12 matches found
PT-2026-33419
CVE-2026-35682 Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution e.g., starting telnetd, resul… https://t.co/eDMzAkWqgx...
CVE-2026-35682
creationtimestamp| type| source ---|---|--- 2026-04-16 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03 2026-04-17 04:54:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116418258665629392 2026-04-17 21:01:06+00:00| seen|...
CVE-2023-35682
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2020-35682
Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authentication Bypass only during SAML login...
CVE-2024-35682 WordPress Otter Blocks PRO plugin <= 2.6.11 - Authenticated Sensitive Data Exposure vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter Blocks PRO.This issue affects Otter Blocks PRO: from n/a through 2.6.11...
WordPress Otter Blocks PRO Plugin <= 2.6.11 is vulnerable to Sensitive Data Exposure
Software Otter Blocks PRO Type Plugin Vulnerable versions = 2.6.11 Fixed in 2.6.12 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-35682 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 106a1e47802a Credits Dave Jong Patchstack...
CVE-2023-35682
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2023-35682
CVE-2023-35682 affects Android components via a flaw in hasPermissionForActivity in PackageManagerHelper.java, enabling a confused deputy to start arbitrary components and potentially achieve local elevation of privilege. Exploitation requires user interaction, and the base CVSS indicates local a...
CVE-2020-35682
Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authentication Bypass only during SAML login...
CVE-2020-35682
CVE-2020-35682 affects Zoho ManageEngine ServiceDesk Plus prior to version 11134, where an Authentication Bypass can occur during SAML login due to the underlying authorization flaw. Public sources consistently describe an SAML-login bypass leading to elevated access; patches exist to reach versi...
CVE-2020-35682
Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authentication Bypass only during SAML login...
Exploit for Incorrect Authorization in Zohocorp Manageengine_Servicedesk_Plus
CVE-2020-35682 SD-91948: CVE-2020-35682: Authentication Bypas...