Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-35810)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35810 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix the lifetime of...

MAL-2025-35810 Malicious code in test-mlw2-motes-liens (npm)

The package test-mlw2-motes-liens was found to contain malicious code...

CVE-2023-35810

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Second-Order PHP Object Injection vulnerability has been identified in the DocuSign module. By using crafted requests, custom PHP code can be injected and executed through the DocuSign module because of missing...

Linux Distros Unpatched Vulnerability : CVE-2024-35810

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix the lifetime of the bo cursor memory The cleanup can be dispatched while the...

CVE-2024-35810 affecting package hyperv-daemons for versions less than 6.6.35.1-1

CVE-2024-35810 affecting package hyperv-daemons for versions less than 6.6.35.1-1. An upgraded version of the package is available that resolves this issue...

Ubuntu: Security Advisory (USN-6817-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-35810

CVE-2024-35810 : In the Linux kernel, a fix addresses a vulnerability in drm/vmwgfx where the lifetime of bo cursor memory could be mishandled during cleanup while an atomic update is active. The kernel previously allowed cleanup to invalidate memory acquired during the atomic update, potentially...

SugarCRM 12.2.0 PHP Object Injection Vulnerability

------------------------------------------------------------------------------- SugarCRM = 12.2.0 DocusignGlobalSettings PHP Object Injection Vulnerability ------------------------------------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions...

SugarCRM 12.2.0 PHP Object Injection

------------------------------------------------------------------------------- SugarCRM = 12.2.0 DocusignGlobalSettings PHP Object Injection Vulnerability ------------------------------------------------------------------------------- - Software Link: https://www.sugarcrm.com - Affected Versions...

CVE-2023-35810

creationtimestamp| type| source ---|---|--- 2023-06-18 02:24:07+00:00| seen| https://t.me/cibsecurity/65320...

CVE-2023-35810

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Second-Order PHP Object Injection vulnerability has been identified in the DocuSign module. By using crafted requests, custom PHP code can be injected and executed through the DocuSign module because of missing...

CVE-2023-35810

CVE-2023-35810 concerns SugarCRM Enterprise (before 11.0.6) and SugarCRM 12.x (before 12.0.3) with a Second-Order PHP Object Injection vulnerability in the DocuSign module. Exploitation requires admin privileges and can be triggered by crafting requests that bypass input validation, allowing inje...

CVE-2023-35810

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Second-Order PHP Object Injection vulnerability has been identified in the DocuSign module. By using crafted requests, custom PHP code can be injected and executed through the DocuSign module because of missing...

CVE-2022-35810

Azure Site Recovery Elevation of Privilege Vulnerability...

CVE-2022-35810

CVE-2022-35810 is an Elevation of Privilege in Microsoft Azure Site Recovery, specifically in the VMWare-to-Azure component. The Nessus-derived data indicates a remote attacker can exploit this to gain elevated privileges on the affected system. The vulnerability is associated with insufficient a...

CVE-2022-35810 Azure Site Recovery Elevation of Privilege Vulnerability

...

CVE-2020-35810

creationtimestamp| type| source ---|---|--- 2020-12-30 02:30:05+00:00| seen| https://t.me/cibsecurity/21402...

CVE-2020-35810

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK20 before 2.3.5.26,...

CVE-2020-35810

CVE-2020-35810 describes a stored cross-site scripting (XSS) vulnerability affecting multiple NETGEAR devices: D7800 (before 1.0.1.56), R7500v2 (before 1.0.3.46), R7800 (before 1.0.2.74), R8900/R9000 (before 1.0.4.28), RAX120 (before 1.0.0.78), RBK/RBR/RBS series (before 2.3.5.30 or 2.3.5.26 for ...

CVE-2020-35810

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.74, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK40 before 2.3.5.30, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK20 before 2.3.5.26,...