MAL-2025-36264 Malicious code in test-mlw2-slush-gulls (npm)

The package test-mlw2-slush-gulls was found to contain malicious code...

CVE-2024-36264

UNSUPPORTED WHEN ASSIGNED Improper Authentication vulnerability in Apache Submarine Commons Utils. If the user doesn't explicitly set submarine.auth.default.secret, a default value will be used. This issue affects Apache Submarine Commons Utils: from 0.8.0. As this project is retired, we do not...

CVE-2022-36264

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename a...

CVE-2024-36264

creationtimestamp| type| source ---|---|--- 2025-03-20 19:18:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8263...

org.apache.submarine:submarine-all (>=0.4.0 <=0.8.0-RC0), org.apache.submarine:submarine-client (>=0.4.0 <=0.8.0-RC0) +12 more potentially affected by CVE-2024-36264 via org.apache.submarine:submarine-commons-utils (>=0.4.0 <=0.8.0)

org.apache.submarine:submarine-commons-utils MAVEN version =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.8.0, =0.4.0, =0.8.0, =0.8.0, =0.6.0, =0.8.0-RC0 Source cves: CVE-2024-36264 Source advisory: OSV:GHSA-JWCG-WV5X-VG3G...

CVE-2024-36264

UNSUPPORTED WHEN ASSIGNED Improper Authentication vulnerability in Apache Submarine Commons Utils. If the user doesn't explicitly set submarine.auth.default.secret, a default value will be used. This issue affects Apache Submarine Commons Utils: from 0.8.0. As this project is retired, we do not...

CVE-2024-36264 Apache Submarine Commons Utils: default secret

UNSUPPORTED WHEN ASSIGNED Improper Authentication vulnerability in Apache Submarine Commons Utils. If the user doesn't explicitly set submarine.auth.default.secret, a default value will be used. This issue affects Apache Submarine Commons Utils: from 0.8.0. As this project is retired, we do not...

CVE-2024-36264

CVE-2024-36264 concerns Apache Submarine Commons Utils with an improper authentication flaw. The issue arises if submarine.auth.default.secret is not set, as a default secret is used, potentially enabling unauthorized access. Affected version: 0.8.0 and later; note the project is retired and no f...

CVE-2024-36264 Apache Submarine Commons Utils: default secret

UNSUPPORTED WHEN ASSIGNED Improper Authentication vulnerability in Apache Submarine Commons Utils. If the user doesn't explicitly set submarine.auth.default.secret, a default value will be used. This issue affects Apache Submarine Commons Utils: from 0.8.0. As this project is retired, we do not...

CVE-2020-36264

CVE-2020-36264 entry is rejected/not used and does not represent an active vulnerability.

CVE-2022-36264

creationtimestamp| type| source ---|---|--- 2022-08-08 18:24:07+00:00| seen| https://t.me/cibsecurity/47749 2024-03-11 07:14:50+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/10122...

CVE-2022-36264

Airspan AirSpot 5410 (versions up to 0.3.4.1-4 and earlier) is affected by an unauthenticated remote Arbitrary File Upload vulnerability. The root cause is filename manipulation with a relative path during the upload process, allowing an attacker to overwrite any file or upload a new file. Affect...