MAL-2025-36198 Malicious code in test-mlw2-scuts-dorts (npm)

The package test-mlw2-scuts-dorts was found to contain malicious code...

CVE-2024-36198 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2023-36198

creationtimestamp| type| source ---|---|--- 2023-08-26 00:14:38+00:00| seen| https://t.me/cibsecurity/69220...

CVE-2023-36198

Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function...

CVE-2023-36198

Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function...

CVE-2023-36198

CVE-2023-36198 is a buffer overflow vulnerability in the skalenetwork sgxwallet package, affecting version 1.9.0. The root cause is in the trustedBlsSignMessage function, allowing an attacker to cause a denial of service. Public references consistently describe DoS impact without detailing exploi...

CVE-2022-36198

creationtimestamp| type| source ---|---|--- 2022-08-22 07:20:10+00:00| seen| https://t.me/cibsecurity/48469...

CVE-2022-36198

CVE-2022-36198 affects Bus Pass Management System 1.0. The vulnerability is multiple SQL injections in endpoints buspassms/admin/view-enquiry.php, buspassms/admin/pass-bwdates-reports-details.php, buspassms/admin/changeimage.php, buspassms/admin/search-pass.php, buspassms/admin/edit-category-deta...

CVE-2021-36198

creationtimestamp| type| source ---|---|--- 2021-12-06 20:20:52+00:00| seen| https://t.me/cibsecurity/33395...

CVE-2021-36198

CVE-2021-36198 affects Johnson Controls’ Entrapass (security management software). The connected sources show an information disclosure vulnerability where an unauthorized actor could access potentially sensitive data. Affected products: Entrapass, all versions prior to 8.40. The issue is modeled...

CVE-2020-36198

creationtimestamp| type| source ---|---|--- 2021-10-25 22:32:43+00:00| seen| MISP/63ddead6-4b82-414c-ad8e-c516b950b446...

QNAP Music Station/Malware Remover未授权远程代码执行漏洞（CVE-2020-36197 CVE-2020-36198）

QNAP MusicStation/MalwareRemover Pre-Auth Remote Code Execution Summary QNAP MusicStation and MalwareRemover official apps are affected by an arbitrary file upload and a command injection vulnerabilities, leading to pre-auth remote root command execution. Product description from vendor “QNAP...

QNAP MusicStation / MalwareRemover File Upload / Command Injection Vulnerabilities

QNAP MusicStation/MalwareRemover Pre-Auth Remote Code Execution Summary QNAP MusicStation and MalwareRemover official apps are affected by an arbitrary file upload and a command injection vulnerabilities, leading to pre-auth remote root command execution. Product description from vendor “QNAP...

CVE-2020-36198

CVE-2020-36198 affects certain versions of QNAP’s Malware Remover (prior to 4.6.1.0). The vulnerability enables remote command execution via the Malware Remover/Music Station components (root cause involves command injection in modules used by malware-removal tooling). Connected reports describe ...