PT-2026-8266

CVE-2025-36534 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-36534 Published : Feb. 13, 2026, 7:16 p.m. | 18 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused Severity: 0.0 | NA Visit the...

CVE-2024-36534

Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token...

CVE-2024-36534

creationtimestamp| type| source ---|---|--- 2024-07-24 23:20:37+00:00| seen| https://t.me/cvedetector/1600...

CVE-2024-36534

Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token...

Zoom Client for Meetings < 5.14.7 Vulnerability (ZSB-23030)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.14.7. It is, therefore, affected by a vulnerability as referenced in the ZSB-23030 advisory. - Path traversal in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalati...

Zoom Client < 5.14.7 Multiple Privilege Escalation Vulnerabilities (ZSB-23030, ZSB-23032) - Windows

Zoom Client is prone to multiple privilege escalation vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:zoom:zoom"...

CVE-2023-36534

Path traversal in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access...

CVE-2023-36534

CVE-2023-36534 describes a path traversal vulnerability in Zoom Desktop Client for Windows prior to version 5.14.7, allowing an unauthenticated attacker to escalate privileges via network access. The issue affects the Zoom Desktop Client on Windows and is exploited through path traversal, enablin...

Metasploit Weekly Wrap-Up

A sack full of cheer from the Hacking Elves of Metasploit It is clear that the Metasploit elves have been busy this season: Five new modules, six new enhancements, nine new bug fixes, and a partridge in a pear tree are headed out this week! Partridge nor pear tree included. In this sack of goodie...

CVE-2022-36534

creationtimestamp| type| source ---|---|--- 2022-12-14 13:08:11+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/syncoverylinuxrce202236534.rb 2025-02-06 03:13:45+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:47+00:00|...

CVE-2022-39390

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-36534. Reason: This candidate is a reservation duplicate of CVE-2020-36534. Notes: All CVE users should reference CVE-2020-36534 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-36534. Reason: This candidate is a reservation duplicate of CVE-2020-36534. Notes: All CVE users should reference CVE-2020-36534 instead of this candidate. All references and descriptions in this candidate have been removed t...

CVE-2022-3772

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-36534. Reason: This candidate is a reservation duplicate of CVE-2020-36534. Notes: All CVE users should reference CVE-2020-36534 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

CVE-2022-36534

Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain multiple remote code execution RCE vulnerabilities via the JobExecuteBefore and JobExecuteAfter parameters at postprofilesettings.php...

CVE-2022-36534

Syncovery for Linux (Syncovery 9, v9.47x and below) contains authenticated remote code execution via Job_ExecuteBefore/Job_ExecuteAfter in post_profilesettings.php. The vulnerability allows an authenticated user to create jobs that execute commands when a profile runs, potentially executing arbit...

CVE-2020-36534

easyii CMS contains a Cross-Site Request Forgery (CSRF) vulnerability affecting an unknown function in /admin/sign/out. The issue allows remote exploitation and exploitation details have been disclosed publicly. Multiple connected sources identify this as a CSRF condition in the admin/logout path...

CVE-2022-3772

CVE-2022-3772 relates to a cross-site request forgery in easyii CMS affecting the /admin/sign/out function. The vulnerability can be triggered remotely and is described across multiple sources (PT-2022-24047, CNNVD-202210-2536, EUVD entries) as a CSRF in easyii CMS with unknown affected versions;...

CVE-2025-36534

...

CVE-2025-36534

This CVE entry is rejected/not used and does not represent an active vulnerability entry.