MAL-2025-36167 Malicious code in test-mlw2-saree-herma (npm)

The package test-mlw2-saree-herma was found to contain malicious code...

CVE-2021-36167

An improper authorization vulnerabiltiy CWE-285 in FortiClient Windows versions 7.0.0 and 6.4.6 and below and 6.2.8 and below may allow an unauthenticated attacker to bypass the webfilter control via modifying the session-id paramater...

CVE-2020-36167

An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/local/ssl/openssl.cnf configuration file, whi...

CVE-2024-36167

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-36167 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2023-36167

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

AVG Anti Spyware 7.5 Unquoted Service Path

Exploit Title: AVG Anti Spyware 7.5 - Unquoted Service Path Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: https://www.avg.com Software Link: https://www.avg.com/en-ww/homepagepc Version: 7.5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36167 PoC C:\Userswmic service get...

AVG Anti Spyware 7.5 - Unquoted Service Path "AVG Anti-Spyware Guard"

Exploit Title: AVG Anti Spyware 7.5 - Unquoted Service Path Date: 06/07/2023 Exploit Author: Idan Malihi Vendor Homepage: https://www.avg.com Software Link: https://www.avg.com/en-ww/homepagepc Version: 7.5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36167 PoC C:\Userswmic service get...

AVG Anti Spyware 7.5 - Unquoted Service Path (AVG Anti-Spyware Guard) Vulnerability

Exploit Title: AVG Anti Spyware 7.5 - Unquoted Service Path Exploit Author: Idan Malihi Vendor Homepage: https://www.avg.com Software Link: https://www.avg.com/en-ww/homepagepc Version: 7.5 Tested on: Microsoft Windows 10 Pro CVE : CVE-2023-36167 PoC C:\Userswmic service get...

CVE-2023-36167

creationtimestamp| type| source ---|---|--- 2023-07-10 11:00:42+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8643 2023-07-11 14:57:43+00:00| published-proof-of-concept| Telegram/ZPMcjDlYbbDJ3etZP3BqKChdYJaSzNeePm8ZdO0d0CqNg 2023-07-11 18:29:45+00:00| seen|...

CVE-2021-36167

An improper authorization vulnerabiltiy CWE-285 in FortiClient Windows versions 7.0.0 and 6.4.6 and below and 6.2.8 and below may allow an unauthenticated attacker to bypass the webfilter control via modifying the session-id paramater...

CVE-2021-36167

CVE-2021-36167 describes an improper authorization vulnerability (CWE-285) in FortiClient for Windows that could allow an unauthenticated attacker to bypass the web filter by modifying the session-id parameter. Affected products/versions include FortiClient Windows 7.0.0, 6.4.6 and earlier, and 6...

CVE-2020-36167

Veritas Backup Exec (versions 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517) loads the OpenSSL library from the Installation folder at startup, which then reads /usr/local/ssl/openssl.cnf. If that file is missing or writable by a low-privilege user on Windows (e.g., C:\usr\local\...

Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location

Overview Veritas Backup Exec contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user can create files. Description CVE-2019-1552 Veritas Backup Exec includes an OpenSSL component that specifies an OPENSSLD...

CVE-2023-36167

CVE-2023-36167 is associated with AVG Anti‑Spyware 7.5 and a local unquoted service path vulnerability in the AVG Anti Spyware Guard service. Affected component: guard.exe under C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5. The underlying issue is an unquoted or improperly quoted service b...