Exploit for Authentication Bypass Using an Alternate Path or Channel in Silverpeas

Silverpeas-AuthBypass-CVE-2024-36042 A clean, single-file P...

CVE-2025-36042

creationtimestamp| type| source ---|---|--- 2025-08-22 15:12:33+00:00| seen| Telegram/jKAlubd9Fs6CnQNKFn0jHldsfbxBpedudcX3110vUgikmo0...

CVE-2025-36042

IBM QRadar SIEM versions 7.5 through 7.5.0 Dashboard are vulnerable to cross-site scripting (CVE-2025-36042). An authenticated user can embed arbitrary JavaScript in the Web UI, potentially altering functionality and disclosing credentials within a trusted session. The issue is tied to the Dashbo...

Security Bulletin: IBM QRadar SIEM is affected by local privilege escalation and cross-site scripting (CVE-2025-33120, CVE-2025-36042)

Summary IBM QRadar SIEM is affected by local privilege escalation and cross-site scripting, which could enable authenticated users to obtain elevated privileges and compromise the web UI potentially impacting session confidentiality. Vulnerability Details CVEID:CVE-2025-33120 DESCRIPTION: IBM...

CVE-2024-36042

creationtimestamp| type| source ---|---|--- 2025-01-19 17:02:13+00:00| seen| https://bsky.app/profile/decrypt.lol/post/3lg4chhx2kl2n 2025-03-12 03:30:38+00:00| seen| https://gist.github.com/wulfgarpro/a625586ce55cc602e21ed69b6e29e4d4 2025-08-20 09:00:04+00:00| published-proof-of-concept|...

CVE-2024-36042

Silverpeas before 6.3.5 allows authentication bypass by omitting the Password field to AuthenticationServlet, often providing an unauthenticated user with superadmin access...

CVE-2024-36042

Silverpeas before 6.3.5 allows authentication bypass by omitting the Password field to AuthenticationServlet, often providing an unauthenticated user with superadmin access...

CVE-2024-36042

Silverpeas before 6.3.5 allows authentication bypass by omitting the Password field to AuthenticationServlet, often providing an unauthenticated user with superadmin access...

CVE-2024-36042

CVE-2024-36042 affects Silverpeas prior to 6.3.5. The issue allows authentication bypass by omitting the Password field to AuthenticationServlet, often granting an unauthenticated user superadmin access. Root cause: missing Password field handling leads to bypass of authentication checks (as desc...

January 9, 2024-KB5033920 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 and Windows 11, version 23H2

January 9, 2024-KB5033920 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 and Windows 11, version 23H2 Revised July 7, 2025: Updated 'How to get this update' section. Release Date: January 9, 2024 Version: .NET Framework 3.5 and 4.8.1 The January 9, 2024 update for...

January 9, 2024-KB5034274 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2

January 9, 2024-KB5034274 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 Release Date: January 9, 2024 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows 10 Version...

January 9, 2024-KB5033917 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2

January 9, 2024-KB5033917 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 Release Date: January 9, 2024 Version: .NET Framework 3.5 and 4.8.1 The January 9, 2024 update for Microsoft server operating system, version 23H2 includes security and...

Security Updates for Microsoft Visual Studio Products (November 2023)

The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of...

CVE-2023-36042

Visual Studio Denial of Service Vulnerability...

CVE-2023-36042

Visual Studio Denial of Service Vulnerability...

CVE-2023-36042 Visual Studio Denial of Service Vulnerability

...

CVE-2023-36042 Visual Studio Denial of Service Vulnerability

...

CVE-2023-36042

CVE-2023-36042 is a Microsoft .NET Framework-related Denial of Service vulnerability. Connected sources show that multiple monthly security updates (KB5034276/KB5034274/KB5034275/KB5033920–KB5033910 family) address this issue across Windows 10/11, Azure Stack HCI, and server variants by applying ...

CVE-2022-36042

creationtimestamp| type| source ---|---|--- 2022-09-06 22:13:34+00:00| seen| https://t.me/cibsecurity/49345...

CVE-2022-36042 Rizin Out-of-bounds Write vulnerability in dyld cache binary plugin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from dyld cache files. A user opening a malicious dyld cache file could be affected by this vulnerability, allowing an attacker to execu...