MAL-2025-36071 Malicious code in test-mlw2-query-alter (npm)

The package test-mlw2-query-alter was found to contain malicious code...

CVE-2025-36071

creationtimestamp| type| source ---|---|--- 2025-07-29 19:42:54+00:00| seen| Telegram/U30IG9UHdc2DhyMRs6g3thJtDpoV0VBecJWVoWKa6pvSYM...

CVE-2025-36071

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query due to improper release of memory resources...

CVE-2025-36071 IBM Db2 denial of service

IBM Db2 for Linux, UNIX and Windows includes DB2 Connect Server 11.5.0 through 11.5.9 and 12.1.0 through 12.1.2 is vulnerable to a denial of service as the server may crash under certain conditions with a specially crafted query due to improper release of memory resources...

CVE-2025-36071

CVE-2025-36071 – IBM Db2 family Summary: IBM Db2 for Linux/UNIX/Windows (incl. DB2 Connect Server) is vulnerable to a denial of service where the server may crash under certain crafted queries due to improper release of memory resources. Impact is limited to specific versions and configurations d...

CVE-2024-36071

Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Search Path...

CVE-2020-36071

creationtimestamp| type| source ---|---|--- 2023-04-06 18:27:07+00:00| seen| https://t.me/cibsecurity/61558 2025-02-14 10:05:08+00:00| seen| Telegram/2xCd6iZQ2vkgCOxMnqsPDpYpwUVci27ufVLpw8U9yAzmpuYq...

CVE-2020-36071

SQL injection vulnerability found in Tailor Management System v.1 allows a remote authenticated attacker to execute arbitrary code via the customer parameter of the email.php page...

CVE-2020-36071

Tailor Management System v1 contains an SQL injection in the email.php page, exploited via the customer parameter. Root cause: unsanitized input enabling code execution. Impact: remote authenticated attacker could execute arbitrary code with high confidentiality, integrity, and availability impac...

CVE-2020-36071

SQL injection vulnerability found in Tailor Management System v.1 allows a remote authenticated attacker to execute arbitrary code via the customer parameter of the email.php page...

CVE-2022-36071

Vulnerability context (CVE-2022-36071): SFTPGo WebAdmin/WebClient allowed generation of recovery codes before two-factor authentication (2FA) was enabled, enabling an attacker who knew a user’s password to potentially generate recovery codes and bypass 2FA later. This affected versions 2.2.0 thro...

CVE-2022-36071 Recovery codes abuse in SFTPGo

SFTPGo is configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. SFTPGo WebAdmin and WebClient support login using TOTP Time-based One Time Passwords as a secondary authentication factor. Because TOTPs are often configured on mobile devices that can be lost, stolen or damaged,...

CVE-2021-36071

Adobe Bridge 11.x versions prior to 11.1.1 are affected by an out-of-bounds read vulnerability (CVE-2021-36071) that can disclose arbitrary memory and bypass mitigations like ASLR. The issue is triggered by opening a malicious file and is tied to parsing of crafted content (per APSB21-69 and Open...

WordPress contact-form-plugin plugin cross-site scripting vulnerability (CNVD-2019-36071)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. contact-form-plugin is a contact form plugin used in it. A cross-site scripting vulnerability exists in the WordPress...