CVE-2024-36077

Qlik Sense Enterprise for Windows before 14.187.4 allows a remote attacker to elevate their privilege due to improper validation. The attacker can elevate their privilege to the internal system role, which allows them to execute commands on the server. This affects February 2024 Patch 3 14.173.3...

Qlik Sense Enterprise Privilage Escalation (CVE-2024-36077)

The version of Qlik Sense Enterprise installed on the remote Windows host is prior to May 2022 prior to Patch 18, August 2022 prior to Patch 17, November 2022 prior to Patch 14, February 2023 prior to Patch 14, May 2023 prior to Patch 16, August 2023 prior to Patch 14, November 2023 prior to patc...

CVE-2024-36077

creationtimestamp| type| source ---|---|--- 2024-05-25 15:54:29+00:00| published-proof-of-concept| https://t.me/HackingInsights/905...

CVE-2024-36077

Qlik Sense Enterprise for Windows before 14.187.4 allows a remote attacker to elevate their privilege due to improper validation. The attacker can elevate their privilege to the internal system role, which allows them to execute commands on the server. This affects February 2024 Patch 3 14.173.3...

CVE-2020-36077

creationtimestamp| type| source ---|---|--- 2023-04-10 16:36:05+00:00| seen| https://t.me/cibsecurity/61745 2023-12-17 22:21:59+00:00| seen| https://t.me/arpsyndicate/1854...

CVE-2020-36077

SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the customer parameter of the orderadd.php file...

CVE-2020-36077

CVE-2020-36077 describes an SQL injection in Tailor Mangement System v1, exploitable via the customer parameter of orderadd.php, potentially leading to arbitrary code execution. Public details consistently identify the vulnerable component as the Tailor Mangement System and the trigger is a query...

CVE-2020-36077

SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the customer parameter of the orderadd.php file...

CVE-2020-36077

SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the customer parameter of the orderadd.php file...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a remote attacker due to the electron module (CVE-2022-29247, CVE-2022-36077)

Summary IBM App Connect Enterprise is vulnerable to a remote attacker due to the electron module CVE-2022-29247, CVE-2022-36077. Electron is used for Discovery Connectors in IBM App Connect Enterprise. The latest fixpack includes electron v21.2.0 Vulnerability Details CVEID:CVE-2022-36077...

0.app1 (=1.0.52), 0.edsql (>=1.0.49 <=1.0.50) +435 more potentially affected by CVE-2022-36077 via electron (>=0.1.2 <=18.3.2)

electron NPM version =0.1.2, =1.0.49, =1.0.49, =1.0.49, =1.0.0, =1.0.6, =4.0.23, =0.0.7, =0.0.73, =1.0.0, =2.0.0, =2.0.2 and more Source cves: CVE-2022-36077 Source advisory: OSV:GHSA-P2JH-44QJ-PF2V...

CVE-2022-36077

creationtimestamp| type| source ---|---|--- 2022-11-08 12:34:59+00:00| seen| https://t.me/cibsecurity/52618...

CVE-2022-36077

The CVE-2022-36077 vulnerability affects the Electron framework in versions prior to 21.0.0-beta.1, 20.0.1, 19.0.11, and 18.3.7, where following redirects to file:// URLs can trigger Windows NTLM credential leakage via SMB targets. The issue is triggered when Electron delays a redirect check betw...

CVE-2021-36077

creationtimestamp| type| source ---|---|--- 2021-09-01 18:35:09+00:00| seen| https://t.me/cibsecurity/28163...

CVE-2021-36077

Adobe Bridge 11.x before 11.1.1 is vulnerable to a memory corruption issue caused by improper handling of crafted SVG files, potentially allowing local denial of service in the context of the current user. Exploitation requires user interaction. This is CVE-2021-36077 and is listed among vulnerab...

Adobe Bridge 11.x < 11.1.1 Multiple Vulnerabilities (APSB21-69)

The version of Adobe Bridge installed on the remote Windows host is prior to 11.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb21-69 advisory. - Adobe Bridge version 11.1 and earlier is affected by a memory corruption vulnerability due to insecure handling of...

WordPress events-manager plugin cross-site scripting vulnerability (CNVD-2019-36077)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. events-manager is an events management plugin used in it. A cross-site scripting vulnerability exists in the WordPress...