VulnCheck KEV: CVE-2023-36424

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

CVE-2025-36424

creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

Linux Distros Unpatched Vulnerability : CVE-2025-36424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service due to improper neutralization of special elemen...

CVE-2025-36424 IBM Db2 Denial of Service

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service due to improper neutralization of special elements in data query logic...

Linux Distros Unpatched Vulnerability : CVE-2020-36424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key for RSA or static Diffie-Hellman via a side-channel attack against...

K7 Ultimate Security NULL Pointer Dereference

Title: K7 Ultimate Security v17.0.2019 "K7RKScan.sys" Null Pointer Dereference Date: 13.08.2024 Author: M. Akil Gündoğan Vendor Homepage: https://k7computing.com/ Version: v17.0.2019 Tested on: Windows 10 Pro x64 CVE ID: CVE-2024-36424 Vulnerability Description:...

CVE-2024-36424

creationtimestamp| type| source ---|---|--- 2024-08-06 18:21:59+00:00| seen| https://t.me/cvedetector/2599 2025-03-13 19:42:38+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7478 2025-04-11 21:02:21+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lmkw4bu2hf2a 2025-12-06...

CVE-2024-36424

K7RKScan.sys in K7 Ultimate Security before 17.0.2019 allows local users to cause a denial of service BSOD because of a NULL pointer dereference...

Exploit for Out-of-bounds Read in Microsoft

Information ============== Windows Kernel Pool clfs.sys Cor...

CVE-2023-36424

creationtimestamp| type| source ---|---|--- 2024-03-20 05:06:02+00:00| seen| https://t.me/CyberSecurityTechnologies/9584 2024-03-22 17:30:37+00:00| published-proof-of-concept| https://t.me/CNArsenal/2159 2024-03-23 08:51:43+00:00| seen| https://t.me/proxybar/1949 2024-03-23 23:50:30+00:00|...

CVE-2023-36424

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

CVE-2023-36424 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

CVE-2023-36424 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

CVE-2023-36424

CVE-2023-36424 corresponds to a Windows kernel pool overflow in the clfs.sys mini-filter driver (CLFS) that can lead to privilege escalation. The connected exploit repository describes an out-of-bounds/pool overflow scenario within the kernel pool handling, including verification of a Cloud Repar...

CVE-2022-36424

Cross-Site Request Forgery CSRF vulnerability in Nikola Loncar Easy Appointments plugin = 3.11.9 versions...

CVE-2022-36424 WordPress Easy Appointments Plugin <= 3.11.9 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Nikola Loncar Easy Appointments plugin = 3.11.9 versions...

CVE-2022-36424

CVE-2022-36424 documents a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Easy Appointments, affecting versions up to and including 3.11.9. The issue, caused by insufficient CSRF protection for multiple AJAX actions, could allow an attacker to trigger unintended actions o...

WordPress Easy Appointments Plugin <= 3.11.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software Easy Appointments Type Plugin Vulnerable versions = 3.11.9 Fixed in 3.11.10 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-36424 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 7ad0fdcdf557 Credits István Márton...

CVE-2021-36424

creationtimestamp| type| source ---|---|--- 2023-02-03 20:21:12+00:00| seen| https://t.me/cibsecurity/57490...

CVE-2021-36424

CVE-2021-36424 affects phpwcms 1.9.25 and allows remote attackers to execute arbitrary code via the DB user field during installation. This is documented across multiple sources (NVD, Red Hat, OSV, CNNVD, CVE listing, PT Security) with no publicly available fix version indicated in the provided m...