard-feed (>=0.2.0 <=0.2.5) potentially affected by CVE-2020-35681 via channels (>=3.0.0 <=3.0.2)
channels PYPI version =3.0.0, =0.0.1, =0.2.0, =0.2.5 Source cves: CVE-2020-35681 Source advisory: OSV:GHSA-V542-8Q9X-CFFC...
CVE-2020-35681
Django Channels 3.x before 3.0.3 allows remote attackers to obtain sensitive information from a different request scope. The legacy channels.http.AsgiHandler class, used for handling HTTP type requests in an ASGI environment prior to Django 3.0, did not correctly separate request scopes in Channe...
feature-toggle-manager (>=0.0.1 <=0.0.2), hazard-feed (>=0.2.0 <=0.2.5) potentially affected by CVE-2020-35681 via channels (>=3.0.0 <=3.0.2)
channels PYPI version =3.0.0, =0.0.1, =0.2.0, =0.2.5 Source cves: CVE-2020-35681 Source advisory: OSV:PYSEC-2021-113...
CVE-2020-35681
Django Channels 3.x before 3.0.3 allows remote attackers to obtain sensitive information from a different request scope. The legacy channels.http.AsgiHandler class, used for handling HTTP type requests in an ASGI environment prior to Django 3.0, did not correctly separate request scopes in Channe...
CVE-2020-35681
Technical details about CVE-2020-35681 are not publicly available in the provided connected documents. The sources repeat the vulnerability description but do not expose affected versions, exploitation specifics, mitigations, or patch availability. Monitor for updates.
CVE-2020-35681
Django Channels 3.x before 3.0.3 allows remote attackers to obtain sensitive information from a different request scope. The legacy channels.http.AsgiHandler class, used for handling HTTP type requests in an ASGI environment prior to Django 3.0, did not correctly separate request scopes in Channe...
CVE-2020-35681
Django Channels 3.x before 3.0.3 allows remote attackers to obtain sensitive information from a different request scope. The legacy channels.http.AsgiHandler class, used for handling HTTP type requests in an ASGI environment prior to Django 3.0, did not correctly separate request scopes in Channe...